An approach of malicious executables detection on black & gray based on adaboost algorithm

Author

Liu, Lei ; Shao, Kun

Author_Institution

Sch. of Comput. & Inf., Hefei Univ. of Technol., Hefei

fYear

2008

Firstpage

88

Lastpage

92

Abstract

Behavioral analysis refers to the technique of deciding whether an application is malicious or not, according to what it does. With behavioral analysis research on executables evolving, it is difficult to classify malicious applications and some legal applications called dasiagray applicationpsila, which are classified as malicious sample by dasiaweakpsila learners. In theory, boosting can be used to significantly reduce the error of dasiaweakpsila learning algorithm that consistently generates classifiers which need only be a little bit better than random guessing. This paper presents an approach based on a new boosting algorithm called AdaBoost, which improves the performance of any dasiaweakpsila learning algorithm. Experiment results show that the method has good classification accuracy in experiment data sets.

Keywords

computer viruses; learning (artificial intelligence); AdaBoost algorithm; behavioral analysis; classification accuracy; gray application; legal application; malicious application; malicious executables detection; random guessing; weak learning algorithm; Application software; Boosting; Computer viruses; Law; Legal factors; Psychology; Remote monitoring; Security; Viruses (medical); Web and internet services; Adaboost algorithm; ROC; malicious executable; malicious host behaviors; style;

fLanguage

English

Publisher

ieee

Conference_Titel

Anti-counterfeiting, Security and Identification, 2008. ASID 2008. 2nd International Conference on

Conference_Location

Guiyang

Print_ISBN

978-1-4244-2584-6

Electronic_ISBN

978-1-4244-2585-3

Type

conf

DOI

10.1109/IWASID.2008.4688357

Filename

4688357