论文信息 - Application of Hybrid Machine Learning to Detect and Remove Malware

Application of Hybrid Machine Learning to Detect and Remove Malware

Anti-malware software traditionally employ methods of signature-based and heuristic-based detection. These detection systems need to be manually updated with new behaviors to detect new, unknown, or adapted malware. Our goal is to create a new malware detection solution that will serve three purposes: to automatically identify and classify unknown files on a spectrum of malware severity; to introduce a hybrid machine learning approach to detect modified malware traces; and to increase the accuracy of detection results. Our solution is accomplished through the use of data mining and machine learning concepts and algorithms. We perform two types of data mining on samples, extracting n-grams and PE features that are used for our machine learning environment. We also introduce a new hybrid learning approach that utilizes both supervised and unsupervised machine learning in a two-layer protocol. A supervised algorithm is applied to classify if a file is considered malware or benign. The files classified as malware will then be categorized and then assigned on a severity spectrum using the SOFM unsupervised algorithm.

Mohamed A. Zohdy | Richard Ruiqi Yang | Victor Kang | Sami Albouq

[1] Nataasha Raul,et al. Malware Detection Module using Machine Learning Algorithms to Assist in Centralized Security in Enterprise Networks , 2012, ArXiv.

[2] Hoda S. Abdel-Aty-Zohdy,et al. Self‐Organizing Feature Maps , 1999 .

[3] Andreas Jacobsson,et al. Learning to detect spyware using end user license agreements , 2011, Knowledge and Information Systems.

[4] Parisa Bahraminikoo,et al. Utilization Data Mining to Detect Spyware , 2012 .

[5] Niklas Lavesson,et al. Detection of Spyware by Mining Executable Files , 2010, 2010 International Conference on Availability, Reliability and Security.

[6] Shi-Jinn Horng,et al. A Surveillance Spyware Detection System Based on Data Mining Methods , 2006, 2006 IEEE International Conference on Evolutionary Computation.

[7] Jackson Akpojaro,et al. Unsupervised Machine Learning Techniques for Detecting Malware Applications in Wireless Devices , 2014 .

[8] Yuval Elovici,et al. Applying Machine Learning Techniques for Detection of Malicious Code in Network Traffic , 2007, KI.

[9] Mehdi Samiei. Utilization Data Mining to Detect Spyware , 2012 .

[10] Shi-Jinn Horng,et al. A Static Malware Detection System Using Data Mining Methods , 2013, ArXiv.