Function Call Graphs Versus Machine Learning for Malware Detection
Publication Date
September 2018
Document Type
Contribution to a Book
Publication Title
Guide to Vulnerability Analysis for Computer Networks and Systems: An Artificial Intelligence Approach
Editor
Simon Parkinson, Andrew Crampton, Richard Hill
DOI
10.1007/978-3-319-92624-7_11
First Page
259
Last Page
279
Abstract
Recent work has shown that a function call graph technique can perform well on some challenging malware detection problems. In this chapter, we compare this function call graph approach to elementary machine learning techniques that are trained on simpler features. We find that the machine learning techniques are generally more robust than the function call graphs, in the sense that the malware must be modified to a far greater extent before the machine learning techniques are significantly degraded. This work provides evidence that machine learning is likely to perform better than ad hoc approaches, particularly when faced with intelligent attackers who can attempt to exploit the inherent weaknesses in a given detection strategy.
Recommended Citation
Deebiga Rajeswaran, Fabio Troia, Thomas Austin, and Mark Stamp. "Function Call Graphs Versus Machine Learning for Malware Detection" Guide to Vulnerability Analysis for Computer Networks and Systems: An Artificial Intelligence Approach (2018): 259-279. https://doi.org/10.1007/978-3-319-92624-7_11