Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Accurate Adware Detection using Opcode Sequence Extraction
2011 (English)Conference paper, Published paper (Refereed)
Abstract [en]

Adware represents a possible threat to the security and privacy of computer users. Traditional signature-based and heuristic-based methods have not been proven to be successful at detecting this type of software. This paper presents an adware detection approach based on the application of data mining on disassembled code. The main contributions of the paper is a large publicly available adware data set, an accurate adware detection algorithm, and an extensive empirical evaluation of several candidate machine learning techniques that can be used in conjunction with the algorithm. We have extracted sequences of opcodes from adware and benign software and we have then applied feature selection, using different configurations, to obtain 63 data sets. Six data mining algorithms have been evaluated on these data sets in order to find an efficient and accurate detector. Our experimental results show that the proposed approach can be used to accurately detect both novel and known adware instances even though the binary difference between adware and legitimate software is usually small.

Place, publisher, year, edition, pages
Vienna: IEEE Press, 2011.
Keyword [en]
Data Mining, Adware Detection, Binary Classification, Static Analysis, Disassembly, Instruction Sequences
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:hj:diva-37968DOI: 10.1109/ARES.2011.35ISBN: 978-0-7695-4485-4 (print)OAI: oai:DiVA.org:hj-37968DiVA: diva2:1159713
Conference
Sixth International Conference on Availability, Reliability and Security
Available from: 2017-11-23 Created: 2017-11-23 Last updated: 2017-11-23Bibliographically approved

Open Access in DiVA

fulltext(293 kB)1 downloads
File information
File name FULLTEXT01.pdfFile size 293 kBChecksum SHA-512
6fc84a4cbbf0a4806f7873a3c41ddbe5040135c28719bf618beada278054b89443e74cc8d28eb23e14af41418e0afab49523bffce16523edd61c7bfed6e90941
Type fulltextMimetype application/pdf

Other links

Publisher's full text

Authority records BETA

Lavesson, Niklas

Search in DiVA

By author/editor
Lavesson, Niklas
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 1 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 3 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf