O si ho prefeiexes...


Panel Informació

Utilizamos cookies propias y de terceros para mejorar tu experiencia de navegación. Al continuar con la navegación entendemos que aceptas nuestra política de cookies.

Using Opcode Sequences in Single-Class Learning to Detect Unknown Malware



IET Information Security , 2011 Vol. 5 ( 4 ), p. 220-227
Impact factor: 0,862


Malware is any type of malicious code that has the potential to harm a computer or network. The volume of malware is growing at a faster rate every year and poses a serious global security threat. Although signaturebased detection is the most widespread method used in commercial antivirus programs, it consistently fails to detect new malware. Supervised machinelearning models have been used to address this issue. However, the use of supervised learning is limited because it needs a large amount of malicious code and benign software to first be labelled. In this paper, we propose a new method that uses single-class learning to detect unknown malware families. This method is based on examining the frequencies of the appearance of opcode sequences to build a machine-learning classifier using only one set of labelled instances within a specific class of either malware or legitimate software. We performed an empirical study that shows that this method can reduce the effort of labelling software while maintaining high accuracy.

Sobre aquest recurs...

Visites 228