Title :
An experimental comparative study on three classification algorithms on unknown malicious code identification
Author :
Zhu, Lijun ; Liu, Shu
Author_Institution :
Coll. of Comput. Sci. & Technol., Shenyang Univ. of Chem. Technol., Shenyang, China
Abstract :
Dynamic behavior analysis is the direction of unknown malicious code identification. Taking API function called by malicious code as the research object during the peiriod of it being implanted and running, applying three classification algorithms: Decision Tree C4.5, NaiveBayes and Minmum Distance Classification to the identification of unknown malicous code, this paper compare and analyse their performances. The experients result show that, according to practical identification demand, choosing different identification algorithm will have a great effect on identification of unknown malicious code.
Keywords :
Bayes methods; application program interfaces; decision trees; security of data; API function; decision tree C4.5 classification algorithm; dynamic behavior analysis; minimum distance classification; naive Bayes classification algorithms; unknown malicious code identification; Algorithm design and analysis; Chemical technology; Classification algorithms; Computers; Decision trees; Heuristic algorithms; Registers; Decision Tree C4.5; Minmum Distance Classification; NaiveBayes; malicious code;
Conference_Titel :
Multimedia Technology (ICMT), 2011 International Conference on
Conference_Location :
Hangzhou
Print_ISBN :
978-1-61284-771-9
DOI :
10.1109/ICMT.2011.6002063
