Malware classification method based on static multiple-feature fusion
In recent years,the amount of the malwares has tended to rise explosively.New malicious samples emerge as variability and polymorphism.By means of polymorphism,shelling and confusion,traditional ways of detecting can be avoided.On the basis of massive malicious samples,a safe and efficient method wa...
Saved in:
Main Authors: | , , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
POSTS&TELECOM PRESS Co., LTD
2017-11-01
|
Series: | 网络与信息安全学报 |
Subjects: | |
Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00217 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
_version_ | 1841530145781841920 |
---|---|
author | Bo-wen SUN Yan-yi HUANG Qiao-kun WEN Bin TIAN Peng WU Qi LI |
author_facet | Bo-wen SUN Yan-yi HUANG Qiao-kun WEN Bin TIAN Peng WU Qi LI |
author_sort | Bo-wen SUN |
collection | DOAJ |
description | In recent years,the amount of the malwares has tended to rise explosively.New malicious samples emerge as variability and polymorphism.By means of polymorphism,shelling and confusion,traditional ways of detecting can be avoided.On the basis of massive malicious samples,a safe and efficient method was designed to classify the mal-wares.Extracting three static features including file byte features,assembly features and PE features,as well as im-proving generalization of the model through feature fusion and ensemble learning,which realized the complementarity between the features and the classifier.The experiments show that the sample achieve a stable F1-socre (93.56%). |
format | Article |
id | doaj-art-88e1db8d14d5423ba2980680a799702a |
institution | Kabale University |
issn | 2096-109X |
language | English |
publishDate | 2017-11-01 |
publisher | POSTS&TELECOM PRESS Co., LTD |
record_format | Article |
series | 网络与信息安全学报 |
spelling | doaj-art-88e1db8d14d5423ba2980680a799702a2025-01-15T03:12:27ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2017-11-013687659552170Malware classification method based on static multiple-feature fusionBo-wen SUNYan-yi HUANGQiao-kun WENBin TIANPeng WUQi LIIn recent years,the amount of the malwares has tended to rise explosively.New malicious samples emerge as variability and polymorphism.By means of polymorphism,shelling and confusion,traditional ways of detecting can be avoided.On the basis of massive malicious samples,a safe and efficient method was designed to classify the mal-wares.Extracting three static features including file byte features,assembly features and PE features,as well as im-proving generalization of the model through feature fusion and ensemble learning,which realized the complementarity between the features and the classifier.The experiments show that the sample achieve a stable F1-socre (93.56%).http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00217malwarefamily classificationstatic analysismachine learningmodel fusion |
spellingShingle | Bo-wen SUN Yan-yi HUANG Qiao-kun WEN Bin TIAN Peng WU Qi LI Malware classification method based on static multiple-feature fusion 网络与信息安全学报 malware family classification static analysis machine learning model fusion |
title | Malware classification method based on static multiple-feature fusion |
title_full | Malware classification method based on static multiple-feature fusion |
title_fullStr | Malware classification method based on static multiple-feature fusion |
title_full_unstemmed | Malware classification method based on static multiple-feature fusion |
title_short | Malware classification method based on static multiple-feature fusion |
title_sort | malware classification method based on static multiple feature fusion |
topic | malware family classification static analysis machine learning model fusion |
url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00217 |
work_keys_str_mv | AT bowensun malwareclassificationmethodbasedonstaticmultiplefeaturefusion AT yanyihuang malwareclassificationmethodbasedonstaticmultiplefeaturefusion AT qiaokunwen malwareclassificationmethodbasedonstaticmultiplefeaturefusion AT bintian malwareclassificationmethodbasedonstaticmultiplefeaturefusion AT pengwu malwareclassificationmethodbasedonstaticmultiplefeaturefusion AT qili malwareclassificationmethodbasedonstaticmultiplefeaturefusion |