TY  - INPR
ID  - SisLab4445
UR  - http://rivf.net
A1  - Nguyen, Thi Thu Trang
A1  - Nguyen, Dai Tho
A1  - Vu, Duy Loi
Y1  - 2021/06/05/
N2  - Malware attacks have been among the most serious threats to cyber security in the last decade. Anti-malware software can help safeguard information systems and minimize their exposure to the malware. Most of anti-malware programs detect malware instances based on signature or pattern matching. Data mining and machine learning techniques can be used to automatically detect models and patterns behind different types of malware variants. However, traditional machine-based learning techniques such as SVM, decision trees and naive Bayes seem to be only suitable for detecting malicious code, not effective enough for complex problems such as classification. In this article, we propose a new prototype extraction method for non-traditional prototype-based machine learning classification. The prototypes are extracted using hypercuboids. Each hypercuboid covers all training data points of a malware family. Then we choose the data points nearest to the hyperplanes as the prototypes. Malware samples will be classified based on the distances to the prototypes. Experiments results show that our proposition leads to F1 score of 96.5% for classification of known malware and 97.7% for classification of unknown malware, both better than the original prototype-based classification method.
KW  - Malware classification
KW  -  machine learning
KW  -  k-nearest neighbors algorithms
KW  -  prototype-based learning
KW  -  hypercuboids
TI  - A Hypercuboid-Based Machine Learning Algorithm for Malware Classification
M2  - Hanoi, Vietnam
AV  - public
T2  - The 15th IEEE-RIVF International Conference on Computing and Communication Technologies (RIVF 2021)
ER  -