Skip to Main content Skip to Navigation
Conference papers

A Layered Detection Method for Malware Identification

Abstract : In recent years, millions of new malicious programs are produced by Pa mature industry of malware production. These programs have tremendous challenges on the signature-based anti-virus products and pose great threats on network and information security. Machine learning techniques are applicable for detecting unknown malicious programs without knowing their signatures. In this paper, a Layered Detection (LD) method is developed to detect malwares with a two-layer framework. The Low-Level-Classifiers (LLC) are employed to identify whether the programs perform any malicious functions according to the API-calls of the programs. The Up-level-Classifier (ULC) is applied to detect malwares according to the low level function identification. The LD method is compared with many classical classification algorithms with comprehensive test datasets containing 16135 malwares and 1800 benign programs. The experiments demonstrate that the LD method outperforms other algorithms in terms of detection accuracy.
Document type :
Conference papers
Complete list of metadata

Cited literature [13 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, September 25, 2017 - 4:34:10 PM
Last modification on : Wednesday, June 10, 2020 - 10:00:04 AM
Long-term archiving on: : Tuesday, December 26, 2017 - 2:49:52 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Ting Liu, Xiaohong Guan, yu Qu, yanan Sun. A Layered Detection Method for Malware Identification. 8th Network and Parallel Computing (NPC), Oct 2011, Changsha,, China. pp.166-175, ⟨10.1007/978-3-642-24403-2_14⟩. ⟨hal-01593029⟩



Record views


Files downloads