针对恶意软件检测的大型训练数据集类噪声处理

2011 13th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing Pub Date : 2011-09-26 DOI:10.1109/SYNASC.2011.39

Dragos Gavrilut, Liviu Ciortuz

{"title":"针对恶意软件检测的大型训练数据集类噪声处理","authors":"Dragos Gavrilut, Liviu Ciortuz","doi":"10.1109/SYNASC.2011.39","DOIUrl":null,"url":null,"abstract":"This paper presents the ways we explored until now for detecting and dealing with the class noise found in large annotated datasets used for training the classifiers that we have previously designed for industrial-scale malware identification. First we established a number of distance-based filtering rules that allow us to identify different \"levels'' of potential noise in the training data, and secondly we analysed the effects produced by either removal or \"cleaning'' of the potentially-noised records on the performances of our simplest classifiers. We show that a careful distance-based filtering can lead to sensibly better results in malware detection.","PeriodicalId":184344,"journal":{"name":"2011 13th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Dealing with Class Noise in Large Training Datasets for Malware Detection\",\"authors\":\"Dragos Gavrilut, Liviu Ciortuz\",\"doi\":\"10.1109/SYNASC.2011.39\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents the ways we explored until now for detecting and dealing with the class noise found in large annotated datasets used for training the classifiers that we have previously designed for industrial-scale malware identification. First we established a number of distance-based filtering rules that allow us to identify different \\\"levels'' of potential noise in the training data, and secondly we analysed the effects produced by either removal or \\\"cleaning'' of the potentially-noised records on the performances of our simplest classifiers. We show that a careful distance-based filtering can lead to sensibly better results in malware detection.\",\"PeriodicalId\":184344,\"journal\":{\"name\":\"2011 13th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-09-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 13th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SYNASC.2011.39\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 13th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYNASC.2011.39","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

本文介绍了我们迄今为止探索的方法，用于检测和处理在大型注释数据集中发现的类噪声，这些数据集用于训练我们之前为工业规模恶意软件识别设计的分类器。首先，我们建立了一些基于距离的过滤规则，使我们能够识别训练数据中潜在噪声的不同“级别”，其次，我们分析了删除或“清理”潜在噪声记录对我们最简单分类器性能的影响。我们表明，仔细的基于距离的过滤可以导致更好的恶意软件检测结果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Dealing with Class Noise in Large Training Datasets for Malware Detection

This paper presents the ways we explored until now for detecting and dealing with the class noise found in large annotated datasets used for training the classifiers that we have previously designed for industrial-scale malware identification. First we established a number of distance-based filtering rules that allow us to identify different "levels'' of potential noise in the training data, and secondly we analysed the effects produced by either removal or "cleaning'' of the potentially-noised records on the performances of our simplest classifiers. We show that a careful distance-based filtering can lead to sensibly better results in malware detection.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2011 13th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing

自引率

0.00%

发文量