Abstract
In recent years, millions of new malicious programs are produced by Pa mature industry of malware production. These programs have tremendous challenges on the signature-based anti-virus products and pose great threats on network and information security. Machine learning techniques are applicable for detecting unknown malicious programs without knowing their signatures. In this paper, a Layered Detection (LD) method is developed to detect malwares with a two-layer framework. The Low-Level-Classifiers (LLC) are employed to identify whether the programs perform any malicious functions according to the API-calls of the programs. The Up-level-Classifier (ULC) is applied to detect malwares according to the low level function identification. The LD method is compared with many classical classification algorithms with comprehensive test datasets containing 16135 malwares and 1800 benign programs. The experiments demonstrate that the LD method outperforms other algorithms in terms of detection accuracy. © 2011 IFIP International Federation for Information Processing.
Author supplied keywords
Cite
CITATION STYLE
Liu, T., Guan, X., Qu, Y., & Sun, Y. (2011). A layered detection method for Malware identification. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6985 LNCS, pp. 166–175). https://doi.org/10.1007/978-3-642-24403-2_14
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
