Unleash the power for tensor: A hybrid malware detection system using ensemble classifiers

Jieqiong Hou; Minhui Xue; Haifeng Qian

doi:10.1109/ISPA/IUCC.2017.00170

Unleash the power for tensor: A hybrid malware detection system using ensemble classifiers

Jieqiong Hou, Minhui Xue, Haifeng Qian

Software Engineering Institute

East China Normal University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

The extensive growth of smartphones has spawned the propagation of malicious applications. Due to the increasing use of polymorphic malware, detection is becoming more difficult. To this end, ensemble learning has been proposed to improve accuracy in malware detection, without severely sacrificing time complexity. In this paper, we propose a hybrid detection system, TFBOOST, which incorporates the tensor filter algorithm into boosting ensemble generalization architecture, in order to improve detection efficacy. TFBOOST uses a static analysis to extract features and a level-by-level boosting structure with re-sampling process to diversify base learners. Experimental results show that TFBOOST generally outperforms state-of-The-Art ensemble algorithms with higher detection precision and lower false positive rates. Finally, we visually interpret the high-level results of TFBOOST and conjecture that repackaged malware is the mainstay of potential malware.

Original language	English
Title of host publication	Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017
Editors	Gregorio Martinez, Richard Hill, Geoffrey Fox, Peter Mueller, Guojun Wang
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1130-1137
Number of pages	8
ISBN (Electronic)	9781538637906
DOIs	https://doi.org/10.1109/ISPA/IUCC.2017.00170
State	Published - 25 May 2018
Event	15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017 - Guangzhou, China Duration: 12 Dec 2017 → 15 Dec 2017

Publication series

Name	Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017

Conference

Conference	15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017
Country/Territory	China
City	Guangzhou
Period	12/12/17 → 15/12/17

Keywords

Boosting generalization
Ensemble learning
Malware detection
TFBOOST
Tensor decomposition

Access to Document

10.1109/ISPA/IUCC.2017.00170

Cite this

Hou, J., Xue, M., & Qian, H. (2018). Unleash the power for tensor: A hybrid malware detection system using ensemble classifiers. In G. Martinez, R. Hill, G. Fox, P. Mueller, & G. Wang (Eds.), Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017 (pp. 1130-1137). (Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISPA/IUCC.2017.00170

Hou, Jieqiong ; Xue, Minhui ; Qian, Haifeng. / Unleash the power for tensor : A hybrid malware detection system using ensemble classifiers. Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017. editor / Gregorio Martinez ; Richard Hill ; Geoffrey Fox ; Peter Mueller ; Guojun Wang. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 1130-1137 (Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017).

@inproceedings{619f956fdf974f81a0cb0a9d5fa33b32,

title = "Unleash the power for tensor: A hybrid malware detection system using ensemble classifiers",

abstract = "The extensive growth of smartphones has spawned the propagation of malicious applications. Due to the increasing use of polymorphic malware, detection is becoming more difficult. To this end, ensemble learning has been proposed to improve accuracy in malware detection, without severely sacrificing time complexity. In this paper, we propose a hybrid detection system, TFBOOST, which incorporates the tensor filter algorithm into boosting ensemble generalization architecture, in order to improve detection efficacy. TFBOOST uses a static analysis to extract features and a level-by-level boosting structure with re-sampling process to diversify base learners. Experimental results show that TFBOOST generally outperforms state-of-The-Art ensemble algorithms with higher detection precision and lower false positive rates. Finally, we visually interpret the high-level results of TFBOOST and conjecture that repackaged malware is the mainstay of potential malware.",

keywords = "Boosting generalization, Ensemble learning, Malware detection, TFBOOST, Tensor decomposition",

author = "Jieqiong Hou and Minhui Xue and Haifeng Qian",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017 ; Conference date: 12-12-2017 Through 15-12-2017",

year = "2018",

month = may,

day = "25",

doi = "10.1109/ISPA/IUCC.2017.00170",

language = "英语",

series = "Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "1130--1137",

editor = "Gregorio Martinez and Richard Hill and Geoffrey Fox and Peter Mueller and Guojun Wang",

booktitle = "Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017",

address = "美国",

}

Hou, J, Xue, M & Qian, H 2018, Unleash the power for tensor: A hybrid malware detection system using ensemble classifiers. in G Martinez, R Hill, G Fox, P Mueller & G Wang (eds), Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017. Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017, Institute of Electrical and Electronics Engineers Inc., pp. 1130-1137, 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017, Guangzhou, China, 12/12/17. https://doi.org/10.1109/ISPA/IUCC.2017.00170

