Malware detection using genetic programming

Author

Thi Anh Le ; Thi Huong Chu ; Quang Uy Nguyen ; Xuan Hoai Nguyen

Author_Institution

Fac. of IT, Le Quy Don Univ., Hanoi, Vietnam

fYear

2014

fDate

14-17 Dec. 2014

Firstpage

1

Lastpage

6

Abstract

Malware is any software aiming to disrupt computer operation. Malware is also used to gather sensitive information or gain access to private computer systems. This is widely seen as one of the major threats to computer systems nowadays. Traditionally, anti-malware software is based on a signature detection system which keeps updating from the Internet malware database and thus keeping track of known malwares. While this method may be very accurate to detect previously known malwares, it is unable to detect unknown malicious codes. Recently, several machine learning methods have been used for malware detection, achieving remarkable success. In this paper, we propose a method in this strand by using Genetic Programming for detecting malwares. The experiments were conducted with the malwares collected from an updated malware database on the Internet and the results show that Genetic Programming, compared to some other well-known machine learning methods, can produce the best results on both balanced and imbalanced datasets.

Keywords

Internet; database management systems; digital signatures; genetic algorithms; invasive software; learning (artificial intelligence); Internet malware database; antimalware software; balanced datasets; genetic programming; imbalanced datasets; machine learning methods; malware detection; private computer systems; signature detection system; Decision trees; Feature extraction; Learning systems; Machine learning algorithms; Malware; Support vector machines; Training;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence for Security and Defense Applications (CISDA), 2014 Seventh IEEE Symposium on

Conference_Location

Hanoi

Type

conf

DOI

10.1109/CISDA.2014.7035623

Filename

7035623