Skip to Main content Skip to Navigation
New interface
Conference papers

Exploring Timeline-Based Malware Classification

Abstract : Over the decades or so, Anti-Malware (AM) communities have been faced with a substantial increase in malware activity, including the development of ever-more-sophisticated methods of evading detection. Researchers have argued that an AM strategy which is successful in a given time period cannot work at a much later date due to the changes in malware design. Despite this argument, in this paper, we convincingly demonstrate a malware detection approach, which retains high accuracy over an extended time period. To the best of our knowledge, this work is the first to examine malware executables collected over a span of 10 years.  By combining both static and dynamic features of malware and cleanware, and accumulating these features over intervals in the 10-year period in our test, we construct a high accuracy malware detection method which retains almost steady accuracy over the period. While the trend is a slight down, our results strongly support the hypothesis that perhaps it is possible to develop a malware detection strategy that can work well enough into the future.
Document type :
Conference papers
Complete list of metadata

Cited literature [21 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, February 9, 2017 - 5:23:57 PM
Last modification on : Thursday, February 9, 2017 - 5:37:20 PM
Long-term archiving on: : Wednesday, May 10, 2017 - 2:48:20 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Rafiqul Islam, Irfan Altas, Md. Saiful Islam. Exploring Timeline-Based Malware Classification. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. pp.1-13, ⟨10.1007/978-3-642-39218-4_1⟩. ⟨hal-01463831⟩



Record views


Files downloads