Comparative Study of Supervised Learning Methods for Malware Analysis

Authors

  • Michał Kruczkowski
  • Ewa Niewiadomska-Szynkiewicz

DOI:

https://doi.org/10.26636/jtit.2014.4.1044

Keywords:

data classification, k-Nearest Neighbors, malware analysis, Naive Bayes, Support Vector Machine

Abstract

Malware is a software designed to disrupt or even damage computer system or do other unwanted actions. Nowadays, malware is a common threat of the World Wide Web. Anti-malware protection and intrusion detection can be significantly supported by a comprehensive and extensive analysis of data on the Web. The aim of such analysis is a classification of the collected data into two sets, i.e., normal and malicious data. In this paper the authors investigate the use of three supervised learning methods for data mining to support the malware detection. The results of applications of Support Vector Machine, Naive Bayes and k-Nearest Neighbors techniques to classification of the data taken from devices located in many units, organizations and monitoring systems serviced by CERT Poland are described. The performance of all methods is compared and discussed. The results of performed experiments show that the supervised learning algorithms method can be successfully used to computer data analysis, and can support computer emergency response teams in threats detection.

Downloads

Download data is not yet available.

Downloads

Published

2014-12-30

Issue

Section

ARTICLES FROM THIS ISSUE

How to Cite

[1]
M. Kruczkowski and E. Niewiadomska-Szynkiewicz, “Comparative Study of Supervised Learning Methods for Malware Analysis”, JTIT, vol. 58, no. 4, pp. 24–33, Dec. 2014, doi: 10.26636/jtit.2014.4.1044.

Most read articles by the same author(s)

1 2 > >>