DocumentCode
654084
Title
Using closed frequent sets to cluster malwares
Author
Sprague, Alan ; Rhodes, Adam ; Warner, Gary
Author_Institution
Dept. of Comput. & Inf. Sci., Univ. of Alabama at Birmingham, Birmingham, AL, USA
fYear
2013
fDate
Oct. 30 2013-Nov. 1 2013
Firstpage
1
Lastpage
4
Abstract
The static analysis of malwares at UAB starts with the receipt of about 5000 malwares each day. One of our goals is to cluster these malwares into families. Each malware is an executable. For processing, we represent each malware by the set of printable strings that it contains. A method we have pursued to cluster malwares into families starts with the data mining technique of generating frequent itemsets. It is difficult to generate frequent itemsets at low support thresholds, which is what our application demands. This paper discusses our successful efforts to overcome this barrier of low support threshold.
Keywords
data mining; invasive software; pattern clustering; program diagnostics; UAB; closed frequent sets; data mining technique; frequent itemset generation; malware clustering; printable strings; static analysis; Clustering algorithms; Data mining; Educational institutions; Electronic mail; Itemsets; Malware;
fLanguage
English
Publisher
ieee
Conference_Titel
Information, Communication and Automation Technologies (ICAT), 2013 XXIV International Symposium on
Conference_Location
Sarajevo
Type
conf
DOI
10.1109/ICAT.2013.6684043
Filename
6684043
Link To Document