PageRank in Malware Categorization

BooJoong Kang; Suleiman Y. Yerima; Kieran McLaughlin; Sakir Sezer

arXiv:1608.00866·cs.CR·August 3, 2016

PageRank in Malware Categorization

BooJoong Kang, Suleiman Y. Yerima, Kieran McLaughlin, Sakir Sezer

PDF

TL;DR

This paper introduces a malware categorization approach using PageRank to analyze instruction sequences, leveraging structural information to improve machine learning classification accuracy.

Contribution

It presents a novel application of PageRank to malware instruction analysis and evaluates different algorithms and ensemble methods for enhanced accuracy.

Findings

01

PageRank-based features improve malware classification.

02

Bagging and boosting enhance categorization accuracy.

03

Different PageRank algorithms have varying effectiveness.

Abstract

In this paper, we propose a malware categorization method that models malware behavior in terms of instructions using PageRank. PageRank computes ranks of web pages based on structural information and can also compute ranks of instructions that represent the structural information of the instructions in malware analysis methods. Our malware categorization method uses the computed ranks as features in machine learning algorithms. In the evaluation, we compare the effectiveness of different PageRank algorithms and also investigate bagging and boosting algorithms to improve the categorization accuracy.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.