| A Parameter-Free Hybrid Clustering algorithm used for Malware Categorization | |
| Han, ZhiXue ; Feng, Shaorong ; Feng SR(冯少荣) ; Ye, Yanfang ; Jiang, Qingshan | |
| 2009 | |
| 关键词 | Malware categorization Parameter-Free Hybrid Clustering (PFHC) K-means Hierarchical clustering |
| 英文摘要 | Nowadays, numerous attacks made by the malware, such as viruses, backdoors, spyware, trojans and worms, have presented a major security threat to computer users. The most significant line of defense against malware is anti-virus products which detects, removes, and characterizes these threats. The ability of these AV products to successfully characterize these threats greatly depends on the method for categorizing these profiles of malware into groups. Therefore, clustering malware into different families is one of the computer security topics that are of great interest. In this paper, resting on the analysis of the extracted instruction of malware samples, we propose a novel parameter-free hybrid clustering algorithm (PFHC) which combines the merits of hierarchical clustering and K-means algorithms for malware clustering. It can not only generate stable initial division, but also give the best K. PFHC first utilizes agglomerative hierarchical clustering algorithm as the frame, starting with N singleton clusters, each of which exactly includes one sample, then reuses the centroids of upper level in every level and merges the two nearest clusters, finally adopts K-means algorithm for iteration to achieve an approximate global optimal division. PFHC evaluates clustering validity of each iteration procedure and generates the best K by comparing the values. The promising studies on real daily data collection illustrate that, compared with popular existing K-means and hierarchical clustering approaches, our proposed PFHC algorithm always generates much higher quality clusters and it can be well used for malware categorization. |
| 语种 | 英语 |
| 内容类型 | 期刊论文 |
| 源URL | [http://dspace.xmu.edu.cn/handle/2288/70635]  |
| 专题 | 信息技术-已发表论文 |
| 推荐引用方式 GB/T 7714 | Han, ZhiXue,Feng, Shaorong,Feng SR,et al. A Parameter-Free Hybrid Clustering algorithm used for Malware Categorization[J],2009. |
| APA | Han, ZhiXue,Feng, Shaorong,冯少荣,Ye, Yanfang,&Jiang, Qingshan.(2009).A Parameter-Free Hybrid Clustering algorithm used for Malware Categorization.. |
| MLA | Han, ZhiXue,et al."A Parameter-Free Hybrid Clustering algorithm used for Malware Categorization".(2009). |
| 个性服务 |
| 查看访问统计 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论