Abstract
Numerous attacks made by the malware have presented serious threats to the security of computer users. Unfortunately, along with the development of the malware writing techniques, the number of file samples that need to be analyzed is constantly increasing on a daily basis. An automatic and robust tool to analyze and classify the file samples is the need of the hour. In this paper, resting on the analysis of Windows API execution sequences called by PE files, we use associative classification and post-processing techniques for malware detection. Promising experimental results demonstrate that the accuracy and efficiency of our malware detection method outperform popular anti-virus scanners such as Norton AntiVirus and Dr. Web, as well as previous data mining based detection systems which employed Naïve Bayes, Support Vector Machine (SVM) and Decision Tree techniques. In particular, the post-processing techniques we adopt can greatly reduce the number of generated rules which make it easy for the human analysts to identify the useful ones.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
