Intelligent file scoring system for malware detection from the gray list

Ye, Yanfang; Li, Tao; Jiang, Qingshan; Han, Zhixue; Wan, Li

doi:10.1145/1557019.1557167

Cited by 31 publications

(18 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…False positive is a malware detected while it is not malware and false negative is a benign program detected while it is not benign [3].…”

Section: Malware Detectionmentioning

confidence: 99%

“…For the undecidable software, so-called gray list, the scanners operate them in a controlled environment for more classification [3].…”

Section: Mechanism Of Malware Detectionmentioning

confidence: 99%

“…But the main disadvantage with signature-based techniques is that they cannot defend against unknown malware [3] .…”

Section: International Journal Of Computer Applications (0975 -8887) mentioning

confidence: 99%

“…Thousands of new malware appear very quickly, reports from G Data and King soft Laboratory said [2,3]. In contrast, researchers and manufacturers evolve new methods to produce improved techniques for building anti-malware [4][5][6][7][8].…”

Section: Introductionmentioning

confidence: 99%

“…And sometimes it's tasks divided into client and server, such as in cloud-based antivirus [8,12]. Many improvements made on both aspects of detection and analysis [3,10,[13][14][15][16][17].…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

A Survey on Malware and Malware Detection Systems

Saeed¹,

Selamat²,

Abuagoub³

2013

IJCA

View full text Add to dashboard Cite

Over the last decades, there were lots of studies made on malware and their countermeasures. The most recent reports emphasize that the invention of malicious software is rapidly increasing. Moreover, the intensive use of networks and Internet increases the ability of the spreading and the effectiveness of this kind of software. On the other hand, researchers and manufacturers making great efforts to produce anti-malware systems with effective detection methods for better protection on computers. In this paper, a detailed review has been conducted on the current situation of malware infection and the work done to improve anti-malware or malware detection systems. Thus, it provides an up-to-date comparative reference for developers of malware detection systems.

show abstract

“…False positive is a malware detected while it is not malware and false negative is a benign program detected while it is not benign [3].…”

Section: Malware Detectionmentioning

confidence: 99%

“…For the undecidable software, so-called gray list, the scanners operate them in a controlled environment for more classification [3].…”

Section: Mechanism Of Malware Detectionmentioning

confidence: 99%

“…But the main disadvantage with signature-based techniques is that they cannot defend against unknown malware [3] .…”

Section: International Journal Of Computer Applications (0975 -8887) mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Survey on Malware and Malware Detection Systems

Saeed¹,

Selamat²,

Abuagoub³

2013

IJCA

View full text Add to dashboard Cite

show abstract

Improving malware detection using multi‐view ensemble learning

Bai

Wang

2016

Security Comm Networks

View full text Add to dashboard Cite

The huge influx of new malware is created every day, and those malware have not been previously seen in the wild. Current anti‐virus software uses byte signature to identify known malware and has little hope of identifying new malware. Researchers have proposed several malware detection methods based on byte n‐grams, opcode n‐grams, and format information, and those methods partially capture the distinguishable information between benign and malicious programs. In this study, we design two schemes to incorporate the aforementioned three single‐view features and fully exploit complementary information of those features to discover the true nature of a program. Two datasets are used to evaluate new malware detection performance and generalization performance of the proposed schemes. Experimental results indicate that the proposed schemes increase the detection rate of new malware, improve the generalization performance of learning model, and reduce the false alarm rate to 0%. Because malware is hard to disguise itself in every feature view, the proposed schemes are more robust and not easy to be deceived. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

File Relation Graph Based Malware Detection Using Label Propagation

Zhang

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Intelligent file scoring system for malware detection from the gray list

Cited by 31 publications

References 37 publications

A Survey on Malware and Malware Detection Systems

A Survey on Malware and Malware Detection Systems

Improving malware detection using multi‐view ensemble learning

File Relation Graph Based Malware Detection Using Label Propagation

Contact Info

Product

Resources

About