A fast malware feature selection approach using a hybrid of multi-linear and stepwise binary logistic regression Huda, MD Shamsul, Abawajy, Jemal, Abdollahian, Mali, Islam, Rafiqul and Yearwood, John Leighton 2016, A fast malware feature selection approach using a hybrid of multi-linear and stepwise binary logistic regression, Concurrency computation, In Press, pp. 1-18, doi: 10.1002/cpe.3912. Attached Files Name Description MIMEType Size Downloads Title A fast malware feature selection approach using a hybrid of multi-linear and stepwise binary logistic regression Author(s) Huda, MD Shamsul Abawajy, Jemal orcid.org/0000-0001-8962-1222 Abdollahian, Mali Islam, Rafiqul Yearwood, John Leighton orcid.org/0000-0002-7562-6767 Journal name Concurrency computation Season In Press Start page 1 End page 18 Total pages 18 Publisher Wiley Place of publication Chichester, Eng. Publication date 2016-01-01 ISSN 1532-0626 1532-0634 Keyword(s) malware detection binary logistic regression stepwise regression API call statistics AIC criteria chi-square Summary Malware replicates itself and produces offspring with the same characteristics but different signatures by using code obfuscation techniques. Current generation anti-virus engines employ a signature-template type detection approach where malware can easily evade existing signatures in the database. This reduces the capability of current anti-virus engines in detecting malware. In this paper, we propose a stepwise binary logistic regression-based dimensionality reduction techniques for malware detection using application program interface (API) call statistics. Finding the most significant malware feature using traditional wrapper-based approaches takes an exponential complexity of the dimension (m) of the dataset with a brute-force search strategies and order of (m-1) complexity with a backward elimination filter heuristics. The novelty of the proposed approach is that it finds the worst case computational complexity which is less than order of (m-1). The proposed approach uses multi-linear regression and the p-value of each individual API feature for selection of the most uncorrelated and significant features in order to reduce the dimensionality of the large malware data and to ensure the absence of multi-collinearity. The stepwise logistic regression approach is then employed to test the significance of the individual malware feature based on their corresponding Wald statistic and to construct the binary decision the model. When the selected most significant APIs are used in a decision rule generation systems, this approach not only reduces the tree size but also improves classification performance. Exhaustive experiments on a large malware data set show that the proposed approach clearly exceeds the existing standard decision rule, support vector machine-based template approach with complete data and provides a better statistical fitness. Language eng DOI 10.1002/cpe.3912 Field of Research 080303 Computer System Security Socio Economic Objective 970108 Expanding Knowledge in the Information and Computing Sciences HERDC Research category C1 Refereed article in a scholarly journal ERA Research output type C Journal article Copyright notice ©2016, Wiley Persistent URL http://hdl.handle.net/10536/DRO/DU:30089582 Document type: Journal Article Collection: School of Information Technology Related Links Link Description Connect to Elements publication management system Go to link with your DU access privileges   Connect to published version Go to link with your DU access privileges     Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved. Versions Version Filter Type Mon, 28 Nov 2016, 16:00:33 EST Tue, 29 Nov 2016, 04:04:22 EST Tue, 29 Nov 2016, 05:06:35 EST Wed, 30 Nov 2016, 12:13:07 EST Thu, 08 Dec 2016, 11:35:37 EST Fri, 21 Apr 2017, 13:47:47 EST Mon, 22 May 2017, 12:30:53 EST Fri, 15 Sep 2017, 13:36:31 EST Mon, 18 Sep 2017, 08:18:17 EST Sat, 25 Nov 2017, 01:45:48 EST Sat, 02 Dec 2017, 01:31:45 EST Filtered Full Citation counts:   Cited 0 times in TR Web of Science Cited 2 times in Scopus Search Google Scholar Access Statistics: 101 Abstract Views, 3 File Downloads  -  Detailed Statistics Created: Mon, 28 Nov 2016, 16:00:33 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.