A Malware Detection Algorithm Based on Multi-view Fusion

Guo  Shanqing; Yu Qixia; Lin Fengbo; Wang Fengyu; Ban Tao

Chinese︱Feedback︱Save this page

• Elaborating Academic Views 　　　　 • Exchanging Innovative Ideas
• Protecting Intellectual Properties 　　• Fast Sharing Science Papers

Sponsored by the Center for Science and Technology Development of the Ministry of Education
Supervised by Ministry of Education of the People's Republic of China

Home > Papers

A Malware Detection Algorithm Based on Multi-view Fusion

Guo Shanqing 1 *,Yu Qixia 2,Lin Fengbo 2,Wang Fengyu 2,Ban Tao 3

1.Computer Science and Technology School,Shandong University, Jinan 250101

2.Computer Science and Technology School,Shandong University Jinan 250101

3.National Institute of Information and Communications Technology,Tokyo 184-8795

*Correspondence author

#Submitted by

Subject:

Funding: Doctoral Program of Higher Education （No.No. 20090131120009）

Opened online:10 January 2013

Accepted by: none

Citation: Guo Shanqing,Yu Qixia,Lin Fengbo.A Malware Detection Algorithm Based on Multi-view Fusion[OL]. [10 January 2013] http://en.paper.edu.cn/en_releasepaper/content/4504580

One of the major problems concerning information assurance is malicious code. In order to detect them, many existing run-time intrusion or malware detection techniques utilize information available in Application Programming Interface (API) call sequences to discriminate between benign and malicious processes. Although some great progresses have been made, the new research results of ensemble learning make it possible to design better malware detection algorithm. This paper present a novel approach of detecting malwares using API call sequences. Basing on the fact that the API call sequences of a software show local property when doing network, file IO and other operations, we first divide the API call sequences of a malware into seven subsequences, and then use each subsequence to build a classification model. After these building models are used to classify software, their outputs are combined by using BKS and the final fusion results will be used to label whether a software is malicious or not. Experiments show that our algorithm can detect known malware effectively.

Keywords:Computer Network; Malware Detection; API Call Sequences; Multi-view Fusion; BKS Algorithm

For this paper

● PDF (0B)
● Revision 0 　　
● Print this paper
● Recommend this paper to a friend
● Add to my favorite list

Saved Papers

Please enter a name for this paper to be shown in your personalized Saved Papers list

Tags

Add yours

Related Papers

Statistics

PDF Downloaded	539
Bookmarked	0
Recommend	5
Comments	Array

Submit your papers

Alert Name:
Alerting to:
Authentication email will be sent to your email address in 24 hours
Frequency:
Email Message Format:	Plain text Graphical(HTML)

Complete the form below and we will recommend the selected titles to your friends on your behalf. * Indicates a required field.
Your name*:
Your email address*:
Recipient's name*:
Recipient's email address*:
(multiple recipient's names and email addresses should be separated with semicolons)
Your comments:	I thought you would find the page(s) useful.

Your name:
Your email address:
Recipient's name:
Recipient's email address:
(multiple recipient's names and email addresses should be separated with semicolons)
Your comments:	I thought you would find this page useful.

Disclaimer: This message was sent to your friend using the "Send it to a friend" facility on the Sciencepaper Online’ WWW site, http://www.paper.edu.cn/en. The Sciencepaper Online is not responsible for the content of this email, and anything said in this email does not necessarily reflect the Sciencepaper Online's views.

	Check out RSS, or use RSS reader to subscribe this item

Saved Papers