Abstract
N-gram analysis is an approach that investigates the
structure of a program using bytes, characters or text strings.
This research uses dynamic analysis to investigate malware
detection using a classification approach based on N-gram
analysis. The motivation for this research is to find a subset of Ngram
features that makes a robust indicator of malware. The
experiments within this paper represent programs as N-gram
density histograms, gained through dynamic analysis. A Support
Vector Machine (SVM) is used as the program classifier to
determine the ability of N-grams to correctly determine the
presence of malicious software. The preliminary findings show
that an N-gram size N=3 and N=4 present the best avenues for
further analysis.
Original language | English |
---|---|
Title of host publication | 2014 World Symposium on Computer Applications and Research (WSCAR) |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Number of pages | 6 |
ISBN (Electronic) | 9781479928064 |
ISBN (Print) | 9781479928057 |
DOIs | |
Publication status | Published - 20 Jan 2014 |
Event | Computer Applications & Research (WSCAR), 2014 World Symposium on - Tunisia, Sousse, Tunisia Duration: 18 Jan 2014 → 20 Jan 2014 |
Conference
Conference | Computer Applications & Research (WSCAR), 2014 World Symposium on |
---|---|
Country/Territory | Tunisia |
City | Sousse |
Period | 18/01/2014 → 20/01/2014 |