Analysis of Machine Learning Techniques used in Malware Classification in Cloud Computing Environment
|
10.5120/ijca2016908184 |
Ajeet Kumar, Naman Sharma, Abhishek Khanna and Saurav Gandhi. Article: Analysis of Machine Learning Techniques used in Malware Classification in Cloud Computing Environment. International Journal of Computer Applications 133(15):15-18, January 2016. Published by Foundation of Computer Science (FCS), NY, USA. BibTeX
@article{key:article,
author = {Ajeet Kumar and Naman Sharma and Abhishek Khanna and Saurav Gandhi},
title = {Article: Analysis of Machine Learning Techniques used in Malware Classification in Cloud Computing Environment},
journal = {International Journal of Computer Applications},
year = {2016},
volume = {133},
number = {15},
pages = {15-18},
month = {January},
note = {Published by Foundation of Computer Science (FCS), NY, USA}
}
Abstract
Study the behavior of malicious software, understand the security challenges, detect the malware behavior automatically using dynamic approach. Study various classification techniques and to group these malwares and able to cluster different malware into unknown group whose characteristics are not known. The classifiers used in this research are k-Nearest Neighbors (kNN), J48 Decision Tree, and n-grams. Based on the analysis of the tests and experimental results of all the 3 classifiers, the overall best performance was achieved by J48 decision tree with a recall of 96.3%.
References
- G. Mc Graw, G. Morrisett, “Attacking malicious code: Report to the infosec research council”, IEEE Software, 17(5) , Sept 2000, pp. 3341.
- Wagner M. (2004). Behavior Oriented Detection of Malicious Code at Run-time. M.Sc. Thesis, Florida Institute of Technology.
- C.Willems, T.Holz, and F.Freiling. Toward Automated Dynamic Malware Analysis Using CWSandbox. IEEE Security and Privacy, 2007, 5(2):32-39.
- U.Bayer, C.Kruegel, and E.Kirda. TTanalyze: A Tool for Analyzing Malware. In 15th Annual Conference of the European Institute for Computer Antivirus Research, Hamburg, Germany, 2006: 180–192.
- M.Bailey, J.Oberheide, J.Andersen, Z.M.Mao, F.Jahanian,and J.Nazario. Automated classification and analysis of internet malware. In Proceedings RAID07, pages 178–197,2007.
- Tony Lee & Jigar J. Mody Behavioral Classification. In Proceedings of EICAR2006, April 2006.
- T.Holz,C.Willems,K.Rieck,P.Duessel,andP.Laskov.Learning and Classification of Malware Behavior.In DIMVA08,June2008
- Yongtao Hu Unknown Malicious Executables Detection Based on Run-Time Behavior In Fuzzy Systems and Knowledge Discovery, 2008 pp. 391-395.
- Wikipedia, “Sandbox” [Online], Available: http://en.wikipedia.org/wiki/Sandbox
- V. I. Levenshtein, Binary codes capable of correcting deletions, insertions, and reversals. Soviet Physics Doklady 10 (1966):707–710.
- Hengli Zhao, Ming Xu, Ning Zheng, Jingjing Yao, Qiang Hou Malicious executables classification based on behavioral factor analysis
- J. Han, M. Kamber, Data Mining: Concepts and Techniques, Morgan Kaufmann, August 2000.
- M. Chandrasekaran, V. Vidyaraman, and S. J. Upadhyaya, “Spycon: Emulating user activities to detect evasive spyware,” in IPCCC. IEEE Computer Society, 2007, pp. 502–509.
- L. Natrajan, “http://sarvamblog.blogspot.com/”, [ONLINE],2014
- L. Natrajan, S, Karthikayen, G. Jacob, and B. Manjunath, “Malware images: visualization symposium on visualization for cybersecurity. ACM, 2011, p.4
- Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop, AIS.
- D. Bilar. Statistical structures: Fingerprinting malware for classification and analysis. In Blackhat, 2006
- L. Breiman. Bagging predictors. Mach. Learn., 24(2):123–140, Aug. 1996
- L. I. Kuncheva. Ensemble Methods, pages 186–229. John Wiley & Sons, Inc., 2014.
Keywords
Malware, Opcode n-grams, Bytecode n-grams, malware behaviors; malware classification.