Abstract
As the level of information technology continues to increase, information security problems caused by malware are becoming more and more serious. An important method to detect malware is to analyze software behavior information, such as permissions, API call sequences and system calls. In this paper, API call sequences are used as the research object for malware detection, and the traditional feature extraction methods are not ideal for API call sequences. In this paper, a TF-(IDF&ICF) feature extraction method is proposed by mathematical analysis, which combines document and category level features. Experiments show that using the feature extractor proposed in this paper, followed by training, the performance is improved in four different machine learning models, and the F1 can reach 0.979, while the system response time is significantly reduced, which has good practical value.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
