Multiple instance learning for malware classification

作者：

Highlights：

• System resources can be used for modeling malware’s behavior.

• Novel similarity measure for file paths reflecting directory structure is defined.

• The variability in the number of system resources can be addressed with MIL.

摘要

•System resources can be used for modeling malware’s behavior.•Novel similarity measure for file paths reflecting directory structure is defined.•The variability in the number of system resources can be addressed with MIL.

论文关键词：Malware,Dynamic analysis,Sandboxing,Multiple instance learning,Classification,Random forest

论文评审过程：Received 15 June 2017, Revised 13 October 2017, Accepted 14 October 2017, Available online 16 October 2017, Version of Record 5 November 2017.

论文官网地址：https://doi.org/10.1016/j.eswa.2017.10.036

原文链接
谷歌学术
必应学术
百度学术