Detecting malicious behaviour using supervised learning algorithms of the function calls Online publication date: Sat, 26-Jul-2014
by Mamoun Alazab; Sitalakshmi Venkatraman
International Journal of Electronic Security and Digital Forensics (IJESDF), Vol. 5, No. 2, 2013
Abstract: This paper describes our research in evaluating the use of supervised data mining algorithms for an effective detection of zero-day malware. Our aim is to design the tasks of certain popular types of supervised data mining algorithms for zero-day malware detection and compare their performance in terms of accuracy and efficiency. In this context, we propose and evaluate a novel method of employing such data mining techniques based on the frequency of Windows function calls. Our experimental investigations using large data sets to train the classifiers with a design tool to compare the performance of various data mining algorithms. Analysis of the results suggests the advantages of one data mining algorithm over the other for malware detection. Overall, data mining algorithms are employed with true positive rate as high as 98.5%, and low false positive rate of less than 0.025, indicating good applicability and future enhancements for detecting unknown and infected files with embedded stealthy malcode.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Electronic Security and Digital Forensics (IJESDF):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook