With explosive growth of malware, Internet users face enormous threats from Cyberspace, known as â??fifth dimensional space.â?\nMeanwhile, the continuous sophisticatedmetamorphismofmalware such as polymorphismand obfuscationmakes itmore difficult\nto detect malicious behavior. In the paper, based on the dynamic feature analysis of malware, a novel feature extraction method\nof hybrid gram (H-gram) with cross entropy of continuous overlapping subsequences is proposed, which implements semantic\nsegmentation of a sequence of API calls or instructions. The experimental results show the H-gram method can distinguish\nmalicious behaviors and is more effective than the fixed-length n-gram in all four performance indexes of the classification\nalgorithms such as ID3, Random Forest, AdboostM1, and Bagging.
Loading....