Dynamic and System Agnostic Malware Detection Via Machine Learning

Date
2018-01-01
Authors
Sgroi, Michael
Jacobson, Doug
Major Professor
Doug Jacobson
Advisor
Committee Member
Journal Title
Journal ISSN
Volume Title
Publisher
Altmetrics
Authors
Research Projects
Organizational Units
Journal Issue
Series
Department
Electrical and Computer Engineering
Abstract

This paper discusses malware detection in personal computers. Current malware detection solutions are static. Antiviruses rely on lists of malicious signatures that are then used in file scanning. These antiviruses are also very dependent on the operating system, requiring different solutions for different systems. This paper presents a solution that detects malware based on runtime attributes. It also emphasizes that these attributes are easily accessible and fairly generic meaning that it functions across systems and without specialized information. The attributes are used in a machine learning system that makes it flexible for retraining if necessary, but capable of handling new variants without needing to modify the solution. It can also be run quickly which allows for detection to be achieved before the malware gets too far.

Comments
Description
Keywords
Citation
DOI
Source