Abstract
In This Paper, a Two-Stage Methodology to Analyze and Detect Behavioral-Based Malware is Presented. in the First Stage, a Random Projection is Decreasing the Variable Dimensionality of the Problem and is Simultaneously Reducing the Computational Time of the Classification Task by Several Orders of Magnitude. in the Second Stage, a Modified K-Nearest Neighbors Classifier is Used with Virus total Labeling of the File Samples. This Methodology is Applied to a Large Number of File Samples Provided by F-Secure Corporation, for Which a Dynamic Feature Has Been Extracted during Deep guard Sandbox Execution. as a Result, the Files Classified as False Negatives Are Used to Detect Possible Malware that Were Not Detected in the First Place by Virus total. the Reduced Number of Selected False Negatives Allows the Manual Inspection by a Human Expert. © 2011 Ieee.
Recommended Citation
J. Hegedus et al., "Methodology for Behavioral-Based Malware Analysis and Detection using Random Projections and K-Nearest Neighbors Classifiers," Proceedings - 2011 7th International Conference on Computational Intelligence and Security, CIS 2011, pp. 1016 - 1023, article no. 6128278, Institute of Electrical and Electronics Engineers, Dec 2011.
The definitive version is available at https://doi.org/10.1109/CIS.2011.227
Department(s)
Engineering Management and Systems Engineering
Keywords and Phrases
K nearest neighbors; Machine learning; Malware detection; Random projections
International Standard Book Number (ISBN)
978-076954584-4
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2024 Institute of Electrical and Electronics Engineers, All rights reserved.
Publication Date
01 Dec 2011
