Application of Hybrid Machine Learning to Detect and Remove Malware
Journal Title: Transactions on Machine Learning and Artificial Intelligence - Year 2015, Vol 3, Issue 4
Abstract
Anti-malware software traditionally employ methods of signature-based and heuristic-based detection. These detection systems need to be manually updated with new behaviors to detect new, unknown, or adapted malware. Our goal is to create a new malware detection solution that will serve three purposes: to automatically identify and classify unknown files on a spectrum of malware severity; to introduce a hybrid machine learning approach to detect modified malware traces; and to increase the accuracy of detection results. Our solution is accomplished through the use of data mining and machine learning concepts and algorithms. We perform two types of data mining on samples, extracting n-grams and PE features that are used for our machine learning environment. We also introduce a new hybrid learning approach that utilizes both supervised and unsupervised machine learning in a two-layer protocol. A supervised algorithm is applied to classify if a file is considered malware or benign. The files classified as malware will then be categorized and then assigned on a severity spectrum using the SOFM unsupervised algorithm.
Authors and Affiliations
Richard R. Yang, Victor Kang, Sami Albouq, Mohamed Zohdy
Keywords
Related Articles
- EP ID EP278831
- DOI 10.14738/tmlai.34.1436
- Views 67
- Downloads 0
Dialogue Based Decision Making in Online Trading
Software agents, acting on behalf of humans, have been identified as an important solution for future electronic markets. Such agents can make their own decisions based on given prior preferences and the market environme...
A Model Driven Approach for Modeling and Generating PHP CodeIgniter based Applicationspring
During the last decade, web development industry has grown exponentially. Models have been introduced as a solution to face the challenge of both business and technology changes. In this article, we present a Model Drive...
Migration of the Temporal RDB into Temporal ORDB including Bitemporal Data : Phases
This paper proposes an approach for migrating existing relational database (TRDB) according to SQL: 2011 standard into temporal object relational database (TORDB) including Bitemporal data. This is done with methods that...
Theory Of Dynamic Interactions: Synthesis
In this text, we carry out a brief summary of the Theory of Dynamic Interactions developed by the author in the new book: New Paradigm in Physics. Certain keys are provided to better understand the dynamic hypotheses pro...
Optimizing Hadoop for Small File Management
HDFS is one of the most used distributed file systems, that offer a high availability and scalability on lowcost hardware. HDFS is delivered as the storage component of Hadoop framework. Coupled with map reduce, which is...