Malware detection based on objective-oriented association mining

Author

Xiao Xiao ; Ding Yuxin ; Zhang Yibin ; Tang Ke ; Dai Wei

Author_Institution

Shenzhen Grad. Sch., Dept. of Comput. Sci. & Technol., Harbin Inst. of Technol., Shenzhen, China

Volume

01

fYear

2013

fDate

14-17 July 2013

Firstpage

375

Lastpage

380

Abstract

Signature matching methods are inadequate to detect unseen malwares. In this paper an API (Application Programming Interface) based data mining method is proposed to detect unseen malwares. The data mining algorithm, objective-oriented associate mining (OOA), is employed to mine association rules for detecting malwares. To find association rules with strong discrimination power, an improved algorithm for frequent item generation is presented. In this algorithm a frequent item is evaluated by its support and its classification capability. The experiments prove that the proposed methods are effective and can be used to detect malware variants and unknown malicious executable.

Keywords

application program interfaces; data mining; invasive software; object-oriented programming; pattern classification; API; OOA; application programming interface; association rules; classification capability; data mining algorithm; data mining method; frequent item generation; malware detection; objective-oriented associate mining; objective-oriented association mining; signature matching method; Abstracts; Malware; Search problems; Classification; Machine learning; Malware detection; Objective-oriented associate mining; Security; Tracking;

fLanguage

English

Publisher

ieee

Conference_Titel

Machine Learning and Cybernetics (ICMLC), 2013 International Conference on

Conference_Location

Tianjin

Type

conf

DOI

10.1109/ICMLC.2013.6890497

Filename

6890497