Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
KDD
2009
ACM
2009
ACM
Malware detection using statistical analysis of byte-level file content
Commercial anti-virus software are unable to provide protection against newly launched (a.k.a “zero-day”) malware. In this paper, we propose a novel malware detection technique which is based on the analysis of byte-level file content. The novelty of our approach, compared with existing content based mining schemes, is that it does not memorize specific byte-sequences or strings appearing in the actual file content. Our technique is non-signature based and therefore has the potential to detect previously unknown and zero-day malware. We compute a wide range of statistical and information-theoretic features in a block-wise manner to quantify the byte-level file content. We leverage standard data mining algorithms to classify the file content of every block as normal or potentially malicious. Finally, we correlate the block-wise classification results of a given file to categorize it as benign or malware. Since the proposed scheme operates at the byte-level file content; the...
Real-time Traffic| Added | 26 Jul 2010 |
| Updated | 26 Jul 2010 |
| Type | Conference |
| Year | 2009 |
| Where | KDD |
| Authors | S. Momina Tabish, M. Zubair Shafiq, Muddassar Farooq |
Comments (0)
Researcher Info
|
