DocumentCode
3174645
Title
Graph-based simulated annealing and support vector machine in malware detection
Author
Sirageldin, Abubakr ; Selamat, Ali ; Ibrahim, Roliana
Author_Institution
Fac. of Comput. Sci. & Inf. Syst., Univ. Technol. Malaysia, Skudai, Malaysia
fYear
2011
fDate
13-14 Dec. 2011
Firstpage
512
Lastpage
515
Abstract
As ongoing war between the malware developer and defense mechanism planners there is a great challenge in providing an effective defense mechanism against evasion technique used by malware authors. The present paper provides a framework for malware detection based on the analysis of graphs introduced from instructions of the executable objects. The graph is constructed through the graph extractor, and then we used the simulated annealing algorithm to approximate the graph similarity measure. The threshold value plays a great role to relate the support vector machine to confirm the real class of the file, benign or malicious.
Keywords
graph theory; invasive software; simulated annealing; support vector machines; SVM; defense mechanism; evasion technique; graph similarity measure; graph-based simulated annealing; malware authors; malware detection; support vector machine; threshold value; Accuracy; Approximation algorithms; Classification algorithms; Kernel; Malware; Simulated annealing; Support vector machines; benign; function calls; graph; malware; maximum common subgraph; similarity measures; simulated annealing; support vector machine;
fLanguage
English
Publisher
ieee
Conference_Titel
Software Engineering (MySEC), 2011 5th Malaysian Conference in
Conference_Location
Johor Bahru
Print_ISBN
978-1-4577-1530-3
Type
conf
DOI
10.1109/MySEC.2011.6140720
Filename
6140720
Link To Document