Extended Abstract: Detecting Scareware by Mining Variable Length Instruction Sequences
| Document type: | Conference Papers |
|---|---|
| Peer reviewed: | Yes |
| Full text: | |
| Author(s): | Raja Khurram Shahzad, Niklas Lavesson |
| Title: | Extended Abstract: Detecting Scareware by Mining Variable Length Instruction Sequences |
| Conference name: | 11th Scandinavian Conference on Artificial Intelligence |
| Year: | 2011 |
| Pagination: | 195-197 |
| ISBN: | 978-1-60750-753-6 |
| Publisher: | IOS Press |
| City: | Trondheim |
| Organization: | Blekinge Institute of Technology |
| Department: | School of Computing (Sektionen för datavetenskap och kommunikation) School of Computing S-371 79 Karlskrona +46 455 38 50 00 http://www.bth.se/com |
| Authors e-mail: | rks@bth.se, Niklas.Lavesson@bth.se |
| Language: | English |
| Abstract: | This paper presents a scareware detection method that is based on performing data mining on extracted variable length opcode sequences derived from instruction sequences of binary files. Our experimental results show that many common supervised learning algorithms generate accurate models from subsets of our data set. |
| Subject: | Computer Science\Artificial Intelligence Computer Science\General Computer Science\Electronic security |
| Keywords: | Scareware, Instruction Sequences, Classification |
