Skip to main content
SpringerLink
Log in
Book cover

Computational Intelligence, Cyber Security and Computational Models pp 215–225Cite as

Comparative Study of Two- and Multi-Class-Classification-Based Detection of Malicious Executables Using Soft Computing Techniques on Exhaustive Feature Set

  • Conference paper
  • First Online:

  • 1520 Accesses

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 246))

Abstract

Detection of malware using soft computing methods has been explored extensively by many malware researchers to enable fast and infallible detection of newly released malware. In this work, we did a comparative study of two- and multi-class-classification-based detection of malicious executables using soft computing techniques on exhaustive feature set. During this comparative study, a rigorous analysis of static features, extracted from benign and malicious files, was conducted. For the analysis purpose, a generic framework was devised and is presented in this paper. Reference dataset (RDS) from National software reference library (NSRL) was explored in this study as a mean for filtering out benign files during analysis. Finally, through well-corroborated experiments, it is shown that AdaBoost, when combined with algorithms such as C4.5 and random forest with two-class classification, outperforms many other soft-computing-based techniques.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   299.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   379.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. M. Christodorescu and S. Jha. Testing malware detectors. In Proceedings of the International Symposium on Software Testing and Analysis, July 2004.

    Google Scholar 

  2. G. McGraw and G. Morrisett. Attacking malicious code: A report to the infosec research council. IEEE Software, 17(5):33–44, 2000.

    Google Scholar 

  3. A. Vasudevan and R. Yerraballi. Spike: Engineering malware analysis tools using unobtrusive binary-instrumentation. In Proceedings of the 29th Australasian Computer Science Conference, pages 311–320, 2006.

    Google Scholar 

  4. F. Veldman, “Heuristic Anti-Virus Technology”, International Virus Bulletin Conference, pp.67–76, USA, 1993.

    Google Scholar 

  5. J. Munro, “Antivirus Research and Detection Techniques”, Antivirus Research and Detection Techniques, ExtremeTech, 2002, available at http://www.extremetech.com/article2/0,2845,367051,00.asp.

  6. M. G. Schultz, E. Eskin, E. Zadok, and S. J. Stolfo. Data mining methods for detection of new malicious executables. In Proceedings of the 2001 IEEE Symposium on Security and Privacy (S&P’01), pages 38–49, May 2001

    Google Scholar 

  7. M. Zubair Shafiq, S. Momina Tabish, Fauzan Mirza, Muddassar Farooq. PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime. In Proceedings of the 2009 Recent Advances in Intrusion Detection (RAID) Symposium-Springer.

    Google Scholar 

  8. YanfangYe, D. Wang, T. Li, and D. Ye. IMDS: Intelligent Malware Detection System. In KDD ‘07: Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and Data Mining

    Google Scholar 

  9. Yanfang Ye, Dingding Wang, Tao Li, Dongyi Ye, Qingshan Jiang: An intelligent PE-malware detection system based on association mining. Journal in Computer Virology 4(4): 323–334 (2008)

    Google Scholar 

  10. Tzu-Yen Wang, Chin-Hsiung Wu, Chu-Cheng Hsieh, A Virus Prevention Model Based on Static Analysis and Data Mining Methods, IEEE 8th International Conference on Computer and Information Technology Workshops, 2008.

    Google Scholar 

  11. Feng Shaorong, Han Zhixue, An Incremental Associative Classification algorithm used for Malware Detection, 2nd International Conference on Future Computer and Communication (ICFCC), 2010.

    Google Scholar 

  12. A Sami, B Yadegari, H Rahimi, N Peiravian, S Hashemi and A Hamze, Malware Detection based on Mining API Calls, In Proceedings of the 2010 ACM Symposium on Applied Computing.

    Google Scholar 

  13. M. Siddiqui, M. C. Wang, and J. Lee, “Detecting trojans using data mining techniques.” in IMTIC, ser. Communications in Computer and Information Science, D. M. A. Hussain, A. Q. K. Rajput, B. S. Chowdhry, and Q. Gee, Eds., vol. 20. Springer, 2008, pp. 400–411

    Google Scholar 

  14. H. Khan, F. Mirza, and S. Khayam, “Determining malicious executable distinguishing attributes and low-complexity detection,” Journal in Computer Virology, pp. 1–11, 2010, 10.1007/s11416-010-0140-6. [Online]. Available: http://dx.doi.org/10.1007/s11416-010-0140-6

  15. VX Heaven http://vx.netlux.org

Download references

Author information

Authors and Affiliations

  1. PSG College of Technology, Coimbatore, India

    Shina Sheen, R. Karthik & R. Anitha

Authors
  1. Shina Sheen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. R. Karthik
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. R. Anitha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shina Sheen .

Editor information

Editors and Affiliations

  1. Applied Mathematics and Computational Sciences, PSG College of Technology, Coimbatore, Tamil Nadu, India

    G. Sai Sundara Krishnan

  2. Applied Mathematics and Computational Sciences, PSG College of Technology, Coimbatore, Tamil Nadu, India

    R. Anitha

  3. Applied Mathematics and Computational Sciences, PSG College of Technology, Coimbatore, Tamil Nadu, India

    R. S. Lekshmi

  4. Applied Mathematics and Computational Sciences, PSG College of Technology, Coimbatore, Tamil Nadu, India

    M. Senthil Kumar

  5. Department of Mathematics, Ryerson University, Toronto, Ontario, Canada

    Anthony Bonato

  6. University of Basque Country, Paseo Manuel De Lardizalbal 1, San Sebastian, Spain

    Manuel Graña

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer India

About this paper

Cite this paper

Sheen, S., Karthik, R., Anitha, R. (2014). Comparative Study of Two- and Multi-Class-Classification-Based Detection of Malicious Executables Using Soft Computing Techniques on Exhaustive Feature Set. In: Krishnan, G., Anitha, R., Lekshmi, R., Kumar, M., Bonato, A., Graña, M. (eds) Computational Intelligence, Cyber Security and Computational Models. Advances in Intelligent Systems and Computing, vol 246. Springer, New Delhi. https://doi.org/10.1007/978-81-322-1680-3_24

Download citation

  • DOI: https://doi.org/10.1007/978-81-322-1680-3_24

  • Published:

  • Publisher Name: Springer, New Delhi

  • Print ISBN: 978-81-322-1679-7

  • Online ISBN: 978-81-322-1680-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation