By Topic

Malware Detection via Classifying with Compression

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Tao Gong ; Dept. of Autom., Univ. of Sci. & Technol. of China, Hefei, China ; Xiaobin Tan ; Ming Zhu

The proliferation of malware has been causing great harm to computer and information systems. Traditional signature-based approaches fail to detect obfuscated malware and unknown malware. We present a preliminary study on classifying with compression of program instructions for malware detection. The code structure information was utilized to compress. The disassembled code is converted to its intermediate representation. We extract the opcode to form the stream for prediction by partial matching (PPM). The binaries are classified with this statistical compression algorithm. The preliminary experiment shows that our method can efficiently detect malware with high accuracy and low false positive rate.

Published in:

Information Science and Engineering (ICISE), 2009 1st International Conference on

Date of Conference:

26-28 Dec. 2009