• DocumentCode
    2221265
  • Title

    Malware Detection via Classifying with Compression

  • Author

    Gong, Tao ; Tan, Xiaobin ; Zhu, Ming

  • Author_Institution
    Dept. of Autom., Univ. of Sci. & Technol. of China, Hefei, China
  • fYear
    2009
  • fDate
    26-28 Dec. 2009
  • Firstpage
    1765
  • Lastpage
    1768
  • Abstract
    The proliferation of malware has been causing great harm to computer and information systems. Traditional signature-based approaches fail to detect obfuscated malware and unknown malware. We present a preliminary study on classifying with compression of program instructions for malware detection. The code structure information was utilized to compress. The disassembled code is converted to its intermediate representation. We extract the opcode to form the stream for prediction by partial matching (PPM). The binaries are classified with this statistical compression algorithm. The preliminary experiment shows that our method can efficiently detect malware with high accuracy and low false positive rate.
  • Keywords
    data compression; digital signatures; information systems; invasive software; pattern classification; classification; information systems; malware detection; prediction by partial matching; signature based approaches; statistical compression algorithm; Automation; Compression algorithms; Computer security; Data compression; Data mining; Information science; Information systems; Internet; Learning systems; Probability distribution;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Science and Engineering (ICISE), 2009 1st International Conference on
  • Conference_Location
    Nanjing
  • Print_ISBN
    978-1-4244-4909-5
  • Type

    conf

  • DOI
    10.1109/ICISE.2009.726
  • Filename
    5455069
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2221265