Title :
Application of PrefixSpan* Algorithm in Malware Detection Expert System
Author :
Wang, Lina ; Tan, Xiaobin ; Pan, Jianfeng ; Xi, Hongsheng
Author_Institution :
Dept. of Autom., Univ. of Sci. & Technol. of China, Hefei
Abstract :
Malware detection is an important application of data mining. Most of the previously developed sequential pattern mining methods are Apriori-like, which still encounters problems when a sequence database is large and/or when sequential patterns to be mined are numerous and/or long. So we need a novel sequential pattern mining method, called PrefixSpan*, which uses brief projection database in stead of projection database in PrefixSpan. In this paper, we propose a behavior-based detection system, which combines data mining and expert system technique to detect malware in our hosts. The PrefixSpan* algorithm mines association rules in the malware behavior sequence database to form malware behavior pattern database; the expert system matches facts and rules and gives the final result. To verify the correctness and effectiveness of our algorithm, we test and analyze some samples in the experiment section.
Keywords :
data mining; invasive software; PrefixSpan* algorithm; association rules; behavior-based detection system; data mining; malware behavior pattern database; malware behavior sequence database; malware detection expert system; projection database; sequential pattern mining; Algorithm design and analysis; Application software; Association rules; Data mining; Databases; Detectors; Educational technology; Event detection; Expert systems; Pattern matching; PrefixSpan* Algorithm; Projected database; malware detection; sequential Pattern Mining;
Conference_Titel :
Education Technology and Computer Science, 2009. ETCS '09. First International Workshop on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-1-4244-3581-4
DOI :
10.1109/ETCS.2009.629
