It is inferred that the proposed malware detection system outperforms the existing malware detection systems. The performance of the proposed malware detection system is evaluated for accuracy of malware detection system and compared with the existing data mining based detection systems. The key novelty of the proposed malware detection system is the iterative learning process combined with the run-time monitoring of program execution behavior which makes this as a dynamic malware detection system. The number of generated rules is reduced, by removing the redundant rules, to make the malware analysis efficient. A minimal subset of API categories is monitored while maintaining high detection accuracy. Association mining based classification is used because it yields higher detection accuracy than previous data mining based detection systems which employed Naive Bayes, Support Vector Machine and Decision Tree techniques. This composite feature set is provided as an input to the malware detection system to raise the final alarm. The proposed malware detection system uses the Windows API call sequence. Most of the existing run-time malware detection methods use the information available in Windows Application Programming Interface (API) calls. Monitoring the behavior of program execution at run-time is widely used to differentiate benign and malicious processes executing in the host computer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |