A Feature Representation Method of Social Graph for Malware Detection

The proliferation of malware has presented a serious threat to internet security, and made traditional signature-based methods unable to analyze and process the massive data timely and effectively. The development trend of malware motivates many research efforts in intelligent malware analysis, where machine learning is used for malware detection. Currently, most of machine learning methods on malware detection utilize file contents extracted from the file samples. However, besides file contents, relations among file samples can provide invaluable information about the properties of file samples, which may improve the malware detection accuracy. Social graph is a popular way to present a set of socially-relevant nodes connected by one or more relations. It can well present the relations/dependence among file samples. Therefore, we attempt to employ social graph to study the file relations as the feature representation of file samples, and combine machine learning methods to detect malware.