Combined kNN Classification and Hierarchical Similarity Hash for Fast Malware Detection

Combined kNN Classification and Hierarchical Similarity Hash for Fast Malware Detection

Every day, hundreds of thousands of new malicious files are created. Existing pattern-based antivirus solutions have difficulty detecting these new malicious files. Artificial intelligence (AI)–based malware detection has been proposed to solve the problem; however, it takes a long time. Similarity...

Full description

Bibliographic Details
Main Author: Sunoh Choi
Format: Article
Language:English
Published: MDPI AG 2020-07-01
Series:Applied Sciences
Subjects:
similarity hash
classification
deep learning
malware detection
Online Access:https://www.mdpi.com/2076-3417/10/15/5173
Description
Summary:Every day, hundreds of thousands of new malicious files are created. Existing pattern-based antivirus solutions have difficulty detecting these new malicious files. Artificial intelligence (AI)–based malware detection has been proposed to solve the problem; however, it takes a long time. Similarity hash–based detection has also been proposed; however, it has a low detection rate. To solve these problems, we propose k-nearest-neighbor (kNN) classification for malware detection with a vantage-point (VP) tree using a similarity hash. When we use kNN classification, we reduce the detection time by 67% and increase the detection rate by 25%. With a VP tree using a similarity hash, we reduce the similarity-hash search time by 20%.
ISSN:2076-3417

Similar Items