Title :
A Feature Selection and Evaluation Scheme for Computer Virus Detection
Author :
Henchiri, Olivier ; Japkowicz, Nathalie
Author_Institution :
Sch. of Inf. Technol. & Eng., Univ. of Ottawa, Ottawa, ON
Abstract :
Anti-virus systems traditionally use signatures to detect malicious executables, but signatures are over-fitted features that are of little use in machine learning. Other more heuristic methods seek to utilize more general features, with some degree of success. In this paper, we present a data mining approach that conducts an exhaustive feature search on a set of computer viruses and strives to obviate over-fitting. We also evaluate the predictive power of a classifier by taking into account dependence relationships that exist between viruses, and we show that our classifier yields high detection rates and can be expected to perform as well in real-world conditions.
Keywords :
computer viruses; data mining; feature extraction; learning (artificial intelligence); pattern classification; antivirus system; classification method; computer virus detection; data mining approach; digital signature; feature selection scheme; heuristic method; machine learning; Computer viruses; Data mining; Feature extraction; Information technology; Learning systems; Machine learning; Performance evaluation; Testing; Viruses (medical); Writing;
Conference_Titel :
Data Mining, 2006. ICDM '06. Sixth International Conference on
Conference_Location :
Hong Kong
Print_ISBN :
0-7695-2701-7
DOI :
10.1109/ICDM.2006.4
