Netinfo Security ›› 2018, Vol. 18 ›› Issue (3): 70-77.doi: 10.3969/j.issn.1671-1122.2018.03.009

• Orginal Article • Previous Articles     Next Articles

Malware Detection Method Based on Shapelet

Yunchun LI(), Wentao LU, Wei LI   

  1. School of Computer Science and Engineering, Beihang University, Beijing 100191, China
  • Received:2017-11-30 Online:2018-03-15 Published:2020-05-11

Abstract:

Against malware detection method based on traditional malware signature in the detection of malware is difficult in dealing with metamorphosis, polymorphic and other malware variation technologies, and the feature of high time complexity of the worst case in the detection process, this paper uses the idea of Shapelet in the classification of time series data, and builds the malware classification tree that can be used for malware classification based on the API calling sequence used running in sandbox, the experimental show that this method can not only cope with the malware variation technology, but also reduce the malware detection time.

Key words: malware detection, metamorphosis, time complexity, Shapelet, classification tree

CLC Number: