Malware detection using augmented naive Bayes with domain knowledge and under presence of class noise

Ismahani Ismail; Muhammad Nadzir Marsono; Sulaiman Mohd Nor

首页> 外文期刊>International journal of information and computer security >Malware detection using augmented naive Bayes with domain knowledge and under presence of class noise

【24h】

Malware detection using augmented naive Bayes with domain knowledge and under presence of class noise

机译：使用具有领域知识且存在类噪声的增强朴素贝叶斯算法进行恶意软件检测

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Malicious software (malware) attacks on the internet are on the rise in frequency and sophistication. Malware detection based on its content can detect malware more accurate because it relies on screening the payload for known malware signatures. New malware variants still exhibit prevalent contents that can be detected by looking at fixed substrings especially when using n-grams and machine learning technique. This paper focuses on detecting malware based on content classification technique that is augmented with domain knowledge (Snort signatures) to abridge features set and improve detection accuracy. Using 15 days dataset, the generated naive Bayes model with domain knowledge using the most descriptive 91,127 features shows the lowest false negative (around 2%). However, the presence of class noise has a significant impact on the results, even for machine learning technique augmented with domain knowledge.

机译：互联网上的恶意软件（malware）攻击的频率和复杂程度都在上升。基于恶意软件内容的恶意软件检测可以更准确地检测恶意软件，因为它依赖于筛选有效负载以查找已知恶意软件签名。新的恶意软件变体仍显示出流行的内容，可以通过查看固定的子字符串来检测到这些内容，尤其是在使用n-gram和机器学习技术时。本文重点研究基于内容分类技术的恶意软件，该技术通过增强领域知识（Snort签名）来简化功能集并提高检测精度。使用15天的数据集，使用描述性最高的91,127个特征生成的具有领域知识的朴素贝叶斯模型显示出最低的假阴性（大约2％）。但是，即使对于使用领域知识增强的机器学习技术，类噪声的存在也会对结果产生重大影响。

著录项

来源
《International journal of information and computer security》 |2014年第2期|179-196|共18页
作者
Ismahani Ismail; Muhammad Nadzir Marsono; Sulaiman Mohd Nor;
展开▼
作者单位

Faculty of Electrical Engineering, Universiti Teknologi Malaysia, 81310, Johor Bahru, Malaysia;

Faculty of Electrical Engineering, Universiti Teknologi Malaysia, 81310, Johor Bahru, Malaysia;

Faculty of Electrical Engineering, Universiti Teknologi Malaysia, 81310, Johor Bahru, Malaysia;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
malware detection; feature classification; class noise; domain knowledge;

机译：恶意软件检测;特征分类;班级噪音;领域知识;

相似文献

外文文献
中文文献
专利

1. Stateless Malware Packet Detection by Incorporating Naive Bayes with Known Malware Signatures [J] . IsmahaniIsmail, SulaimanMohd Nor, Muhammad NadzirMarsono Applied computational intelligence and soft computing . 2014,第1期

机译：通过将朴素贝叶斯与已知恶意软件签名相结合来进行无状态恶意软件包检测
2. Stateless Malware Packet Detection by Incorporating Naive Bayes with Known Malware Signatures [J] . Ismahani Ismail, Sulaiman Mohd Nor, Muhammad Nadzir Marsono Applied computational intelligence and soft computing . 2014,第期

机译：通过将朴素贝叶斯与已知恶意软件签名相结合来进行无状态恶意软件包检测
3. Android malware detection method based on naive Bayes and permission correlation algorithm [J] . Fengjun Shang, Yalin Li, Xiaolin Deng, Cluster computing . 2018,第1期

机译：基于天真贝叶斯和许可相关算法的Android恶意软件检测方法
4. An Efficient Detection of Malware by Naive Bayes Classifier Using GPGPU [C] . Sanjay K. Sahay, Mayank Chaudhari International Conference on Computer, Communication and Computational Sciences . 2019

机译：使用GPGPU的Naive Bayes分类器有效地检测恶意软件
5. Application of a Hidden Bayes Naive Multiclass Classifier in Network Intrusion Detection [D] . Koc, Levent. 2013

机译：隐藏式贝叶斯朴素多类分类器在网络入侵检测中的应用
6. Students learning style detection using tree augmented naive Bayes [O] . Ling Xiao Li, Siti Soraya Abdul Rahman 2018

机译：使用树型增强朴素贝叶斯的学生学习风格检测
7. An Efficient Detection of Malware by Naive Bayes Classifier Using GPGPU [O] . Sanjay K. Sahay, Mayank Chaudhari 2019

机译：使用GPGPU的Naive Bayes分类器有效地检测恶意软件

Malware detection using augmented naive Bayes with domain knowledge and under presence of class noise

摘要

著录项

相似文献

相关主题

期刊订阅