Application of Hybrid Machine Learning to Detect and Remove Malware
Journal Title: Transactions on Machine Learning and Artificial Intelligence - Year 2015, Vol 3, Issue 4
Abstract
Anti-malware software traditionally employ methods of signature-based and heuristic-based detection. These detection systems need to be manually updated with new behaviors to detect new, unknown, or adapted malware. Our goal is to create a new malware detection solution that will serve three purposes: to automatically identify and classify unknown files on a spectrum of malware severity; to introduce a hybrid machine learning approach to detect modified malware traces; and to increase the accuracy of detection results. Our solution is accomplished through the use of data mining and machine learning concepts and algorithms. We perform two types of data mining on samples, extracting n-grams and PE features that are used for our machine learning environment. We also introduce a new hybrid learning approach that utilizes both supervised and unsupervised machine learning in a two-layer protocol. A supervised algorithm is applied to classify if a file is considered malware or benign. The files classified as malware will then be categorized and then assigned on a severity spectrum using the SOFM unsupervised algorithm.
Authors and Affiliations
Richard R. Yang, Victor Kang, Sami Albouq, Mohamed Zohdy
Keywords
Related Articles
- EP ID EP278831
- DOI 10.14738/tmlai.34.1436
- Views 62
- Downloads 0
Effects of Strengths of Steel and Concrete, Eccentricity and Bar Size on the Optimization of Eccentrically Loaded Footings
This paper aims to explore effects of the yield strength of steel, compressive strength of concrete, eccentricity of the axial load and steel bar size on the optimization of reinforced concrete isolated footings. The opt...
Wide Band Patch Antenna using Defect Ground Structure Optimizing by Genetic Algorithm
The patch antenna is widely used in our life for a lot of its strong points as a low cost, easy and simple fabricated structure, and a code characteristic in radiation profile. But the narrow bandwidth is, however, the m...
Optimizing Hadoop for Small File Management
HDFS is one of the most used distributed file systems, that offer a high availability and scalability on lowcost hardware. HDFS is delivered as the storage component of Hadoop framework. Coupled with map reduce, which is...
E-CLONALG: A classifier based on Clonal Selection Algorithm
This paper proposes an improved version of CLONALG, Clone Selection Algorithm based on Artificial Immune System(AIS), that matches with the conventional classifiers in terms of accuracy tested on the same data sets. Clon...
The Adept K-Nearest Neighbour Algorithm - An optimization to the Conventional K-Nearest Neighbour Algorithm
This research aims to study the efficiency of a well-known classification algorithm, K-Nearest Neighbour, and suggest a new classification method, an optimised version than one of the existing classification method. The...