2019
DOI: 10.1109/access.2019.2946482
|View full text |Cite
|
Sign up to set email alerts
|

A Novel Solutions for Malicious Code Detection and Family Clustering Based on Machine Learning

Abstract: Malware has become a major threat to cyberspace security, not only because of the increasing complexity of malware itself, but also because of the continuously created and produced malicious code. In this paper, we propose two novel methods to solve the malware identification problem. One is to solve to malware classification. Different from traditional machine learning, our method introduces the ensemble models to solve the malware classification problem. The other is to solve malware family clustering. Diffe… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
15
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
8
2

Relationship

3
7

Authors

Journals

citations
Cited by 33 publications
(15 citation statements)
references
References 33 publications
0
15
0
Order By: Relevance
“…The work [ 123 ] deals with two problems related to the detection of malware: (1) the detection of malware signatures from logs (e.g., the xml created when executing an .exe file in a sandbox) for further training of classifiers and (2) the precise detection of groups of mutant malware. To solve the first problem, ensembles of classifiers are proposed.…”
Section: Systematization Of Sa Stages and ML Solutionsmentioning
confidence: 99%
“…The work [ 123 ] deals with two problems related to the detection of malware: (1) the detection of malware signatures from logs (e.g., the xml created when executing an .exe file in a sandbox) for further training of classifiers and (2) the precise detection of groups of mutant malware. To solve the first problem, ensembles of classifiers are proposed.…”
Section: Systematization Of Sa Stages and ML Solutionsmentioning
confidence: 99%
“…e basic framework and process design are as follows. Since this semisupervised learning type detection framework is based on machine learning algorithms, it is similar to the traditional machine learning algorithm [40][41][42][43][44][45], including the training process and the detection process, and the approximate processing of these two processes is shown in Figure 2.…”
Section: Attack Detection Model Framework Based On Semisupervisedmentioning
confidence: 99%
“…We examine the survivability of the network under intentional attacks [32] in this article. Under intentional attacks, important nodes in the network will be attacked.…”
Section: Three Attack Strategiesmentioning
confidence: 99%