Abstract
Constructing an efficient malware detection system requires taking into consideration two important aspects, which are the accuracy and the detection time. However, finding an appropriate balance between these two characteristics remains at this time a very challenging problem. In this paper, we present a real-time PE (Portable Executable) malware detection system, which is based on the analysis of the information stored in the PE-Optional Header fields (PEF). Our system used a combination of the Chi-square (KHI²) score and the Phi (φ) coefficient as feature selection method. We have evaluated our system using Rotation Forest classifier implemented in WEKA and we reached more than 97% of accuracy. Our system is able to categorize a file in 0.077 seconds, which makes it adequate for real-time detection of malware.
Author supplied keywords
Cite
CITATION STYLE
Belaoued, M., & Mazouzi, S. (2015). A real-time PE-malware detection system based on CHI-square test and PE-file features. In IFIP Advances in Information and Communication Technology (Vol. 456, pp. 416–425). Springer New York LLC. https://doi.org/10.1007/978-3-319-19578-0_34
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
