data mining techniques for malware detection.pptx
DESCRIPTION
What is malware? And How is it detected? the different malwaresTRANSCRIPT
![Page 1: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/1.jpg)
Data Mining Techniques for malware detection
-BY Aditya Deshmukh(TE-CSE1)
-BY ULLAS KAKANADAN(TE-CSE1)
-BY ANKIT GELDA(TE-CSE1)
-BY SUDARSHAN RANDIVE(TE-CSE1)
![Page 2: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/2.jpg)
CONTENTS
•DATA MINING???•TECHNIQUES???•WHAT IS MALWARE???•TECHNIQUES OVER MALWARE•VARIOUS APPLICATIONS•CONCLUSION•QUESTION?
![Page 3: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/3.jpg)
WHY MINE DATA???
Lots of data is being collected and warehoused
Potentially valuable resource Stored data grows very fast Information is crucial
![Page 4: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/4.jpg)
DATA MINING
Extracting IMPLICIT PREVIOUSLY UNKNOWN POTENTIALLY USEFUL
Needed: programs that detect patterns and regularities in the data
Knowledge Discovery in Data
![Page 5: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/5.jpg)
Knowledge discovery process
![Page 6: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/6.jpg)
Data, Information, and Knowledge
• Dataoperational or transactional datanonoperational datameta data - data about the data itself
• Informationpatterns, associations, or relationships among all this data
• Knowledge
![Page 7: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/7.jpg)
How data mining works??
•Classes: Stored data is used to locate data in predetermined groups.
•Clusters: Data items are grouped according to logical relationships or consumer preferences
•Associations: Data can be mined to identify associations.
•Sequential patterns: Data is mined to anticipate behavior patterns and trends
![Page 8: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/8.jpg)
What is malware???
Short for malicious software old as software itselfprogrammer might create malware most common types Virus Trojans Worms Zombies Spyware
![Page 9: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/9.jpg)
virus
most well-known
not to cause damage, but to clone itself onto another host
virus causes damage it is more likely to be detected
very small footprint
remain undetected for a very long time
![Page 10: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/10.jpg)
Worms
very similar to viruses in many ways
worms are network-aware
computer-to-computer hurdle by seeking new hosts on the network
capable of going global in a matter of seconds
Very hard to be controlled and stopped
![Page 11: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/11.jpg)
trojans
conceal itself inside software
Greeks were able to enter the fortified city of Troy by hiding their soldiers in a big wooden horse given to the Trojans as a gift
Disguises that a trojan can take are only limited by the programmer’s imagination
Cyber-crooks often use viruses, trojans and worms
Trojans also drop spyware
![Page 12: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/12.jpg)
zombies
works in a similar way to spyware
infection mechanisms remain the same
just sits there waiting for commands from the hacker
infect tens of thousands of computers, turning them into zombie machines
distributed denial of service attack
![Page 13: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/13.jpg)
Algorithm in data mining
C4.5 and beyond
The k-means algorithm
Support vector machines
The Apriori algorithm
The EM algorithm
![Page 14: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/14.jpg)
Malware detection techniques
• anomaly-based detection technique
• signature-based detection technique
![Page 15: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/15.jpg)
K-means algorithm
• takes the number of components of the population equal to the final required number of clusters
• examines each component in the population
• assigns it to one of the clusters depending on the minimum distance
• centroid's position is recalculated everytime a component is added
![Page 16: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/16.jpg)
flowchart
![Page 17: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/17.jpg)
ADVANTAGES OF DATA MINING
Marking/Retailing
Banking/Crediting
Law enforcement
Researchers
![Page 18: Data mining techniques for malware detection.pptx](https://reader030.vdocuments.site/reader030/viewer/2022020105/557d5a55d8b42aba3d8b4aaf/html5/thumbnails/18.jpg)
DISADVANTAGES OF DATA MINING
Privacy Issues
Security issues
Misuse of information/inaccurate information