Support Vector Machine Integrated with game-theoretic approach and genetic algorithm for the detection and classification of malware
Zolotukhin, M., & Hämäläinen, T. (2013). Support Vector Machine Integrated with game-theoretic approach and genetic algorithm for the detection and classification of malware. In IEEE Globecom 2013 Conference Proceedings : Big Security 2013, First International Workshop on Security and Privacy in Big Data (pp. 211-216). IEEE. IEEE Global Telecommunications Conference. https://doi.org/10.1109/GLOCOMW.2013.6824988
Published inIEEE Global Telecommunications Conference
© Copyright 2014 IEEE. Article's final and definitive form has been published by IEEE.
Abstract. —In the modern world, a rapid growth of mali- cious software production has become one of the most signifi- cant threats to the network security. Unfortunately, wides pread signature-based anti-malware strategies can not help to de tect malware unseen previously nor deal with code obfuscation te ch- niques employed by malware designers. In our study, the prob lem of malware detection and classification is solved by applyin g a data-mining-based approach that relies on supervised mach ine- learning. Executable files are presented in the form of byte a nd opcode sequences and n-gram models are employed to extract essential features from these sequences. Feature vectors o btained are classified with the help of support vector classifiers int egrated with a genetic algorithm used to select the most essential fe atures, and a game-theory approach is applied to combine the classifi ers together. The proposed algorithm, ZSGSVM, is tested by usin g a set of byte and opcode sequences obtained from a set containi ng executable files of benign software and malware. As a result, almost all malicious files are detected while the number of fa lse alarms remains very low. ...
Parent publication ISBN978-1-4799-2851-4
ConferenceIEEE Globecom Workshops : International Workshop on Security and Privacy in Big Data
Is part of publicationIEEE Globecom 2013 Conference Proceedings : Big Security 2013, First International Workshop on Security and Privacy in Big Data
Publication in research information system
MetadataShow full item record
Showing items with similar title or keywords.
Zolotukhin, Mikhail (University of Jyväskylä, 2014)
Kumar, Sanjay; Viinikainen, Ari; Hämäläinen, Timo (IEEE, 2018)Mobile malware attacks increased three folds in the past few years and continued to expand with the growing number of mobile users. Adversary uses a variety of evasion techniques to avoid detection by traditional systems, ...
Unsupervised network intrusion detection systems for zero-day fast-spreading network attacks and botnets Vahdani Amoli, Payam (University of Jyväskylä, 2015)Today, the occurrence of zero-day and complex attacks in high-speed networks is increasingly common due to the high number vulnerabilities in the cyber world. As a result, intrusions become more sophisticated and fast ...
Nieminen, Paavo (University of Jyväskylä, 2016)Machine learning tasks usually come with several mutually conﬂicting objectives. One example is the simplicity of the learning device contrasted with the accuracy of its performance after learning. Another common example ...
ISAdetect : Usable Automated Detection of CPU Architecture and Endianness for Executable Binary Files and Object Code Kairajärvi, Sami; Costin, Andrei; Hämäläinen, Timo (ACM, 2020)Static and dynamic binary analysis techniques are actively used to reverse engineer software's behavior and to detect its vulnerabilities, even when only the binary code is available for analysis. To avoid analysis errors ...