• DocumentCode
    1849948
  • Title

    REFORM: Relevant Features for Malware Analysis

  • Author

    Vinod, P. ; Laxmi, V. ; Gaur, M.S.

  • Author_Institution
    Dept. of Comput. Eng., Malaviya Nat. Inst. of Technol., Jaipur, India
  • fYear
    2012
  • fDate
    26-29 March 2012
  • Firstpage
    738
  • Lastpage
    744
  • Abstract
    To address the problem of detecting obfuscatedmalware we propose a non-signature based method using machine learning techniques. Mnemonic n-grams from malware and benign samples are extracted. A subset of mnemonic n-gram features are extracted using feature selection methods such as Principal Component Analysis (PCA) and Minimum Redundancy and Maximum Relevance (mRMR). These methods select prominent features that can effectively discriminate malware and benign samples. Promising results with very small features and better accuracies as compared with previous work depict that the proposed method can be effectively used for identifying malicious files.
  • Keywords
    invasive software; learning (artificial intelligence); principal component analysis; REFORM; feature selection; machine learning; malware analysis; maximum relevance; minimum redundancy; mnemonic n-grams; nonsignature based method; obfuscated malware; principal component analysis; relevant features; Accuracy; Feature extraction; Malware; Principal component analysis; Radio frequency; Redundancy; Vectors; classifiers; features; mRMR; malware; principal component analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on
  • Conference_Location
    Fukuoka
  • Print_ISBN
    978-1-4673-0867-0
  • Type

    conf

  • DOI
    10.1109/WAINA.2012.149
  • Filename
    6185482
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1849948