Ensemble based categorization and adaptive model for malware detection

Malware, a term which was derived from two words; malicious software has caused many problem to the computer users throughout the world. Previously was known as many names; trojan, virus, worms, dialers and many others, thid potientially unwanted software simply labeled as malware. Malware is a software, which works as any other benigh software, but was designed to accomplish the goal of its writers. It was written to exploit the vulnerability of the target victim's operating system or application. Previously was a primitive and easy to detect, it evolves to a sophisticated and professionally written piece of software. Current malware detection method involved string search algorithm which based on the pattern detection. This may include the use of signature based method. In this paper, we propose an ensemble categorization by using ensemble classification and clustering together with adaptive learning model.

[1]  Christoph F. Eick,et al.  Adaptive clustering: obtaining better clusters using feedback and past experience , 2005, Fifth IEEE International Conference on Data Mining (ICDM'05).

[2]  Xindong Wu,et al.  The Top Ten Algorithms in Data Mining , 2009 .

[3]  Cristiano Giuffrida,et al.  Bait Your Hook: A Novel Detection Technique for Keyloggers , 2010, RAID.

[4]  Carsten Willems,et al.  Automatic analysis of malware behavior using machine learning , 2011, J. Comput. Secur..

[5]  Anil K. Jain,et al.  Adaptive clustering ensembles , 2004, Proceedings of the 17th International Conference on Pattern Recognition, 2004. ICPR 2004..

[6]  Mamoun Alazab,et al.  Towards Understanding Malware Behaviour by the Extraction of API Calls , 2010, 2010 Second Cybercrime and Trustworthy Computing Workshop.

[7]  Eric Filiol,et al.  Behavioral detection of malware: from a survey towards an established taxonomy , 2008, Journal in Computer Virology.

[8]  Yuval Elovici,et al.  Applying Machine Learning Techniques for Detection of Malicious Code in Network Traffic , 2007, KI.

[9]  Vipin Kumar,et al.  Chapman & Hall/CRC Data Mining and Knowledge Discovery Series , 2008 .

[10]  Qian Huang,et al.  Mining distinguishing patterns based on malware traces , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[11]  S. Katzenbeisser,et al.  Malware Normalization , 2005 .

[12]  Shouhuai Xu,et al.  Analyzing and Exploiting Network Behaviors of Malware , 2010, SecureComm.

[13]  D. Opitz,et al.  Popular Ensemble Methods: An Empirical Study , 1999, J. Artif. Intell. Res..

[14]  Lynn Batten,et al.  Classification of Malware Based on String and Function Feature Selection , 2010, 2010 Second Cybercrime and Trustworthy Computing Workshop.

[15]  Zhi-Hua Zhou,et al.  When semi-supervised learning meets ensemble learning , 2009, MCS.

[16]  Felix C. Freiling,et al.  Toward Automated Dynamic Malware Analysis Using CWSandbox , 2007, IEEE Secur. Priv..

[17]  Hongsheng Xi,et al.  Application of PrefixSpan* Algorithm in Malware Detection Expert System , 2009, 2009 First International Workshop on Education Technology and Computer Science.

[18]  Marcus A. Maloof,et al.  Learning to Detect and Classify Malicious Executables in the Wild , 2006, J. Mach. Learn. Res..

[19]  Igor Santos,et al.  Semi-supervised Learning for Unknown Malware Detection , 2011, DCAI.

[20]  Igor V. Kotenko,et al.  Malware Detection by Data Mining Techniques Based on Positionally Dependent Features , 2010, 2010 18th Euromicro Conference on Parallel, Distributed and Network-based Processing.

[21]  Somesh Jha,et al.  Semantics-aware malware detection , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[22]  Thomas G. Dietterich Multiple Classifier Systems , 2000, Lecture Notes in Computer Science.

[23]  Madihah Mohd Saudi,et al.  Statistical Analysis in Evaluating STAKCERT Infection, Activation and Payload Methods , 2010 .

[24]  Igor V. Kotenko,et al.  Integrated Usage of Data Mining Methods for Malware Detection , 2009, IF&GIS.

[25]  Vladimir A. Golovko,et al.  Neural Network and Artificial Immune Systems for Malware and Network Intrusion Detection , 2010, Advances in Machine Learning II.

[26]  Andrew Walenstein,et al.  Statistical signatures for fast filtering of instruction-substituting metamorphic malware , 2007, WORM '07.

[27]  Ronny Merkel,et al.  Statistical Detection of Malicious PE-Executables for Fast Offline Analysis , 2010, Communications and Multimedia Security.

[28]  Christopher Krügel,et al.  Limits of Static Analysis for Malware Detection , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[29]  Dragos Gavrilut,et al.  Malware detection using machine learning , 2009, 2009 International Multiconference on Computer Science and Information Technology.

[30]  Xiaojin Zhu,et al.  --1 CONTENTS , 2006 .

[31]  Steve R. Gunn,et al.  Ensemble Algorithms for Feature Selection , 2004, Deterministic and Statistical Methods in Machine Learning.

[32]  Alva Erwin,et al.  Analysis of Machine learning Techniques Used in Behavior-Based Malware Detection , 2010, 2010 Second International Conference on Advances in Computing, Control, and Telecommunication Technologies.

[33]  Yong Chen,et al.  Automatic malware categorization using cluster ensemble , 2010, KDD.

[34]  Wen Fu,et al.  Detecting Malicious Behavior Using Critical API-Calling Graph Matching , 2009, 2009 First International Conference on Information Science and Engineering.