首页    期刊浏览 2024年11月23日 星期六
登录注册

文章基本信息

  • 标题:Comparative Analysis of Voting Schemes for Ensemble-based Malware Detection
  • 本地全文:下载
  • 作者:Raja Khurram Shahzad ; Niklas Lavesson
  • 期刊名称:Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
  • 印刷版ISSN:2093-5374
  • 电子版ISSN:2093-5382
  • 出版年度:2013
  • 卷号:4
  • 期号:1
  • 页码:98-117
  • 出版社:Innovative Information Science & Technology Research Group
  • 摘要:Malicious software (malware) represents a threat to the security and the privacy of computer users. Traditional signature-based and heuristic-based methods are inadequate for detecting some forms of malware. This paper presents a malware detection method based on supervised learning. The main contributions of the paper are two ensemble learning algorithms, two pre-processing techniques, and an empirical evaluation of the proposed algorithms. Sequences of operational codes are extracted as features from malware and benign files. These sequences are used to create three different data sets with different configurations. A set of learning algorithms is evaluated on the data sets. The predictions from the learning algorithms are combined by an ensemble algorithm. The predicted outcome of the ensemble algorithm is decided on the basis of voting. The experimental results show that the veto approach can accurately detect both novel and known malware instances with the higher recall in comparison to majority voting, however, the precision of the veto voting is lower than the majority voting. The veto voting is further extended as trust-based veto voting. A comparison of the majority voting, the veto voting, and the trust-based veto voting is performed. The experimental results indicate the suitability of each voting scheme for detecting a particular class of software. The experimental results for the composite F1-measure indicate that the majority voting is slightly better than the trusted veto voting while the trusted veto is significantly better than the veto classifier
  • 关键词:Malware detection; scareware; veto voting; feature extraction; classification; majority ; voting; ensemble; trust; malicious software
国家哲学社会科学文献中心版权所有