Go to DBLP homepageClassification of Malware Variant Based on Ensemble Learning
Abstract: To explore the classification of malware variants, a malware variant detection method is proposed based on the code visualization method and ensemble learning model. First, malware binary data was transformed into a gray-scale image and the GIST texture feature of the image was extracted. Then, KNN (K Nearest Neighbor) and RF (random forest) method are used as base learners and a malware variant classification model was proposed based on the voting learning method. Finally, the integration results were mapped to the final malware classification result. To verify the accuracy of the method, a malware family classification experiment was performed. The results show that the method can reach an accuracy rate of 98.95% and the AUC value of 0.9976, meaning that it can effectively analyze and classify malware variants.
Loading