Sciweavers

GECCO
2009
Springer

Are evolutionary rule learning algorithms appropriate for malware detection?

14 years 6 months ago
Are evolutionary rule learning algorithms appropriate for malware detection?
In this paper, we evaluate the performance of ten well-known evolutionary and non-evolutionary rule learning algorithms. The comparative study is performed on a real-world classification problem of detecting malicious executables. The executable dataset, used in this study, consists of a total of 189 attributes which are statically extracted from the executables of Microsoft Windows operating system. In our study, we evaluate the performance of rule learning algorithms with respect to four metrics: (1) classification accuracy, (2) the number of rules in the developed rule set, (3) the comprehensibility of the generated rules, and (4) the processing overhead of the rule learning process. The results of our study highlight important shortcomings in evolutionary rule learning classifiers that render them infeasible for deployment in a real-world malware detection system. Categories and Subject Descriptors D.4.6 [Software]: Security and Protection—Invasive software General Terms Algo...
M. Zubair Shafiq, S. Momina Tabish, Muddassar Faro
Added 26 May 2010
Updated 26 May 2010
Type Conference
Year 2009
Where GECCO
Authors M. Zubair Shafiq, S. Momina Tabish, Muddassar Farooq
Comments (0)