Analysis of Feature Importance and Interpretation for Malware Classification
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Dong-Wook | - |
dc.contributor.author | Shin, Gun-Yoon | - |
dc.contributor.author | Han, Myung-Mook | - |
dc.date.available | 2020-10-20T00:59:36Z | - |
dc.date.created | 2020-10-12 | - |
dc.date.issued | 2020-09 | - |
dc.identifier.issn | 1546-2218 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/78328 | - |
dc.description.abstract | This study was conducted to enable prompt classification of malware, which was becoming increasingly sophisticated. To do this, we analyzed the important features of malware and the relative importance of selected features according to a learning model to assess how those important features were identified. Initially, the analysis features were extracted using Cuckoo Sandbox, an open-source malware analysis tool, then the features were divided into five categories using the extracted information. The 804 extracted features were reduced by 70% after selecting only the most suitable ones for malware classification using a learning model-based feature selection method called the recursive feature elimination. Next, these important features were analyzed. The level of contribution from each one was assessed by the Random Forest classifier method. The results showed that System call features were mostly allocated. At the end, it was possible to accurately identify the malware type using only 36 to 76 features for each of the four types of malware with the most analysis samples available. These were the Trojan, Adware, Downloader, and Backdoor malware. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | TECH SCIENCE PRESS | - |
dc.relation.isPartOf | CMC-COMPUTERS MATERIALS & CONTINUA | - |
dc.title | Analysis of Feature Importance and Interpretation for Malware Classification | - |
dc.type | Article | - |
dc.type.rims | ART | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000572868100002 | - |
dc.identifier.doi | 10.32604/cmc.2020.010933 | - |
dc.identifier.bibliographicCitation | CMC-COMPUTERS MATERIALS & CONTINUA, v.65, no.3, pp.1891 - 1904 | - |
dc.identifier.scopusid | 2-s2.0-85091876854 | - |
dc.citation.endPage | 1904 | - |
dc.citation.startPage | 1891 | - |
dc.citation.title | CMC-COMPUTERS MATERIALS & CONTINUA | - |
dc.citation.volume | 65 | - |
dc.citation.number | 3 | - |
dc.contributor.affiliatedAuthor | Kim, Dong-Wook | - |
dc.contributor.affiliatedAuthor | Shin, Gun-Yoon | - |
dc.contributor.affiliatedAuthor | Han, Myung-Mook | - |
dc.type.docType | Article | - |
dc.subject.keywordAuthor | Recursive feature elimination | - |
dc.subject.keywordAuthor | model interpretability | - |
dc.subject.keywordAuthor | feature importance | - |
dc.subject.keywordAuthor | malware classification | - |
dc.subject.keywordPlus | FEATURE-SELECTION | - |
dc.subject.keywordPlus | INFORMATION | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Materials Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Materials Science, Multidisciplinary | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
1342, Seongnam-daero, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea(13120)031-750-5114
COPYRIGHT 2020 Gachon University All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.