Science & Engineering Research Support soCiety (SERSC)
In this paper, the authors compare the research methodology and performance of malware detection using data mining. Feature selection is an important problem in data mining. For the malware application, it is interesting to see which features that can be used to characterize the malware. Particularly, they are interested to compare two approaches that use features based on statistical values and the instructions. They adapt the experiment methodology using statistical features in using 1,2,3 grams and varying block sizes as well as the methodology using the abstract assembly in using 1,2,3 grams of consecutive instructions.