Title :
REFORM: Relevant Features for Malware Analysis
Author :
Vinod, P. ; Laxmi, V. ; Gaur, M.S.
Author_Institution :
Dept. of Comput. Eng., Malaviya Nat. Inst. of Technol., Jaipur, India
Abstract :
To address the problem of detecting obfuscatedmalware we propose a non-signature based method using machine learning techniques. Mnemonic n-grams from malware and benign samples are extracted. A subset of mnemonic n-gram features are extracted using feature selection methods such as Principal Component Analysis (PCA) and Minimum Redundancy and Maximum Relevance (mRMR). These methods select prominent features that can effectively discriminate malware and benign samples. Promising results with very small features and better accuracies as compared with previous work depict that the proposed method can be effectively used for identifying malicious files.
Keywords :
invasive software; learning (artificial intelligence); principal component analysis; REFORM; feature selection; machine learning; malware analysis; maximum relevance; minimum redundancy; mnemonic n-grams; nonsignature based method; obfuscated malware; principal component analysis; relevant features; Accuracy; Feature extraction; Malware; Principal component analysis; Radio frequency; Redundancy; Vectors; classifiers; features; mRMR; malware; principal component analysis;
Conference_Titel :
Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4673-0867-0
DOI :
10.1109/WAINA.2012.149
