Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/41898

Discovering Malware with Time Series Shapelets

File Size Format  
paper0749.pdf 2.63 MB Adobe PDF View/Open

Item Summary

Title:Discovering Malware with Time Series Shapelets
Authors:Patri, Om
Wojnowicz, Michael
Wolff, Matt
Keywords:Antivirus
Entropy Analysis
File Content
Malware
Shapelets
Date Issued:04 Jan 2017
Abstract:Malicious software (‘malware’) detection systems are usually signature-based and cannot stop attacks by malicious files they have never encountered. To stop these attacks, we need statistical learning approaches to identify root patterns behind execution of malware. We propose a machine learning approach for detection of malware from portable executable (PE) files. We create an ‘entropy time series’ representation of the content of each file, and then apply a unique time series classification method (called ‘shapelets’) for identifying malware. The shapelet-based approach picks up local discriminative features from the entropy signals. Our approach is file format agnostic, can deal with varying lengths in input instances, and provides fast classification. We evaluate our method on an industrial dataset containing thousands of executable files, and comparison with state-of-the-art methods illustrates the performance of our approach. This work is the first to use time series shapelets for malware detection and information security applications.
Pages/Duration:10 pages
URI/DOI:http://hdl.handle.net/10125/41898
ISBN:978-0-9981331-0-2
DOI:10.24251/HICSS.2017.734
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
https://creativecommons.org/licenses/by-nc-nd/4.0/
Appears in Collections: Deception, Digital Forensics, and Malware Minitrack


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

Items in ScholarSpace are protected by copyright, with all rights reserved, unless otherwise indicated.