Authors: Olha Jurečková, Martin Jureček, Mark Stamp

Published on: May 06, 2024

Impact Score: 7.4

Arxiv code: Arxiv:2405.03298

Summary

• What is new: A novel machine learning-based model for the online clustering of malicious samples into malware families.
• Why this is important: Malware attacks are becoming more frequent and sophisticated, necessitating efficient detection and classification.
• What the research proposes: Introducing an online clustering machine learning model that categorizes malware samples into families based on their characteristics using weighted k-nearest neighbor classifier and online k-means algorithm.
• Results: Achieved a purity of clusters ranging from 90.20% for four clusters to 93.34% for ten clusters, indicating high accuracy in classifying malware into correct families.

Technical Details

Technological frameworks used: nan

Models used: Weighted k-nearest neighbor classifier, Online k-means algorithm

Data used: Static analysis of portable executable files for Windows OS

Potential Impact

Cybersecurity vendors, malware analysis services, and companies in the information security domain could benefit from the insights and methodologies presented in this paper.

Want to implement this idea in a business?

We have generated a startup concept here: GuardCluster.