Extended Abstract: Detecting Scareware by Mining Variable Length Instruction Sequences

Document type: Conference Papers
Peer reviewed: Yes
Full text:
Author(s): Raja Khurram Shahzad, Niklas Lavesson
Title: Extended Abstract: Detecting Scareware by Mining Variable Length Instruction Sequences
Conference name: 11th Scandinavian Conference on Artificial Intelligence
Year: 2011
Pagination: 195-197
ISBN: 978-1-60750-753-6
Publisher: IOS Press
City: Trondheim
Organization: Blekinge Institute of Technology
Department: School of Computing (Sektionen för datavetenskap och kommunikation)
School of Computing S-371 79 Karlskrona
+46 455 38 50 00
http://www.bth.se/com
Authors e-mail: rks@bth.se, Niklas.Lavesson@bth.se
Language: English
Abstract: This paper presents a scareware detection method that is based on performing data mining on extracted variable length opcode sequences derived from instruction sequences of binary files. Our experimental results show that many common supervised learning algorithms generate accurate models from subsets of our data set.
Subject: Computer Science\Artificial Intelligence
Computer Science\General
Computer Science\Electronic security
Keywords: Scareware, Instruction Sequences, Classification
Edit