Title :
Evaluation of Random Projection for Malware Classification
Author :
Ponomarev, Stanislav ; Durand, Jan ; Wallace, Nathan ; Atkison, Travis
Author_Institution :
Louisiana Tech Univ., Ruston, LA, USA
Abstract :
Research efforts to develop malicious application detection algorithms have been a priority ever since the discovery of the first "viruses". Various methods are used to search and identify these malicious applications. One such method, n-gram analysis, can be implemented to extract features from binary files. These features are then be used by machine learning algorithms to classify them as malicious or benign. However, the resulting high dimensionality of the features makes accurate detection in some cases impossible. This is known as "the curse of dimensionality". To counteract this effect, a feature reduction technique known as randomized projection was implemented. Through this reduction, not only are classification times decreased but also an increase in true positive and decreases false positive rates are observed. By varying the n-gram size and target feature size it is possible to fine-tune the accuracy of machine learning algorithms to reach an average accuracy of 99%.
Keywords :
data mining; feature extraction; invasive software; learning (artificial intelligence); pattern classification; binary files; data mining; feature extraction; feature reduction technique; machine learning algorithms; malicious application detection algorithms; malware classification; n-gram analysis; random projection evaluation; the curse of dimensionality; Accuracy; Data mining; Feature extraction; Malware; Mutual information; Support vector machines; Vectors; Computer security; Data mining; Feature extraction;
Conference_Titel :
Software Security and Reliability-Companion (SERE-C), 2013 IEEE 7th International Conference on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
978-1-4799-2924-5
DOI :
10.1109/SERE-C.2013.29
