期刊
INFORMATION SCIENCES
卷 231, 期 -, 页码 64-82出版社
ELSEVIER SCIENCE INC
DOI: 10.1016/j.ins.2011.08.020
关键词
Malware detection; Computer security; Data mining; Machine learning; Supervised learning
资金
- Ministry of Industry of Spain, project Cenit SEGUR@, Security and Trust in the Information Society [BOE 35]
Malware can be defined as any type of malicious code that has the potential to harm a computer or network. The volume of malware is growing faster every year and poses a serious global security threat. Consequently, malware detection has become a critical topic in computer security. Currently, signature-based detection is the most widespread method used in commercial antivirus. In spite of the broad use of this method, it can detect malware only after the malicious executable has already caused damage and provided the malware is adequately documented. Therefore, the signature-based method consistently fails to detect new malware. In this paper, we propose a new method to detect unknown malware families. This model is based on the frequency of the appearance of opcode sequences. Furthermore, we describe a technique to mine the relevance of each opcode and assess the frequency of each opcode sequence. In addition, we provide empirical validation that this new method is capable of detecting unknown malware. (C) 2011 Elsevier Inc. All rights reserved.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据