Structural features with nonnegative matrix factorization for metamorphic malware detection
نویسندگان
چکیده
Metamorphic malware is well known for evading signature-based detection by exploiting various code obfuscation techniques. Current metamorphic approaches require some prior knowledge during feature engineering stage to extract patterns and behaviors from malware. In this paper, we attempt complement extend previous techniques proposing a approach based on structure analysis using information theoretic measures statistical metrics with machine learning model. particular, compression ratio, entropy, Jaccard coefficient Chi-square tests are used as representations reveal the byte existing in binary file. Furthermore, Nonnegative Matrix Factorization, dimension can be reduced. The experimental results show hexadecimal representation effective Windows an accuracy rate F-score high 0.9972 0.9958, respectively. Whereas Linux morphed detection, statistic test shows 0.9878 0.9901, Overall, proposed technique of reduction useful detecting
منابع مشابه
Optimal Features for Metamorphic Malware Detection
Malware or malicious code intends to harm computer systems without the knowledge of system users. These malicious softwares are unknowingly installed by naive users while browsing the Internet. Once installed, the malware performs unintentional activities like (a) steal username, password; (b) install spy software to provide remote access to the attackers; (c) flood spam messages; (d) perform d...
متن کاملQuantized nonnegative matrix factorization
Even though Nonnegative Matrix Factorization (NMF) in its original form performs rank reduction and signal compaction implicitly, it does not explicitly consider storage or transmission constraints. We propose a Frobenius-norm Quantized Nonnegative Matrix Factorization algorithm that is 1) almost as precise as traditional NMF for decomposition ranks of interest (with in 1-4dB), 2) admits to pra...
متن کاملQuadratic nonnegative matrix factorization
In Nonnegative Matrix Factorization (NMF), a nonnegative matrix is approximated by a product of lower-rank factorizing matrices. Most NMF methods assume that each factorizing matrix appears only once in the approximation, thus the approximation is linear in the factorizing matrices. We present a new class of approximative NMF methods, called Quadratic Nonnegative Matrix Factorization (QNMF), wh...
متن کاملRandomized nonnegative matrix factorization
Nonnegative matrix factorization (NMF) is a powerful tool for data mining. However, the emergence of ‘big data’ has severely challenged our ability to compute this fundamental decomposition using deterministic algorithms. This paper presents a randomized hierarchical alternating least squares (HALS) algorithm to compute the NMF. By deriving a smaller matrix from the nonnegative input data, a mo...
متن کاملEfficient Nonnegative Matrix Factorization with Random Projections
The recent years have witnessed a surge of interests in Nonnegative Matrix Factorization (NMF) in data mining and machine learning fields. Despite its elegant theory and empirical success, one of the limitations of NMF based algorithms is that it needs to store the whole data matrix in the entire process, which requires expensive storage and computation costs when the data set is large and high...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computers & Security
سال: 2021
ISSN: ['0167-4048', '1872-6208']
DOI: https://doi.org/10.1016/j.cose.2021.102216