Reputation Based Malware Detection Using Support Vector Machine
The idea behind this paper is to make faster predictions with low false positive rate in malware detection. We intend to create a trust level between computers on the network using a system of reputation score. Reputation score is employed to indicate health score of specific machine on the network. A machine with low reputation score indicates malicious machine and a machine with high reputation score indicates healthy machine. The files having source of a low reputation machine are discarded whereas files of machine with high reputation score are further processed by an open source sandbox and Support Vector Machine is employed on its behavioral log to identify the threat. If file is malicious then the source machine reputation score is decreased otherwise it is increased. The data is stored in a database as a machine address, reputation score mapping.
KeywordsDynamic analysis Machine learning algorithms Malware detection Static analysis Support vector machine User interface
- 1.Gavrilut, D., Cimpoesu, M., Anton, D., Ciortuz, L.: Malware detection using machine learning. In: Proceedings of the International Multiconference on Computer Science and Information Technology, pp. 735–741 (2009)Google Scholar
- 2.Singhal, P., Raul, N.: Malware detection module using machine learning algorithms to assist in centralized security in enterprise networks (2015)Google Scholar
- 4.Alazab, M., Venkatraman, S., Watters, P., Alazab, M.: Zero-day malware detection based on supervised learning algorithms of API call signatures. In: Proceedings of the 9-th Australasian Data Mining Conference, pp. 171–181 (2011)Google Scholar