Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Veto-based Malware Detection
Blekinge Institute of Technology, School of Computing.
Blekinge Institute of Technology, School of Computing.
2012 (English)Conference paper, Published paper (Refereed)
Abstract [en]

Malicious software (malware) represents a threat to the security and privacy of computer users. Traditional signature-based and heuristic-based methods are unsuccessful in detecting some forms of malware. This paper presents a malware detection approach based on supervised learning. The main contributions of the paper are an ensemble learning algorithm, two pre-processing techniques, and an empirical evaluation of the proposed algorithm. Sequences of operational codes are extracted as features from malware and benign files. These sequences are used to produce three different data sets with different configurations. A set of learning algorithms is evaluated on the data sets and the predictions are combined by the ensemble algorithm. The predicted output is decided on the basis of veto voting. The experimental results show that the approach can accurately detect both novel and known malware instances with higher recall in comparison to majority voting.

Place, publisher, year, edition, pages
Prague: IEEE Computer Society , 2012.
Keywords [en]
Malware, scareware, detection, veto voting, feature extraction, classification, majority voting, ensembles
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:bth-7087DOI: 10.1109/ARES.2012.85Local ID: oai:bth.se:forskinfoA439EF0C7155840AC1257AD000521D72OAI: oai:DiVA.org:bth-7087DiVA, id: diva2:834668
Conference
Seventh International Conference on Availability, Reliability and Security
Available from: 2012-12-12 Created: 2012-12-10 Last updated: 2018-01-11Bibliographically approved

Open Access in DiVA

fulltext(433 kB)556 downloads
File information
File name FULLTEXT01.pdfFile size 433 kBChecksum SHA-512
c8a5dfb5f1791d2d66942b5f517fe56e1a50ea3e8677dfac68bdf4cd4ca4ae30f105410bb848c4764d743e24e85cc156ed1378249c39449454837ba6f2f3b326
Type fulltextMimetype application/pdf

Other links

Publisher's full text

Authority records

Shahzad, Raja KhurramLavesson, Niklas

Search in DiVA

By author/editor
Shahzad, Raja KhurramLavesson, Niklas
By organisation
School of Computing
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 556 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 178 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf