Cluster Analysis of Malware Family Relationships
Samanvitha Basole, Mark Stamp
TL;DR
This paper employs $K$-means clustering to analyze relationships among malware families and types, demonstrating its effectiveness for malware data exploration and understanding family similarities.
Contribution
It introduces a clustering approach to analyze malware family relationships and types, providing insights into their similarities and distinctions.
Findings
$K$-means effectively clusters malware families and types.
Clustering reveals meaningful relationships between malware families.
Results support $K$-means as a tool for malware data analysis.
Abstract
In this paper, we use -means clustering to analyze various relationships between malware samples. We consider a dataset comprising~20 malware families with~1000 samples per family. These families can be categorized into seven different types of malware. We perform clustering based on pairs of families and use the results to determine relationships between families. We perform a similar cluster analysis based on malware type. Our results indicate that -means clustering can be a powerful tool for data exploration of malware family relationships.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Advanced Malware Detection Techniques