@inproceedings{874f7edce6d74102a67372e845c80487,
title = "Blind separation of benign and malicious events to enable accurate malware family classification",
abstract = "Malware families classification has been studied extensively in the literature. Machine learning based identification techniques rely on building a classification model for the malware traffic, and then the model is used for labeling unseen observations. In practice, malware traffic (malware signal) is mixed with other legitimate traffic (background signal). Consequently, the classifier's effectiveness may be hindered, since the observed traffic is mixed. We propose to apply signal decomposition in order to decompose the observed traffic into two components, malware traffic and background traffic, and then classification techniques are applied effectively on the malware traffic after removing the background attributes. Our preliminary results show the effectiveness of the proposed approach. Copyright is held by the owner/author(s).",
keywords = "Background noise elimination, Classification, ICA, Malware",
author = "Hesham Mekky and Aziz Mohaisen and Zhang, {Zhi Li}",
year = "2014",
month = nov,
day = "3",
doi = "10.1145/2660267.2662365",
language = "English (US)",
isbn = "9781450329576",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery",
pages = "1478--1480",
booktitle = "Proceedings of the ACM Conference on Computer and Communications Security",
note = "21st ACM Conference on Computer and Communications Security, CCS 2014 ; Conference date: 03-11-2014 Through 07-11-2014",
}