Master of Science (MS)
Fabio Di Troia
concept drift, malware detection
In software development, new software is often based on a previous version with some improvements or new features. A similar software development practice holds true for malware writers, that is, hackers tend to add features to existing malware and release revised versions, which can be viewed as belonging to existing malware families. Therefore, a malware family typically evolves over time. In this paper, we build on recent research that has demonstrated that malware evolution can be detected using machine learning techniques. Specifically, we account for concept drift in the context of malware evolution, in the sense that we retrain our models whenever substantial evolution is detected. By accounting for concept drift, we obtain improved results as compared to models that do not consider concept drift.
Tong, Xiaoli, "Concept Drift and Malware Detection" (2022). Master's Projects. 1096.