Abstract
Over the past decades, the amount of malware has rapidly increased. Malware detection becomes one of most mission critical security problems as its threats spread from personal computers to cloud server. Some researchers have proposed machine learning methods which can detect malware variants by searching the similarities between malware and its variants. However, the large search space causes large time cost and memory space occupation. To reduce the search space while retaining the accuracy, we firstly propose to convert malware into global opcode matrix which is based on 2-tuple opcodes, and then cluster the opcode matrixes to patterns. We can easily recognize the malware variants by searching the similarities with the patterns. The experiments demonstrate that our approach is more efficient than the state-of-art approaches in time cost, memory space occupation and accuracy.
Author supplied keywords
Cite
CITATION STYLE
Niu, Z., Qin, Z., Zhang, J., & Yin, H. (2017). Malware variants detection using density based spatial clustering with global opcode matrix. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10658 LNCS, pp. 757–766). Springer Verlag. https://doi.org/10.1007/978-3-319-72395-2_67
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
