Malicious Detection Based on ReliefF and Boosting Multidimensional Features

Yang Xia Luo
<span title="">2015</span> <i title="Engineering and Technology Publishing"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/x35svotye5crdo2d6qzxuyyq7m" style="color: black;">Journal of Communications</a> </i> &nbsp;
Abstract-Aiming at the problem of large overhead and low accuracy on the identification of obfuscated and malicious code, a new algorithm is proposed to detect malicious code by identifying multidimensional features based on ReliefF and Boosting techniques. After a disassembly analysis and static analysis for the clustered malicious code families, the algorithm extracts features from four dimensions: two static properties (operation code sequences and bytecode sequence) and two features
more &raquo; ... call graph and function call graph) which combines the semantic features to reflect the behaviour characteristic of the malware, and then selects important feature vectors based on Relief. Finally, ensemble learning is carried out, and the decision result is boosted based on weighted voting according to accuracy for a different feature analysis. It has been proven by experiment and comparison that the algorithms have a much higher accuracy of the testing dataset with low overhead.
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.12720/jcm.10.11.910-917">doi:10.12720/jcm.10.11.910-917</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/dgrfigycrjgwjpf6g2wtt4vxg4">fatcat:dgrfigycrjgwjpf6g2wtt4vxg4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20190222003254/http://pdfs.semanticscholar.org/313c/2df41a9105405610aadd6e14f5926a63a7b7.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/31/3c/313c2df41a9105405610aadd6e14f5926a63a7b7.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.12720/jcm.10.11.910-917"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="unlock alternate icon" style="background-color: #fb971f;"></i> Publisher / doi.org </button> </a>