A feature selection method for malware detection

Abstract

Due to the serious network security problems in recent years, a large number of malware features have been emerged, which leads to increasing time-complexity and space-consumption for malware detection systems. Moreover, irrelevant and redundant features may decrease the detection rate. Feature selection, as an important data mining phase and technology, can effectively reduce the redundant and irrelevant features in the original large feature space, thereby can increase the detection rate and reduce the false positive rate for malware detection model. This paper proposes a class driven correlation based on feature selection method, which can select corresponding features for different classes of data respectively. Then this method uses correlation based feature selection method to eliminating redundant features. Experimental results indicate that the approach can not only reduce the complexity of malware detection system, but also increase the detection rate as compared to other methods.