A new method of fuzzy patches construction in Neuro-Fuzzy for malware detection

Shalaginov, Andrii; Franke, Katrin

doi:10.2991/ifsa-eusflat-15.2015.27

Cited by 8 publications

(8 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Both datasets in [5], [22] are relatively small in scale. [4], [21], [33] explored the application of the neuro-fuzzy approach with static features to detect Android malware and to classify Windows malware, during which a variational procedure is adopted to better fuzzify the features. Although [33] reported the application of the fuzzy system to a large dataset (ten repositories from Virus Share, over 130K malware samples), the overall classification accuracy is relatively low compared with non-fuzzy methods such as random forest.…”

Section: Classifiers For Malware Classificationmentioning

confidence: 99%

“…Fuzzy rules, which has been widely applied in cybernetics [34]- [36], malware detection [21] as well as classification [33], [37], [38], is one of the most representative fuzzy based classifiers. For a feature vector…”

Section: Classifiers For Malware Classificationmentioning

confidence: 99%

“…A large family of fuzzy decision-makers such as fuzzy clustering [17], [18], fuzzy support vector machine [19] and fuzzy decision tree [5], [20], have been proved to be effective in a range of data analysis challenges. There have been some applications of fuzzy systems to malware detection and classification [4], [5], [21], [22]. The fuzzy philosophy can be reflected in the feature extraction module and the classification module, both of which are indispensable elements in a malware analysis system, since the raw input is usually a binary file that cannot be processed directly.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Large-Scale Malicious Software Classification With Fuzzified Features and Boosted Fuzzy Random Forest

Wang

Liew

et al. 2021

IEEE Trans. Fuzzy Syst.

View full text Add to dashboard Cite

Classification of malicious software, especially in a very large dataset, is a challenging task for machine intelligence. Malware can have highly diversified features, each of which has highly heterogeneous distributions. These factors increase the difficulties for traditional data analytic approaches to deal with them. Although deep learning-based methods have reported good classification performance, the deep models usually lack interpretability and are fragile under adversarial attacks. To solve these problems, fuzzy systems have become a competitive candidate in malware analysis. In this paper, a new fuzzy-based approach is proposed for malware classification. We focused on portable executable files in the Windows platform and analyzed the distributions of static features and content-oriented features. Fuzzification was used to reduce the ubiquitous impact of noise and outliers in a very large dataset. Finally, a novel boosted classifier consisted of fuzzy decision trees and support vector machine is proposed to perform the malware classification. By using fuzzy decision trees, the inner structure of the classifier can be readily interpreted as discriminative rules, while the novel boosting strategy provides state-of-the-art classification performance. Extensive experimental results showed that our method significantly outperformed several state-of-the-art classifiers.

show abstract

Section: Classifiers For Malware Classificationmentioning

confidence: 99%

Section: Classifiers For Malware Classificationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Large-Scale Malicious Software Classification With Fuzzified Features and Boosted Fuzzy Random Forest

Wang

Liew

et al. 2021

IEEE Trans. Fuzzy Syst.

View full text Add to dashboard Cite

show abstract

“…Neuro-Fuzzy is a hybrid models that ensembles neural networks and fuzzy logic to create human-like linguistic rules using the power of neural networks. Neural network also known as artificial neural network is a network of simple elements which are based on the model of perceptron [65]. Perceptron implements previously chosen activation functions which take input signals and their weights and produces an output, usually in the range of [0, 1] or [−1, 1].…”

Section: Rule Basedmentioning

confidence: 99%

Machine Learning Aided Static Malware Analysis: A Survey and Tutorial

Shalaginov

Banin

Dehghantanha

et al. 2018

Advances in Information Security

Self Cite

View full text Add to dashboard Cite

Malware analysis and detection techniques have been evolving during the last decade as a reflection to development of different malware techniques to evade network-based and host-based security protections. The fast growth in variety and number of malware species made it very difficult for forensics investigators to provide an on time response. Therefore, Machine Learning (ML) aided malware analysis became a necessity to automate different aspects of static and dynamic malware investigation. We believe that machine learning aided static analysis can be used as a methodological approach in technical Cyber Threats Intelligence (CTI) rather than resource-consuming dynamic malware analysis that has been thoroughly studied before. In this paper, we address this research gap by conducting an in-depth survey of different machine learning methods for classification of static characteristics of 32-bit malicious Portable Executable (PE32) Windows files and develop taxonomy for better understanding of these techniques. Afterwards, we offer a tutorial on how different machine learning techniques can be utilized in extraction and analysis of a variety of static characteristic of PE binaries and evaluate accuracy and practical generalization of these techniques. Finally, the results of experimental

show abstract

“…However, much higher frequency in case of probabilist model suppresses less frequent cases, while fuzzy logic describes data independently from the frequency of its appearance, only taking into consideration its possibility as described before by Shalaginov et.al. [125].…”

Section: Quantitative Risk Analysismentioning

confidence: 99%