Next Article in Journal
An Effective Data Transmission Algorithm Based on Social Relationships in Opportunistic Mobile Social Networks
Previous Article in Journal
Time Series Forecasting Using a Two-Level Multi-Objective Genetic Algorithm: A Case Study of Maintenance Cost Data for Tunnel Fans
Open AccessArticle

A Simhash-Based Integrative Features Extraction Algorithm for Malware Detection

1
Electronic Countermeasures College, National University of Defense Technology, Hefei 230031, China
2
78092 troop of the PLA, Chengdu 610031, China
*
Author to whom correspondence should be addressed.
Algorithms 2018, 11(8), 124; https://doi.org/10.3390/a11080124
Received: 9 July 2018 / Revised: 31 July 2018 / Accepted: 3 August 2018 / Published: 14 August 2018
In the malware detection process, obfuscated malicious codes cannot be efficiently and accurately detected solely in the dynamic or static feature space. Aiming at this problem, an integrative feature extraction algorithm based on simhash was proposed, which combines the static information e.g., API (Application Programming Interface) calls and dynamic information (such as file, registry and network behaviors) of malicious samples to form integrative features. The experiment extracts the integrative features of some static information and dynamic information, and then compares the classification, time and obfuscated-detection performance of the static, dynamic and integrated features, respectively, by using several common machine learning algorithms. The results show that the integrative features have better time performance than the static features, and better classification performance than the dynamic features, and almost the same obfuscated-detection performance as the dynamic features. This algorithm can provide some support for feature extraction of malware detection. View Full-Text
Keywords: malware detection; simhash; feature extraction; integrative features; static analysis; dynamic analysis malware detection; simhash; feature extraction; integrative features; static analysis; dynamic analysis
Show Figures

Figure 1

MDPI and ACS Style

Li, Y.; Liu, F.; Du, Z.; Zhang, D. A Simhash-Based Integrative Features Extraction Algorithm for Malware Detection. Algorithms 2018, 11, 124.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop