An experimental comparative study on three classification algorithms on unknown malicious code identification

Author

Zhu, Lijun ; Liu, Shu

Author_Institution

Coll. of Comput. Sci. & Technol., Shenyang Univ. of Chem. Technol., Shenyang, China

fYear

2011

fDate

26-28 July 2011

Firstpage

4829

Lastpage

4832

Abstract

Dynamic behavior analysis is the direction of unknown malicious code identification. Taking API function called by malicious code as the research object during the peiriod of it being implanted and running, applying three classification algorithms: Decision Tree C4.5, NaiveBayes and Minmum Distance Classification to the identification of unknown malicous code, this paper compare and analyse their performances. The experients result show that, according to practical identification demand, choosing different identification algorithm will have a great effect on identification of unknown malicious code.

Keywords

Bayes methods; application program interfaces; decision trees; security of data; API function; decision tree C4.5 classification algorithm; dynamic behavior analysis; minimum distance classification; naive Bayes classification algorithms; unknown malicious code identification; Algorithm design and analysis; Chemical technology; Classification algorithms; Computers; Decision trees; Heuristic algorithms; Registers; Decision Tree C4.5; Minmum Distance Classification; NaiveBayes; malicious code;

fLanguage

English

Publisher

ieee

Conference_Titel

Multimedia Technology (ICMT), 2011 International Conference on

Conference_Location

Hangzhou

Print_ISBN

978-1-61284-771-9

Type

conf

DOI

10.1109/ICMT.2011.6002063

Filename

6002063