N-gram density based malware detection
Data(s) |
20/01/2014
|
---|---|
Resumo |
N-gram analysis is an approach that investigates the structure of a program using bytes, characters or text strings. This research uses dynamic analysis to investigate malware detection using a classification approach based on N-gram analysis. The motivation for this research is to find a subset of Ngram features that makes a robust indicator of malware. The experiments within this paper represent programs as N-gram density histograms, gained through dynamic analysis. A Support Vector Machine (SVM) is used as the program classifier to determine the ability of N-grams to correctly determine the presence of malicious software. The preliminary findings show that an N-gram size N=3 and N=4 present the best avenues for further analysis. |
Identificador | |
Idioma(s) |
eng |
Publicador |
Institute of Electrical and Electronics Engineers (IEEE) |
Direitos |
info:eu-repo/semantics/restrictedAccess |
Fonte |
O'Kane , P , Sezer , S & McLaughlin , K 2014 , N-gram density based malware detection . in 2014 World Symposium on Computer Applications and Research (WSCAR) . Institute of Electrical and Electronics Engineers (IEEE) , Computer Applications & Research (WSCAR), 2014 World Symposium on , Sousse , Tunisia , 18-20 January . DOI: 10.1109/WSCAR.2014.6916806 |
Tipo |
contributionToPeriodical |