Evaluation of Supervised Machine Learning Techniques for Dynamic Malware Detection

doi:10.2991/ijcis.11.1.87

CIOMP OpenIR

	Evaluation of Supervised Machine Learning Techniques for Dynamic Malware Detection
	Zhao, H. W.; Li, M. Z.; Wu, T. Q.; Yang, F.
	2018
发表期刊	International Journal of Computational Intelligence Systems
ISSN	1875-6891
卷号	11 期号:1 页码:1153-1169
摘要	Nowadays, security of the computer systems has become a major concern of security experts. In spite of many antivirus and malware detection systems, the number of malware incidents are increasing day by day. Many static and dynamic techniques have been proposed to detect the malware and classify them into malware families accurately. The dynamic malware detection has potential benefits over the static ones to detect malware effectively. Because, it is difficult to mask behavior of malware while executing than its underlying code in static malware detection. Recently, machine learning techniques have been the main focus of the security experts to detect malware and predict their families dynamically. But, to the best of our knowledge, there exists no comprehensive work that compares and evaluates a sufficient number of machine learning techniques for classifying malware and benign samples. In this work, we conducted a set of experiments to evaluate machine learning techniques for detecting malware and their classification into respective families dynamically. A set of real malware samples and benign programs have been received from VirusTotal, and executed in a controlled & isolated environment to record malware behavior for evaluation of machine learning techniques in terms of commonly used performance metrics. From the execution reports saved in the form of JSON reports, we extract a promising set of features representing behavior of a malware sample. The identified set of features is further employed to classify malware and benign samples. The Major motivation of this work is that different techniques have been designed to optimize different criteria. So, they behave differently, even in similar conditions. In addition to classification of malware and benign samples dynamically, we reveal guidelines for researchers to apply machine learning techniques for detecting malware dynamically, and directions for further research in the field.
关键词	Dynamic Analysis Malware detection Machine Learning Static Analysis classification Computer Science
DOI	10.2991/ijcis.11.1.87
收录类别	SCI
引用统计
文献类型	期刊论文
条目标识符	http://ir.ciomp.ac.cn/handle/181722/60657
专题	中国科学院长春光学精密机械与物理研究所
推荐引用方式 GB/T 7714	Zhao, H. W.,Li, M. Z.,Wu, T. Q.,et al. Evaluation of Supervised Machine Learning Techniques for Dynamic Malware Detection[J]. International Journal of Computational Intelligence Systems,2018,11(1):1153-1169.
APA	Zhao, H. W.,Li, M. Z.,Wu, T. Q.,&Yang, F..(2018).Evaluation of Supervised Machine Learning Techniques for Dynamic Malware Detection.International Journal of Computational Intelligence Systems,11(1),1153-1169.
MLA	Zhao, H. W.,et al."Evaluation of Supervised Machine Learning Techniques for Dynamic Malware Detection".International Journal of Computational Intelligence Systems 11.1(2018):1153-1169.

条目包含的文件
文件名称/大小	文献类型	版本类型	开放类型	使用许可
Evaluation of Superv（2093KB）	期刊论文	出版稿	开放获取	CC BY-NC-SA	浏览请求全文