Malware detection with subspace learning-based one-class classification

Basit Öğe Kaydı
dc.contributor.authorAl-Khshali, Hasan H.
dc.contributor.authorIlyas, Muhammad
dc.contributor.authorSohrab, Fahad
dc.contributor.authorGabbouj, Moncef
dc.date.accessioned2024-07-08T07:50:36Z
dc.date.available2024-07-08T07:50:36Z
dc.date.issued2024en_US
dc.departmentEnstitüler, Lisansüstü Eğitim Enstitüsü, Elektrik ve Bilgisayar Mühendisliği Ana Bilim Dalıen_US
dc.description.abstractDetecting malware is crucial for ensuring the security of computer systems. Traditional machine learning models face challenges in effectively detecting malware, mainly due to the class imbalance problem, where the number of malware samples is significantly smaller than that of non-malware samples. Additionally, malware's dynamic and evolving nature, continuously altering its structure and tactics, presents a substantial challenge for conventional artificial intelligence algorithms, further complicating the detection task. In pursuing an optimized malware detection technique, researchers initially explored traditional machine learning algorithms, focusing on the features of Portable Executable (PE) file headers. However, the inherent issues, such as imbalanced datasets and the deceptive nature of malware, have raised concerns about the credibility of the attained results. This can result in misclassifying malware as non-malware, leading to security vulnerabilities. One-Class Classification (OCC) methods have emerged as a promising approach to improve the detection of unknown malware. However, traditional OCC approaches face the challenge of the curse of dimensionality. This research proposes adapting subspace learning-based OCC methods to overcome the curse of dimensionality and effectively handle the class imbalance problem. We propose a pipeline for detecting malware using methods that jointly optimize a subspace and data description for OCC. We evaluate the performance of various one-class classifiers on three different datasets. We observed that the subspace-learning-based OCC is a promising approach. Evaluating various classifiers on three datasets reveals promising results, with a True Positive Rate (TPR) of 100 % for subspace-learning-based OCC. The proposed pipeline can serve as a valuable tool for improving the security of computer systems by accurately detecting malware and protecting against potential attacks.en_US
dc.description.sponsorshipNSF-Business Finland Project AMALIA and Haltian’s Carbon Handprint Research Programen_US
dc.identifier.citationAl-Khshali, H. H., Ilyas, M., Sohrab, F., Gabbouj, M. (2024). Malware detection with subspace learning-based one-class classification. IEEE Access, 12, 81017-81029. 10.1109/ACCESS.2024.3409937en_US
dc.identifier.endpage81029en_US
dc.identifier.issn2169-3536
dc.identifier.scopus2-s2.0-85195415880
dc.identifier.scopusqualityQ1
dc.identifier.startpage81017en_US
dc.identifier.urihttps://hdl.handle.net/20.500.12939/4732
dc.identifier.volume12en_US
dc.identifier.wosWOS:001246136600001
dc.identifier.wosqualityQ2
dc.indekslendigikaynakWeb of Science
dc.indekslendigikaynakScopus
dc.institutionauthorAl-Khshali, Hasan H.
dc.institutionauthorIlyas, Muhammad
dc.language.isoen
dc.publisherInstitute of Electrical and Electronics Engineers Inc.en_US
dc.relation.ispartofIEEE Access
dc.relation.isversionof10.1109/ACCESS.2024.3409937en_US
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - İdari Personel ve Öğrencien_US
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.subjectGraph embeddingen_US
dc.subjectMachine learningen_US
dc.subjectMalwareen_US
dc.subjectOne-class classificationen_US
dc.subjectPortable executableen_US
dc.subjectSubspace support vector data descriptionen_US
dc.titleMalware detection with subspace learning-based one-class classification
dc.typeArticle

Dosyalar

Orijinal paket
Listeleniyor 1 - 1 / 1
Küçük Resim
Ä°sim:
Malware_Detection_With_Subspace_Learning-Based_One-Class_Classification.pdf
Boyut:
1.93 MB
Biçim:
Adobe Portable Document Format
Açıklama:
Tam Metin / Full Text
Ä°ndir
Lisans paketi
Listeleniyor 1 - 1 / 1
[ X ]
Ä°sim:
license.txt
Boyut:
1.44 KB
Biçim:
Item-specific license agreed upon to submission
Açıklama:
Ä°ndir

Koleksiyon

Scopus İndeksli Yayınlar Koleksiyonu
WoS İndeksli Yayınlar Koleksiyonu