Unleash the power for tensor: A hybrid malware detection system using ensemble classifiers. / Hou, Jieqiong; Xue, Minhui; Qian, Haifeng.
Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017. ed. / Gregorio Martinez; Richard Hill; Geoffrey Fox; Peter Mueller; Guojun Wang. Institute of Electrical and Electronics Engineers Inc., 2018. p. 1130-1137 (Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Unleash the power for tensor

T2 - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017

AU - Hou, Jieqiong

AU - Xue, Minhui

AU - Qian, Haifeng

PY - 2018/5/25

Y1 - 2018/5/25

N2 - The extensive growth of smartphones has spawned the propagation of malicious applications. Due to the increasing use of polymorphic malware, detection is becoming more difficult. To this end, ensemble learning has been proposed to improve accuracy in malware detection, without severely sacrificing time complexity. In this paper, we propose a hybrid detection system, TFBOOST, which incorporates the tensor filter algorithm into boosting ensemble generalization architecture, in order to improve detection efficacy. TFBOOST uses a static analysis to extract features and a level-by-level boosting structure with re-sampling process to diversify base learners. Experimental results show that TFBOOST generally outperforms state-of-The-Art ensemble algorithms with higher detection precision and lower false positive rates. Finally, we visually interpret the high-level results of TFBOOST and conjecture that repackaged malware is the mainstay of potential malware.

AB - The extensive growth of smartphones has spawned the propagation of malicious applications. Due to the increasing use of polymorphic malware, detection is becoming more difficult. To this end, ensemble learning has been proposed to improve accuracy in malware detection, without severely sacrificing time complexity. In this paper, we propose a hybrid detection system, TFBOOST, which incorporates the tensor filter algorithm into boosting ensemble generalization architecture, in order to improve detection efficacy. TFBOOST uses a static analysis to extract features and a level-by-level boosting structure with re-sampling process to diversify base learners. Experimental results show that TFBOOST generally outperforms state-of-The-Art ensemble algorithms with higher detection precision and lower false positive rates. Finally, we visually interpret the high-level results of TFBOOST and conjecture that repackaged malware is the mainstay of potential malware.

KW - Boosting generalization

KW - Ensemble learning

KW - Malware detection

KW - TFBOOST

KW - Tensor decomposition

UR - https://www.scopus.com/pages/publications/85048366280

U2 - 10.1109/ISPA/IUCC.2017.00170

DO - 10.1109/ISPA/IUCC.2017.00170

M3 - 会议稿件

AN - SCOPUS:85048366280

T3 - Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017

SP - 1130

EP - 1137

BT - Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017

A2 - Martinez, Gregorio

A2 - Hill, Richard

A2 - Fox, Geoffrey

A2 - Mueller, Peter

A2 - Wang, Guojun

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 12 December 2017 through 15 December 2017

ER -

Hou J, Xue M, Qian H. Unleash the power for tensor: A hybrid malware detection system using ensemble classifiers. In Martinez G, Hill R, Fox G, Mueller P, Wang G, editors, Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017. Institute of Electrical and Electronics Engineers Inc. 2018. p. 1130-1137. (Proceedings - 15th IEEE International Symposium on Parallel and Distributed Processing with Applications and 16th IEEE International Conference on Ubiquitous Computing and Communications, ISPA/IUCC 2017). doi: 10.1109/ISPA/IUCC.2017.00170

Unleash the power for tensor: A hybrid malware detection system using ensemble classifiers

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this