HDM-Analyser: A hybrid analysis approach based on data mining techniques for malware detection

Journal in Computer Virology

Volumn 9, Issue 2, 2013, Pages 77-93

  Eskandari, Mojtaba ^a   Khorshidpour, Zeinab ^a   Hashemi, Sattar ^a  

^a SHIRAZ UNIVERSITY   (Iran)

Author keywords

[No Author keywords available]

Indexed keywords

DATA MINING; DECISION MAKING; EXTRACTION; FEATURE EXTRACTION; STATIC ANALYSIS;

EXTRACTING FEATURES; INTELLIGENT DETECTION; MALWARE DETECTION; OVERALL ACCURACIES; SIGNATURE BASED DETECTIONS; STATIC ANALYSIS METHOD; STATIC AND DYNAMIC ANALYSIS; STATISTICAL INFORMATION;

MALWARE;

EID: 84876424144     PISSN: 17729890     EISSN: 17729904     Source Type: Journal    
DOI: 10.1007/s11416-013-0181-8     Document Type: Article

References (29)

1. Abou-Assaleh, T., Cercone, N., Keselj, V., Sweidan, R.: Detection of new malicious code using n-grams signatures. In: Proceedings of Second Annual Conference on Privacy, Security and Trust, pp. 193-196. Citeseer (2004).
2. Bayer, U., Kruegel, C., Kirda, E.: Ttanalyze: A tool for analyzing malware. In: 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference. Citeseer (2006).
3. Bergeron, J., Debbabi, M., Desharnais, J., Erhioui, M., Lavoie, Y., Tawbi, N.: Static detection of malicious code in executable programs. Int. J. Req. Eng. 2001, 184-189 (2001).
4. Bergeron, J., Debbabi, M., Desharnais, J., Ktari, B., Salois, M., Tawbi, N., Charpentier, R., Patry, M.: Detection of malicious code in cots software: A short survey. In: First International Software Assurance Certification Conference (ISACC99) (1999).
5. Breiman, L.: Random forests. Mach. Learn. 45(1), 5-32 (2001).
6. Cleary, J., Trigg, L.: K*: An instance-based learner using an entropic distance measure. In: Machine Learning-International Workshop Then Conference-, pp. 108-114. Citeseer (1995).
7. Dietterich, T.: An experimental comparison of three methods for constructing ensembles of decision trees: Bagging, boosting, and randomization. Mach. Learn. 40(2), 139-157 (2000).
8. Duds, R., Hart, P.: Pattern Classification and Scene Analysis. Wiley, New York (1973).
9. Fasikhov, R.: Api logger tool. http://blackninja2000. narod. ru/rus/api_logger. html.
10. Friedman, N., Geiger, D., Goldszmidt, M.: Bayesian network classifiers. Mach. Learn. 29(2), 131-163 (1997).
11. Holmes, G., Donkin, A., Witten, I.: Weka: A machine learning workbench. In: Intelligent Information Systems, 1994. Proceedings of the 1994 Second Australian and New Zealand Conference on, pp. 357-361. IEEE (1994).
12. Iba, W., Langley, P.: Induction of one-level decision trees. In: Proceedings of the Ninth International Conference on, Machine Learning, pp. 233-240 (1992).
13. Idika, N., Mathur, A.: A survey of malware detection techniques. Purdue University (2007).
14. Langley, P., Iba, W., Thompson, K.: An analysis of bayesian classifiers. In: Proceedings of the National Conference on Artificial Intelligence, pp. 223-223. Wiley, Hoboken (1992).
15. Lewis, D.: Naive (bayes) at forty: The independence assumption in information retrieval. Machine Learning: ECML-98, pp. 4-15 (1998).
16. Orenstein, D.: Quickstudy: Application programming interface (api) (2000).
17. Pearl, J.: Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan Kaufmann, Los Altos (1988).
18. Picard, R., Cook, R.: Cross-validation of regression models. J. Am. Stat. Assoc., 575-583 (1984).
19. Platt, J.: 12 fast training of support vector machines using sequential minimal, optimization (1998).
20. Rabek, J., Khazan, R., Lewandowski, S., Cunningham, R.: Detection of injected, dynamically generated, and obfuscated malicious code. In: Proceedings of the 2003 ACM workshop on Rapid malcode, pp. 76-82. ACM (2003).
21. Roundy, K., Miller, B.: Hybrid analysis and control of malware. In: Recent Advances in Intrusion Detection, pp. 317-338. Springer, Berlin (2010).
22. Sekar, R., Bowen, T., Segal, M.: On preventing intrusions by process behavior monitoring. In: USENIX Intrusion Detection, Workshop, vol. 1999 (1999).
23. Siddiqui, M.: Data mining methods for malware detection. ProQuest (2008).
24. Sung, A., Xu, J., Chavez, P., Mukkamala, S.: Static analyzer of vicious executables (save). In: Computer Security Applications Conference, 2004. 20th Annual, pp. 326-334. IEEE (2004).
25. Szor, P.: The Art of Computer Virus Research and Defense. Addison-Wesley Professional, Reading (2005).
26. Tzermias, Z., Sykiotakis, G., Polychronakis, M., Markatos, E.: Combining static and dynamic analysis for the detection of malicious documents. In: Proceedings of the Fourth European Workshop on System Security, p. 4. ACM (2011).
27. Wagner, D., Dean, R.: Intrusion detection via static analysis. In: Security and Privacy, 2001. S & P 2001. Proceedings. 2001 IEEE Symposium on, pp. 156-168. IEEE (2001).
28. Xu, J., Sung, A., Chavez, P.: Mukkamala, S.: Polymorphic malicious executable scanner by api sequence analysis (2004).
29. Ye, Y., Wang, D., Li, T., Ye, D.: Imds: Intelligent malware detection system. In: Proceedings of the 13th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1043-1047. ACM (2007).