An ensemble framework for interpretable malicious code detection

Malicious code is an ever‐growing security threats to computer systems and networks, while malware detection provides effective defense against malicious codes. In this paper, a brief overview is presented on currently prevalent methods to detect malicious codes, including signature‐based methods, b...

Full description

Saved in:
Bibliographic Details
Published inInternational journal of intelligent systems Vol. 37; no. 12; pp. 10100 - 10117
Main Authors Cheng, Jieren, Zheng, Jiachen, Yu, Xiaomei
Format Journal Article
LanguageEnglish
Published New York Hindawi Limited 01.12.2022
Subjects
Cybersecurity
feature extraction
Intelligent systems
knowledge graph
Knowledge representation
Machine learning
malicious code
Malware
malware detection
System effectiveness
Online AccessGet full text

Cover

More Information
Summary:Malicious code is an ever‐growing security threats to computer systems and networks, while malware detection provides effective defense against malicious codes. In this paper, a brief overview is presented on currently prevalent methods to detect malicious codes, including signature‐based methods, behavioral‐based detection and machine learning (ML) based ones. More specifically, the potentially effective malicious features are summarized and the novel methods using ML are deeply discussed. Furthermore, an ensemble interpretable framework is explored for automatic and efficient malicious code detection. Based on the knowledge graph of malware, the novel framework inclines to achieve robust malware detection even confronted with unseen malicious codes. Finally, both advantages and disadvantages are discussed and experimental results are outlined to verify the effectiveness of the novel methods.
ISSN:0884-8173
1098-111X
DOI:10.1002/int.22310