A static detection method for malware with low false positive rate for packed benign software

Jikai He; Jianguo Yu; Zheng Song

doi:10.1117/12.2639229

15 July 2022 A static detection method for malware with low false positive rate for packed benign software

Jikai He, Jianguo Yu, Zheng Song

Proceedings Volume 12258, International Conference on Neural Networks, Information, and Communication Engineering (NNICE 2022); 122581A (2022) https://doi.org/10.1117/12.2639229
Event: International Conference on Neural Networks, Information, and Communication Engineering (NNICE 2022), 2022, Qingdao, China

Abstract

Packing technology is commonly used in malicious software. With the increasing awareness of software publishers on their own intellectual property protection, the phenomenon of packing benign software is becoming more and more common. This phenomenon leads to a high false positive rate in traditional machine learning-based malware identification results. Traditional researches on malware detection based on machine learning focus on improving the identification accuracy of malware, and there are few researches on reducing the false positive rate. This article focuses on this issue. We select the data set that labels whether benign software is packed or not, and use a variety of machine learning algorithms to conduct experiments. Finally, we obtain the method with the lowest false positive rate. The experimental results show that the comprehensive index of the Extra-Trees algorithm is optimal.

Citation Download Citation

Jikai He, Jianguo Yu, and Zheng Song "A static detection method for malware with low false positive rate for packed benign software", Proc. SPIE 12258, International Conference on Neural Networks, Information, and Communication Engineering (NNICE 2022), 122581A (15 July 2022); https://doi.org/10.1117/12.2639229

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members: $17.00

Non-members: $21.00 ADD TO CART

PROCEEDINGS
4 PAGES

DOWNLOAD PAPER SAVE TO MY LIBRARY

GET CITATION

RIGHTS & PERMISSIONS

Get copyright permission Get copyright permission on Copyright Marketplace

KEYWORDS

Machine learning

Network security

Software development

Target detection

Viruses

RELATED CONTENT

Adversarial example generation using object detection
Proceedings of SPIE (October 19 2022)

High-performance malicious program classification and identification model
Proceedings of SPIE (October 19 2022)

Power Internet of Things traffic classification system based on reinforcement...
Proceedings of SPIE (June 26 2023)

Text motifs classifying influential individuals and follower networks with...
Proceedings of SPIE (April 27 2018)

Software smell detection based on machine learning and its empirical...
Proceedings of SPIE (January 31 2020)

Personal privacy, information assurance, and the threat posed by malware...
Proceedings of SPIE (April 18 2006)

Using simulation and virtual machines to identify information assurance requirements
Proceedings of SPIE (April 30 2010)

Subscribe to Digital Library

Receive Erratum Email Alert

Keywords/Phrases

Search In:

Publication Years