In this paper, we present a comparative study of conventional malware family classification techniques and identifiy their limitations. In our study, we investigate three different feature set, function length frequency and printable string information as static features and Application Programming Interface (API) calls and API parameters as dynamic features. In our classification process, we used some of well-known machine-learning algorithms by invoking WEKA libraries. We made a comparative analysis and conclude that the independent features are not good enough to defence against current as well as future malware.
|Title of host publication||Information and communications security|
|Subtitle of host publication||14th International Conference, ICICS 2012, Hong Kong, China, October 29-31, 2012. Proceedings|
|Editors||Tat Wing Chim, Tsz Hon Yuen|
|Place of Publication||Berlin, Germany|
|Number of pages||9|
|Publication status||Published - 2012|
|Name||Lecture Notes in Computer Science|