Abstract
The proliferation of malware and its variants have brought great challenges to malware detection. The traditional static analysis methods are complicated and consume a lot of human resource. Moreover, most of the current detection methods mainly focus on the single characteristic of malware. To address the above issues, this paper proposes an Ensemble Learning approach method to detect malwares based on static information. The image feature and entropy features are used separately to train two models. Besides, with the guidance of ensemble learning principle, the two models are combined and obtain better accuracy compared with each of two models. We conduct comprehensive experiments to evaluate the performance of our approach, the results show the effectiveness and efficiency.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kaspersky Security Bulletin 2019. Statistics [EB/OL]. https://go.kaspersky.com/rs/802-IJN-240/images/KSB_2019_Statistics_EN.pdf
Internet Security Threat Report [EB/OL]. https://docs.broadcom.com/doc/istr-24-2019-e
CrowdStrike Global Threat Report 2020 [EB/OL]. https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf
Nataraj, L., Karthikeyan, S., Jacob, G., et al.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, pp. 1–7 (2011)
Conti, G., Bratus, S.: Voyage of the reverser: a visual study of binary species. Black Hat USA (2010)
Jain, S., Meena, Y.K.: Byte level n–gram analysis for malware detection. In: Venugopal, K.R., Patnaik, L.M. (eds.) ICIP 2011. CCIS, vol. 157, pp. 51–59. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22786-8_6
Santos, I., Brezo, F., Ugarte-Pedrero, X., et al.: Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf. Sci. 231, 64–82 (2013)
Hu, X., Shin, K.G., Bhatkar, S., et al.: MutantX-S: scalable malware clustering based on static features. Presented as part of the 2013 USENIX Annual Technical Conference, pp. 187–198 (2013)
Yuxin, D., Siyi, Z.: Malware detection based on deep learning algorithm. Neural Comput. Appl. 31(2), 461–472 (2019)
Ahmadi, M., Ulyanov, D., Semenov, S., et al.: Novel feature extraction, selection and fusion for effective malware family classification. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pp. 183–194 (2016)
Sorokin, I.: Comparing files using structural entropy. J. Comput. Virol. 7(4), 259 (2011)
Lyda, R., Hamrock, J.: Using entropy analysis to find encrypted and packed malware. IEEE Secur. Priv. 5(2), 40–45 (2007)
Acknowledgement
The authors gratefully acknowledge The anonymous reviewers for their helpful Suggestions.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, L. et al. (2020). An Ensemble Learning Approach to Detect Malwares Based on Static Information. In: Qiu, M. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2020. Lecture Notes in Computer Science(), vol 12454. Springer, Cham. https://doi.org/10.1007/978-3-030-60248-2_47
Download citation
DOI: https://doi.org/10.1007/978-3-030-60248-2_47
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-60247-5
Online ISBN: 978-3-030-60248-2
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)