Masters Theses
Abstract
"Efficient and accurate malware detection is increasingly becoming a necessity for society to operate. Existing malware detection systems have excellent performance in identifying known malware for which signatures are available, but poor performance in anomaly detection for zero day exploits for which signatures have not yet been made available or targeted attacks against a specific entity. The primary goal of this thesis is to provide evidence for the potential of learning classier systems to improve the accuracy of malware detection.
A customized system based on a state-of-the-art learning classier system is presented for adaptive rule-based malware detection, which combines a rule-based expert system with evolutionary algorithm based reinforcement learning, thus creating a self-training adaptive malware detection system which dynamically evolves detection rules.
This system is analyzed on a benchmark of malicious and non-malicious files. Experimental results show that the system can outperform C4.5, a well-known non-adaptive machine learning algorithm, under certain conditions. The results demonstrate the system's ability to learn effective rules from repeated presentations of a tagged training set and show the degree of generalization achieved on an independent test set.
This thesis is an extension and expansion of the work published in the Security, Trust, and Privacy for Software Applications workshop in COMPSAC 2011 - the 35th Annual IEEE Signature Conference on Computer Software and Applications"--Abstract, page iii.
Advisor(s)
Tauritz, Daniel R.
Committee Member(s)
McMillin, Bruce M.
Mulder, Samuel A., 1975-
Department(s)
Computer Science
Degree Name
M.S. in Computer Science
Sponsor(s)
Sandia Laboratories
Publisher
Missouri University of Science and Technology
Publication Date
Fall 2011
Pagination
ix, 72 pages
Note about bibliography
Includes bibliographical references (pages 135-137).
Rights
© 2011 Jonathan Joseph Blount, All rights reserved.
Document Type
Thesis - Open Access
File Type
text
Language
English
Subject Headings
Computer security -- Computer programsLearning classifier systemsMalware (Computer software) -- Detection
Thesis Number
T 9917
Print OCLC #
794670887
Electronic OCLC #
755084639
Recommended Citation
Blount, Jonathan Joseph, "Adaptive rule-based malware detection employing learning classifier systems" (2011). Masters Theses. 5008.
https://scholarsmine.mst.edu/masters_theses/5008