Open AccessBehavioral-based malware clustering and classification
Author(s) -
Izzat Alsmadi,
Bilal AlAhmad,
Iyad Alazzam
Publication year - 2019
Publication title -
american journal of science and engineering
Language(s) - English
Resource type - Journals
eISSN - 2687-9581
pISSN - 2687-9530
DOI - 10.15864/ajse.1105
Subject(s) - malware , categorization , computer science , cluster analysis , process (computing) , malware analysis , artificial intelligence , machine learning , computer security , data mining , operating system
Detection of malwares and security attacks is a complex process that can vary in its details, analysis activities, etc. As part of the detection process, malware scanners try to categorize a malware once it is detected under one of the known malware categories (e.g. worms, spywares, viruses, etc.). However, many studies and researches indicate problems with scanners categorizing or identifying a particular malware under different categories. There are different reasons for such challenges where different malware scanners, and sometime the same malware scanner, will categorize the same malware under different categories in different times or instances. In this paper, we evaluated this problem summarizing existing approaches on malware classification.