开放世界恶意软件分类的高效增量实例学习算法

2021 International Conference on Advanced Technologies for Communications (ATC) Pub Date : 2021-10-14 DOI:10.1109/atc52653.2021.9598272

Kien Hoang Dang, Dai Tho Nguyen, Thu Hien Nguyen Thi

{"title":"开放世界恶意软件分类的高效增量实例学习算法","authors":"Kien Hoang Dang, Dai Tho Nguyen, Thu Hien Nguyen Thi","doi":"10.1109/atc52653.2021.9598272","DOIUrl":null,"url":null,"abstract":"Malware is growing rapidly in number and become more and more sophisticated. To prevent them we need to collect samples continuously and update them to the classifier. In this paper, we will propose a method to update new labeled samples of malware to the classifier easily without re-training everything. The classifier can be updated by both labeled malware samples of an existing class or a new class. Our method also has the ability to detect samples of unknown families. Experiments are performed over the traditional computer malware dataset and the IoT malware dataset. The results have shown that our method can reach the macro F1-score almost the same re-train everything but take significantly less time.","PeriodicalId":196900,"journal":{"name":"2021 International Conference on Advanced Technologies for Communications (ATC)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Efficient Incremental Instance-based Learning Algorithms for Open World Malware Classification\",\"authors\":\"Kien Hoang Dang, Dai Tho Nguyen, Thu Hien Nguyen Thi\",\"doi\":\"10.1109/atc52653.2021.9598272\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malware is growing rapidly in number and become more and more sophisticated. To prevent them we need to collect samples continuously and update them to the classifier. In this paper, we will propose a method to update new labeled samples of malware to the classifier easily without re-training everything. The classifier can be updated by both labeled malware samples of an existing class or a new class. Our method also has the ability to detect samples of unknown families. Experiments are performed over the traditional computer malware dataset and the IoT malware dataset. The results have shown that our method can reach the macro F1-score almost the same re-train everything but take significantly less time.\",\"PeriodicalId\":196900,\"journal\":{\"name\":\"2021 International Conference on Advanced Technologies for Communications (ATC)\",\"volume\":\"53 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Conference on Advanced Technologies for Communications (ATC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/atc52653.2021.9598272\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Advanced Technologies for Communications (ATC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/atc52653.2021.9598272","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

恶意软件的数量正在迅速增长，并且变得越来越复杂。为了防止它们，我们需要不断地收集样本并将其更新到分类器中。在本文中，我们将提出一种方法，可以轻松地将新标记的恶意软件样本更新到分类器中，而无需重新训练一切。分类器可以通过现有类或新类的标记恶意软件样本进行更新。我们的方法还具有检测未知家族样本的能力。在传统的计算机恶意软件数据集和物联网恶意软件数据集上进行了实验。结果表明，我们的方法可以达到宏观f1分数几乎相同的重新训练，但花费的时间明显更少。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Efficient Incremental Instance-based Learning Algorithms for Open World Malware Classification

Malware is growing rapidly in number and become more and more sophisticated. To prevent them we need to collect samples continuously and update them to the classifier. In this paper, we will propose a method to update new labeled samples of malware to the classifier easily without re-training everything. The classifier can be updated by both labeled malware samples of an existing class or a new class. Our method also has the ability to detect samples of unknown families. Experiments are performed over the traditional computer malware dataset and the IoT malware dataset. The results have shown that our method can reach the macro F1-score almost the same re-train everything but take significantly less time.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 International Conference on Advanced Technologies for Communications (ATC)

自引率

0.00%

发文量