Are Evolutionary Rule Learning Algorithms Appropriate for Malware Detection?

Date Added: Jun 2009
Format: PDF

In this paper, the authors evaluate the performance of ten well-known evolutionary and non-evolutionary rule learning algorithms. The comparative study is performed on a real-world classification problem of detecting malicious executables. The executable dataset, used in this study, consists of a total of 189 attributes which are statically extracted from the executables of Microsoft Windows operating system. In the study, they evaluate the performance of rule learning algorithms with respect to four metrics: classification accuracy, the number of rules in the developed rule set, the comprehensibility of the generated rules, and the processing overhead of the rule learning process.