Classification of polymorphic virus based on integrated features

A Hamid, Isredza Rahmi and Subramaniam, Sharmila and Sutoyo, Edi and Abdullah, Zubaile (2018) Classification of polymorphic virus based on integrated features. International Journal on Advanced Science Engineering Information Technology, 8 (6). pp. 2577-2583. ISSN 2088-5334

[img] Text
AJ 2018 (816) Classification of polymorphic virus based on integrated features.pdf
Restricted to Registered users only

Download (718kB) | Request a copy


Standard virus classification relies on the use of virus function, which is a small number of bytes written in assembly language. The addressable problem with current malware intrusion detection and prevention system is having difficulties in detecting unknown and multipath polymorphic computer virus solely based on either static or dynamic features. Thus, this paper presents a classification of polymorphic virus based on integrated features. The integrated feature is selected based on Information Gain rank value between static and dynamic features. Then, all datasets are tested on Naïve Bayes and Random Forest classifiers. We extracted 49 features from 700 polymorphic computer virus samples from Netherland Net Lab and VXHeaven, which includes benign and polymorphic virus function. We spilt the dataset based on 60% for training and 40% for testing. The performance metric of accuracy value, receiver operating characteristic and mean absolute error are compared between two algorithms in the experiment of static, dynamic and integrated features. Our proposed integrated features manage to achieve 98.5% of accuracy value using highest rank feature selection.

Item Type: Article
Uncontrolled Keywords: Classification; Polymorphic Virus; Integrated Features.
Subjects: T Technology > T Technology (General)
Q Science > QA Mathematics > QA71-90 Instruments and machines
Divisions: Faculty of Computer Science and Information Technology > Department of Information Security
Depositing User: UiTM Student Praktikal
Date Deposited: 03 Jan 2022 06:07
Last Modified: 03 Jan 2022 06:07

Actions (login required)

View Item View Item