Ensemble-based Malware Detection with Different Voting Schemes

Authors

  • Landage JH PG Student, Sinhgad College of Engineering, India, Maharashtra, Pune-41
  • Wankhade MP Associate Professor, Sinhgad College of Engineering, India, Maharashtra, Pune-41

Keywords:

Data Mining, Ensemble, Feature Extraction, Feature selection, Machine learning, Malware detection, Majority voting, Trust, Veto Voting

Abstract

Now a day’s computer security is the field which attempts to keep information on the computer safe and secure. Security means permitting things you do want, while preventing things you don't want from happening. Malware represents a serious threat to security of computer system. Traditional anti-malware products use the signature-based, heuristic-based detection techniques to detect the malware. These techniques detect the known malware accurately but can't detect the new, unknown malware. This paper presents a malware detection system based on the data mining and machine learning technique. The proposed method consists of disassemble process, feature extraction process and feature selection process. Three classification algorithms are employed on dataset to generate and train the classifiers named as Ripper, C4.5, IBk. The ensemble method Voting is used to improve the accuracy of results. Here majority voting and veto voting are implemented; the expected output is decided on the basis of majority and veto voting. The decision strategy of veto is improved by introducing the trustbased veto voting. The results of majority voting, veto voting and trust-based veto voting are compared. The experimental results show that the trust-based veto voting can accurately detect known and unknown malware instances better than majority voting and can identify the benign files better than veto voting.

References

Asaf Shabtai, Robert Moskovitch, Clint Feher, Shlomi Dolev and Yuval Elovici. Detecting unknown malicious code by applying classification techniques on OpCode patterns, Security Informatics: A Springer open journal [Online], Available: http://www.securityinformatics.com/content/1/1/1, 2012.

CNET. Free Software Downloads, [Online], Available: http: //download. Cnet. Com, Nov-2013.

Imtithal A. Saeed, Ali Selamat, Ali M. A. Abuagoub. A Survey on Malware and Malware Detection Systems. International Journal of Computer Applications, (0975: 8887), Volume 67, No.16. (April-2013).

Jianqiang Shi, Gregor V. Bochhmann, Carlisle Adams. A trust model with statistical foundation, School of information technology and Engineering (SITE), System science, University of Ottawa.

J. R. Quinlan. C4.5: programs for machine learning. Morgan Kaufmann Publishers Inc, 1993.

Jyoti Landage, M.P. Wankhade. Malware and Malware Detection Techniques: A Survey. International Journal of Engineering Research and Technology (IJERT), Vol. 2 Issue 12, December-2013 ISSN: 2278-0181.

Jyoti Landage, M.P. Wankhade. Malware Detection with Different Voting Schemes, COMPUSOFT, An international journal of advanced computer technology (IJACT), Vol. 3 Issue 1, January- 2014, ISSN: 2320-0790.

Kirti Mathur, Saroj Hiranwal. A Survey on Techniques in Detection and Analyzing Malware Executables. International Journal of Advanced Research in Computer Science and Software Engineering, ISSN: 2277-128X, Volume 3, Issue 4, April 2013.

Matthew G. Schultz, Eleazar Eskin, Erez Zadok, and Salvatore J. Stolfo. Data Mining Methods for Detection of New Malicious Executables. In Proceedings of the Symposium on Security and Privacy, pp.38-49, 2001.

R. K. Shahzad and N. Lavesson. Detecting scareware by mining variable length instruction sequences. In Proceedings of the 10th Annual Information Security South Africa Conference (ISSA11), IEEE, Johannesburg, South Africa, pp.1-8, August 2011.

R. K. Shahzad, S. I. Haider, and N. Lavesson. Detection of spyware by mining executable files. In Proceedings of the 5th International

Conference on Availability, Reliability, and Security, IEEE Computer Society, pp.295-302, 2010.

R. K. Shahzad, N. Lavesson, H. Johnson. Accurate Adware Detection using Opcode Sequence Extraction., In Proceedings of the 6th International Conference on Availability,Reliability and Security (ARES11), Prague, Czech Republic, IEEE, pp.189-195, 2011.

R. K. Shahzad, Niklas Lavesson. Veto-based Malware Detection. In Proceedings of Seventh International Conference on Availability, Reliability and Security(ARES12), Prague, Czech Republic, IEEE, pp.47-54, 2012.

R. K. Shahzad, Niklas Lavesson. , Comparative Analysis of Voting Schemes for Ensemble-based Malware Detection. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, volume: 4, number: 1, pp. 98-117, 2012.

Robiah Y, Siti Rahayu S., Mohd Zaki M, Shahrin S., Faizal M. A., Marliza R., A New Generic Taxonomy on Hybrid Malware Detection Technique. International Journal of Computer Science and Information Security (IJCSIS), Vol. 5, No. 1, 2009.

Downloads

Published

2024-02-26

How to Cite

Landage, J. H., & Wankhade, M. P. (2024). Ensemble-based Malware Detection with Different Voting Schemes. COMPUSOFT: An International Journal of Advanced Computer Technology, 3(10), 1116–1123. Retrieved from https://ijact.in/index.php/j/article/view/197

Issue

Section

Original Research Article