Mojtaba Eskandari and Hooman Raesi Frequent sub-graph mining for intelligent malware detection Security and Communication Networks 7
This paper proposes a new feature set in order to increase detection rate of malicious executables. The proposed approach, which uses frequent sub-graph extraction technique on control flow graphs in order to model programming style of each executable file, maintains the following merits: (i) no need to execute a given file; (ii) categorising malicious samples in order to generate semantic signatures for each category; (iii) extracting frequent code blocks used for each specific type of malware; and (iv) can be applied as feature extractor module in a malware detection system. Experimental results show that it can employ various classifiers.
Complete the form below and we will send an e-mail message containing a link to the selected article on your behalf