Main Page
About FCIT
History
Strategy
Administration>
Current Administration
Prevouis Administration
Organization Strucutre
Industrial Advisory Board
PhotoAlbum
Lab Guides
Departments
Computer Science
Information Technology
Information Systems
Academics
Bachelor Programs
Graduate Programs
Executive Programs
Academic Calendar
Admission
Bachelor Degree & Transferring
Admission from the Foundation Year
Transferring to the Faculty
Graduate Studies
Graduate Programs
Executive Programs
Scientific Research
Groups and Units
Research Groups
Research Interests
Distinguished Scientists Program
Faculty Journal
Faculty and Staff
Faculty
CS Department
IT Department
IS Department
Staff
Accreditation Integration & Management System (AIM
Development and Quality Unit
Work at FCIT
Capabilities Under the Spotlight
Code of Ethics
Students
Bachelor
ِAcademic Services
Preparatory Year Courses
Students' Guide
Academic Advising
Laboratories and Facilities
Student rights and duties
Graduate
Polices and Regulations
Students' Guide
Student's Handbook
New Student Orientation
Templates of proposals and theses for masters and
Courses
CS Program
IT Program
IS Program
Alumni Registration
Students Activities
Entrepreneurship Club
Cybersecurity Club
Data Science Club
Programming Club
Community
Industrial partnerships
Cisco Academy
Microsoft Academy
Oracle Academy
Files
Researches
Contact Us
عربي
English
About
Admission
Academic
Research and Innovations
University Life
E-Services
Search
Faculty of Computing and Information Technology
Document Details
Document Type
:
Thesis
Document Title
:
Data mining methods for malware detection
طرق التعدين البيانات للكشف عن البرامج الضارة
Subject
:
Data mining, malware detection
Document Language
:
English
Abstract
:
This research investigates the use of data mining methods for malware (malicious programs) detection and proposed a framework as an alternative to the traditional signature detection method. The traditional approaches using signatures to detect malicious programs fails for the new and unknown malwares case, where signatures are not available. We present a data mining framework to detect malicious programs. We collected, analyzed and processed several thousand malicious and clean programs to find out the best features and build models that can classify a given program into a malware or a clean class. Our research is closely related to information retrieval and classification techniques and borrows a number of ideas from the field. We used a vector space model to represent the programs in our collection. Our data mining framework includes two separate and distinct classes of experiments. The first are the supervised learning experiments that used a dataset, consisting of several thousand malicious and clean program samples to train, validate and test, an array of classifiers. In the second class of experiments, we proposed using sequential association analysis for feature selection and automatic signature extraction. With our experiments, we were able to achieve as high as 98.4% detection rate and as low as 1.9% false positive rate on novel malwares.
Supervisor
:
Morgan Wang
Thesis Type
:
Doctorate Thesis
Publishing Year
:
1429 AH
2008 AD
Added Date
:
Monday, February 21, 2011
Researchers
Researcher Name (Arabic)
Researcher Name (English)
Researcher Type
Dr Grade
Email
معظم صديقي
Siddiqui, Muazzam
Researcher
Doctorate
maasiddiqui@kau.edu.sa
Files
File Name
Type
Description
29204.docx
docx
Back To Researches Page