Title :
Graph-based simulated annealing and support vector machine in Malware detection
Author :
Sirageldin, Abubakr ; Selamat, Ali ; Ibrahim, Roliana
Author_Institution :
Faculty of computer Science& Information System, University Technology Malaysia 81310 UTM Johor Bahru
Abstract :
As ongoing war between the malware developer and defense mechanism planners there is a great challenge in providing an effective defense mechanism against evasion technique used by malware authors. The present paper provides a framework for malware detection based on the analysis of graphs introduced from instructions of the executable objects. The graph is constructed through the graph extractor, and then we used the simulated annealing algorithm to approximate the graph similarity measure. The threshold value plays a great role to relate the support vector machine to confirm the real class of the file, benign or malicious.
Keywords :
benign; function calls; graph; malware; maximum common subgraph; similarity measures; simulated annealing; support vector machine;
Conference_Titel :
Software Engineering (MySEC), 2011 5th Malaysian Conference in
Conference_Location :
Johor Bahru, Malaysia
Print_ISBN :
978-1-4577-1530-3
DOI :
10.1109/MySEC.2011.6140698
