SVM Training Phase Reduction Using Dataset Feature Filtering for Malware Detection
- Authors
- O'Kane, Philip; Sezer, Sakir; McLaughlin, Kieran; Im, Eul Gyu
- Issue Date
- Mar-2013
- Publisher
- Institute of Electrical and Electronics Engineers
- Keywords
- KNN; metamorphism malware; obfuscation; packers; polymorphism; SVM
- Citation
- IEEE Transactions on Information Forensics and Security, v.8, no.3, pp 500 - 509
- Pages
- 10
- Indexed
- SCIE
SCOPUS
- Journal Title
- IEEE Transactions on Information Forensics and Security
- Volume
- 8
- Number
- 3
- Start Page
- 500
- End Page
- 509
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/163277
- DOI
- 10.1109/TIFS.2013.2242890
- ISSN
- 1556-6013
1556-6021
- Abstract
- N-gram analysis is an approach that investigates the structure of a program using bytes, characters, or text strings. A key issue with N-gram analysis is feature selection amidst the explosion of features that occurs when N is increased. The experiments within this paper represent programs as operational code (opcode) density histograms gained through dynamic analysis. A support vector machine is used to create a reference model, which is used to evaluate two methods of feature reduction, which are "area of intersect" and "subspace analysis using eigenvectors." The findings show that the relationships between features are complex and simple statistics filtering approaches do not provide a viable approach. However, eigenvector subspace analysis produces a suitable filter.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.