Abstract
Malware classification is a vital in combating the malware. Malware classification system is important and work together with malware identification to prepare the right and effective antidote for malware. Current techniques in malware classification do not give a good classification result when it deals with the new and unique types of malware. For this reason, we proposed the usage of Genetic Algorithm to optimize the malware classification system as well as help in malware prediction. The new malware classification system is based on malware target and its operation behavior. The result from this study will create a new framework that designed to optimize the classification of malware. This new malware classification system also has an ability to train and learn by itself, so that it can predict the current and upcoming trend of malware attack.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Gheorghescu, M.: An Automated Virus Classification System. In: Virus Bulletin Conference Microsoft (2005)
Aycock, J.: Computer Virus and Malware. Springer, Heidelberg (2006)
Filiol, E.: Viruses and Malware. In: Handbook of Information and Communication Security, pp. 747–769. Springer, Heidelberg (2010)
Rieck, K., Holz, T., Willems, C., Düssel, P., Laskov, P.: Learning and Classification of Malware Behavior. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 108–125. Springer, Heidelberg (2008)
Apel, M., Bockermann, C., Meier, M.: Measuring Similarity of Malware Behavior. In: The 34th Annual IEEE Conference on Local Computer Networks, pp. 891–898. IEEE Press, Zurich (2009)
Preda, M., Christodorescu, M., Jha, S., Debray, S.: A Semantics-Based Approach to Malware Detection. Journal of Transactions on Programming Languages and Systems 30(5) (2007)
Szor, P.: The Art of Computer Virus Research and Defense. Symantec Press, Addison-Wesley Professional (2005)
Noreen, S., Murtaza, S., Shafiq, M., Farooq, M.: Evolvable Malware. In: Proceedings of the 11th Annual Conference on Genetic and Evolutionary Computation, pp. 1569–1576. ACM, New York (2009)
Martignoni, L., Paleari, R., Bruschi, D.: A Framework for Behavior-Based Malware Analysis in the Cloud. In: Prakash, A., Sen Gupta, I. (eds.) ICISS 2009. LNCS, vol. 5905, pp. 178–192. Springer, Heidelberg (2009)
Bayer, U., Habibi, I., Balzarotti, D., Kirda, E., Kruegel, C.: A View on Current Malware Behaviors. In: Proceedings of the 2nd USENIX Conference on Large-scale Exploits and Emergent Threats, USENIX, USA (2009)
Mehdi, S., Tanwani, A., Farooq, M.: IMAD: In-execution Malware Analysis and Detection. In: Proceedings of the 11th Annual Conference on Genetic and Evolutionary Computation. ACM, New York (2009)
Zolkipli, M.F., Jantan, A.: Malware Behavior Analysis: Learning and Understanding Current Malware Threats. In: Second International Conference on Network Applications, Protocols and Services, pp. 218–221. IEEE Press, Kedah (2010)
Edge, K., Lamont, G., Raines, R.: A Retrovirus Inspired Algorithm for Virus Detection and Optimization. In: Proceedings of the 8th Annual Conference on Genetic and Evolutionary Computation, pp. 103–110. ACM, New York (2006)
Zhao, H., Xu, M., Zheng, N., Yao, J., Ho, Q.: Malicious Executable Classification Based on Behavioral Factor Analysis. In: Proceedings of the 2010 International Conference on e-Education, e-Business, e-Management and e-Learning, pp. 502–506. IEEE Press, Sanya (2010)
Zolkipli, M.F., Jantan, A.: A Framework for Malware Detection Using Combination Technique and Signature Generation. In: Proceedings of the Second International Conference on Computer Research and Development, pp. 196–199. IEEE Press, Kuala Lumpur (2010)
Panda Security Lab. One third of existing computer viruses were created in (January-October 2010) Panda, http://www.channeltimes.com/story/one-third-of-existing-computer-viruses-were-created-upto-october-2010-panda/
F-Secure IT Threats Security Summary, http://www.f-secure.com/en_EMEA-Labs/news-info/threat-summaries/
McAfee Labs, Malware Is Their Business…and Business Is Good, http://blogs.mcafee.com/mcafee-labs/malware-is-their-businessand-business-is-good
