A Static Malware Detection System Using Data Mining Methods
Usukhbayar Baldangombo, Nyamjav Jambaljav, and Shi-Jinn Horng
TL;DR
This paper introduces a static malware detection system leveraging data mining and machine learning techniques, achieving high detection accuracy for Windows PE files by extracting and selecting features from executables.
Contribution
It presents a novel static malware detection approach using feature extraction, information gain, PCA, and classifiers like SVM, J48, and Naive Bayes, with improved detection rates.
Findings
Detection rate of 99.6% achieved
Effective feature selection and dimensionality reduction
Utilizes static analysis for malware detection
Abstract
A serious threat today is malicious executables. It is designed to damage computer system and some of them spread over network without the knowledge of the owner using the system. Two approaches have been derived for it i.e. Signature Based Detection and Heuristic Based Detection. These approaches performed well against known malicious programs but cannot catch the new malicious programs. Different researchers have proposed methods using data mining and machine learning for detecting new malicious programs. The method based on data mining and machine learning has shown good results compared to other approaches. This work presents a static malware detection system using data mining techniques such as Information Gain, Principal component analysis, and three classifiers: SVM, J48, and Na\"ive Bayes. For overcoming the lack of usual anti-virus products, we use methods of static analysis to…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Network Security and Intrusion Detection · Spam and Phishing Detection