Malware detection based on objective-oriented association mining

Xiao Xiao; Ding Yuxin; Zhang Yibin; Tang Ke; Dai Wei

doi:10.1109/ICMLC.2013.6890497

Malware detection based on objective-oriented association mining

Xiao Xiao
, Ding Yuxin
, Zhang Yibin
, Tang Ke
, Dai Wei

Harbin Institute of Technology Shenzhen

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

Signature matching methods are inadequate to detect unseen malwares. In this paper an API (Application Programming Interface) based data mining method is proposed to detect unseen malwares. The data mining algorithm, objective-oriented associate mining (OOA), is employed to mine association rules for detecting malwares. To find association rules with strong discrimination power, an improved algorithm for frequent item generation is presented. In this algorithm a frequent item is evaluated by its support and its classification capability. The experiments prove that the proposed methods are effective and can be used to detect malware variants and unknown malicious executable.

Original language	English
Title of host publication	Proceedings - International Conference on Machine Learning and Cybernetics
Publisher	IEEE Computer Society
Pages	375-380
Number of pages	6
ISBN (Electronic)	9781479902576
DOIs	https://doi.org/10.1109/ICMLC.2013.6890497
State	Published - 2013
Externally published	Yes
Event	12th International Conference on Machine Learning and Cybernetics, ICMLC 2013 - Tianjin, China Duration: 14 Jul 2013 → 17 Jul 2013

Publication series

Name	Proceedings - International Conference on Machine Learning and Cybernetics
Volume	1
ISSN (Print)	2160-133X
ISSN (Electronic)	2160-1348

Conference

Conference	12th International Conference on Machine Learning and Cybernetics, ICMLC 2013
Country/Territory	China
City	Tianjin
Period	14/07/13 → 17/07/13

Keywords

Classification
Machine learning
Malware detection
Objective-oriented associate mining
Security
Tracking

Access to Document

10.1109/ICMLC.2013.6890497

Cite this

Xiao, X., Yuxin, D., Yibin, Z., Ke, T., & Wei, D. (2013). Malware detection based on objective-oriented association mining. In Proceedings - International Conference on Machine Learning and Cybernetics (pp. 375-380). Article 6890497 (Proceedings - International Conference on Machine Learning and Cybernetics; Vol. 1). IEEE Computer Society. https://doi.org/10.1109/ICMLC.2013.6890497

@inproceedings{2ceb08b1cf6b48d3b0c1ec1db0277f4d,

title = "Malware detection based on objective-oriented association mining",

abstract = "Signature matching methods are inadequate to detect unseen malwares. In this paper an API (Application Programming Interface) based data mining method is proposed to detect unseen malwares. The data mining algorithm, objective-oriented associate mining (OOA), is employed to mine association rules for detecting malwares. To find association rules with strong discrimination power, an improved algorithm for frequent item generation is presented. In this algorithm a frequent item is evaluated by its support and its classification capability. The experiments prove that the proposed methods are effective and can be used to detect malware variants and unknown malicious executable.",

keywords = "Classification, Machine learning, Malware detection, Objective-oriented associate mining, Security, Tracking",

author = "Xiao Xiao and Ding Yuxin and Zhang Yibin and Tang Ke and Dai Wei",

note = "Publisher Copyright: {\textcopyright} 2013 IEEE.; 12th International Conference on Machine Learning and Cybernetics, ICMLC 2013 ; Conference date: 14-07-2013 Through 17-07-2013",

year = "2013",

doi = "10.1109/ICMLC.2013.6890497",

language = "英语",

series = "Proceedings - International Conference on Machine Learning and Cybernetics",

publisher = "IEEE Computer Society",

pages = "375--380",

booktitle = "Proceedings - International Conference on Machine Learning and Cybernetics",

address = "美国",

}

Xiao, X, Yuxin, D, Yibin, Z, Ke, T & Wei, D 2013, Malware detection based on objective-oriented association mining. in Proceedings - International Conference on Machine Learning and Cybernetics., 6890497, Proceedings - International Conference on Machine Learning and Cybernetics, vol. 1, IEEE Computer Society, pp. 375-380, 12th International Conference on Machine Learning and Cybernetics, ICMLC 2013, Tianjin, China, 14/07/13. https://doi.org/10.1109/ICMLC.2013.6890497

Malware detection based on objective-oriented association mining. / Xiao, Xiao; Yuxin, Ding; Yibin, Zhang et al.
Proceedings - International Conference on Machine Learning and Cybernetics. IEEE Computer Society, 2013. p. 375-380 6890497 (Proceedings - International Conference on Machine Learning and Cybernetics; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Malware detection based on objective-oriented association mining

AU - Xiao, Xiao

AU - Yuxin, Ding

AU - Yibin, Zhang

AU - Ke, Tang

AU - Wei, Dai

PY - 2013

Y1 - 2013

N2 - Signature matching methods are inadequate to detect unseen malwares. In this paper an API (Application Programming Interface) based data mining method is proposed to detect unseen malwares. The data mining algorithm, objective-oriented associate mining (OOA), is employed to mine association rules for detecting malwares. To find association rules with strong discrimination power, an improved algorithm for frequent item generation is presented. In this algorithm a frequent item is evaluated by its support and its classification capability. The experiments prove that the proposed methods are effective and can be used to detect malware variants and unknown malicious executable.

AB - Signature matching methods are inadequate to detect unseen malwares. In this paper an API (Application Programming Interface) based data mining method is proposed to detect unseen malwares. The data mining algorithm, objective-oriented associate mining (OOA), is employed to mine association rules for detecting malwares. To find association rules with strong discrimination power, an improved algorithm for frequent item generation is presented. In this algorithm a frequent item is evaluated by its support and its classification capability. The experiments prove that the proposed methods are effective and can be used to detect malware variants and unknown malicious executable.

KW - Classification

KW - Machine learning

KW - Malware detection

KW - Objective-oriented associate mining

KW - Security

KW - Tracking

UR - https://www.scopus.com/pages/publications/84907261160

U2 - 10.1109/ICMLC.2013.6890497

DO - 10.1109/ICMLC.2013.6890497

M3 - 会议稿件

AN - SCOPUS:84907261160

T3 - Proceedings - International Conference on Machine Learning and Cybernetics

SP - 375

EP - 380

BT - Proceedings - International Conference on Machine Learning and Cybernetics

PB - IEEE Computer Society

T2 - 12th International Conference on Machine Learning and Cybernetics, ICMLC 2013

Y2 - 14 July 2013 through 17 July 2013

ER -

Malware detection based on objective-oriented association mining

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this