Kaspersky Security Bulletin. Malware Evolution (2010), http://www.securelist.com/en/analysis/204792161/Kaspersky_Security_Bulletin_Malware_Evolution_2010
Sophos – Security Threats Report: Mid-Year (2010), http://www.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-midyear-2010-wpna.pdf
Cyber War - Much Ado about Nothing or the Real Deal? http://www.invincea.com/blog/2010/07/cyber-war-much-ado-about-nothing-or-the-real-deal/
G-Data - Number of New Computer Viruses at Record High, http://www.gdatasoftware.co.uk/about-g-data/press-centre/news/news-details/article/1760-number-of-new-computer-viruses.html
ESET Threat Center, http://www.eset.com/us/threat-center
Vinod, P., Laxmi, V., Gaur, M.S.: Survey on Malware Detection Methods. In: Proceedings of the 3rd Hackers’ Workshop on Computer and Internet Security, IITK, Kanpur, India (2009)
Zhang, Q., Reeves, D.: MetaAware: Identifying Metamorphic Malware. In: Twenty-Third Annual Computer Security Applications Conference, pp. 411–420. IEEE Press, Miami Beach (2007)
Han, S., Lee, K., Lee, S.: Packed PE File Detection for Malware Forensics. In: 2nd International Conference on Computer Science and its Applications, CSA, Korea (2009)
Alazab, M., Venkataraman, S., Watters, P.: Towards Understanding Malware Behavior by the Extraction of API Calls. In: Second Cybercrime and Trustworthy Computing Workshop, pp. 52–59. IEEE Press, Ballarat (2010)
Desfossez, J., Dieppedale, J., Girard, G.: Stealth Malware Analysis from Kernel Space With Kolumbo. Journal of Computer Virology 7(1), 83–93 (2011)
Liu, L., Chen, S.: Malyzer: Defeating Anti-detection for Application-Level Malware Analysis. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 201–218. Springer, Heidelberg (2009)
Lau, B., Svajcer, V.: Measuring Virtual Machine Detection in Malware Using DSD Tracer. Journal of Computer Virology 6(3), 181–195 (2010)
Daewon, K., Ikkyun, K., Jintae, O., Jongsoo, J.: Behavior-Based Tracer to Monitor Malicious Features of Unknown Executable File. In: Fifth International Multi-Conference on Computing in the Global Information Technology, IEEE Press, Spain (2010)
Wang, C., Pang, J., Zhao, R., Fu, W., Liu, X.: Malware Detection Based on Suspicious Behavior Identification. In: First International Workshop on Education Technology and Computer Science, pp. 198–202. IEEE Press, Wuhan (2009)
Farid, D.M., Harbi, N., Rahman, M.Z.: Combining Naive Bayes and Decision Tree for Adaptive Intrusion Detection. International Journal of Network Security & Its Applications 2(2), 12–25 (2010); arXiv.org
Mezghani, D., Boujelbene, S., Ellouze, N.: Evaluation of SVM Kernels and Conventional Machine Learning Algorithms for Speaker Identification. International Journal of Hybrid Information Technology 3(3), 23–34 (2010)
Komashinskiy, D., Kotenko, I.: Malware Detection by Data Mining Techniques Based on Positionally Dependent Features. In: Proceedings of the 2010 18th Euromicro Conference on Parallel, Distributed and Network-based Processing, pp. 617–623. IEEE Press, USA (2010)
Hall, P., Park, B., Samworth, R.: Choice of Neighbor Order in Nearest-Neighbor Classification. Journal of the Institute of Mathematical Statistics 36(5), 2135–2152 (2008)
ThreatExpert - TrojanDropper:Win32, http://www.threatexpert.com/report.aspx?md5=045f8c12b349dafa8c0180a9237f5319
Cha, S.-H., Tappert, C.: A Genetic Algorithm for Constructing Compact Binary Decision Trees. Journal of Pattern Recognition Research 4(1), 1–13 (2009)
Windows XP Mode, http://www.microsoft.com/windows/windows-7/features/windows-xp-mode.aspx
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yusoff, M.N., Jantan, A. (2011). A Framework for Optimizing Malware Classification by Using Genetic Algorithm. In: Zain, J.M., Wan Mohd, W.M.b., El-Qawasmeh, E. (eds) Software Engineering and Computer Systems. ICSECS 2011. Communications in Computer and Information Science, vol 180. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22191-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-22191-0_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22190-3
Online ISBN: 978-3-642-22191-0
eBook Packages: Computer ScienceComputer Science (R0)