A comparative study of malware family classification

Research output: Book chapter/Published conference paperChapter (peer-reviewed)peer-review

6 Citations (Scopus)

Abstract

In this paper, we present a comparative study of conventional malware family classification techniques and identifiy their limitations. In our study, we investigate three different feature set, function length frequency and printable string information as static features and Application Programming Interface (API) calls and API parameters as dynamic features. In our classification process, we used some of well-known machine-learning algorithms by invoking WEKA libraries. We made a comparative analysis and conclude that the independent features are not good enough to defence against current as well as future malware.
Original languageEnglish
Title of host publicationInformation and communications security
Subtitle of host publication14th International Conference, ICICS 2012, Hong Kong, China, October 29-31, 2012. Proceedings
EditorsTat Wing Chim, Tsz Hon Yuen
Place of PublicationBerlin, Germany
PublisherSpringer
Pages488-496
Number of pages9
ISBN (Electronic)9783642341298
ISBN (Print)9783642341281
DOIs
Publication statusPublished - 2012

Publication series

NameLecture Notes in Computer Science
Volume7618

Fingerprint

Dive into the research topics of 'A comparative study of malware family classification'. Together they form a unique fingerprint.

Cite this