Reduction of Malicious Behavior Patterns Based on Attribute Order
In the field of malware study, the automatic generation of malicious behavior pattern based on system call trace is important to malware detection. This paper studied the generation of malicious behavior distinguishing pattern, and used attributes order reduction method to reduce the patterns. It gave the ordering rules based on mutual information and the size of pattern. After studying the quick reduction algorithm based on divide and conquer method, it improved the algorithm according to the characteristic of datasets. Finally, test results verifies that the improved algorithm can decrease the reduction time, the ordering method can obtain relatively good reduction results, and the classification result is relatively good.
Malware Malicious behavior Distinguishing Pattern Attributes Reduction Attribute Order
Xiaoyan Sun Ning Guo Yuefei Zhu
Zhengzhou Information Science and Technology Institute Zhengzhou, Henan, China Lanzhou University Lanzhou, Gansu, China
国际会议
厦门
英文
244-248
2010-10-29(万方平台首次上网日期,不代表论文的发表时间)