IJSRD - International Journal for Scientific Research & Development| Vol. 1, Issue 2, 2013 | ISSN (online): 2321-0613

In recent years, the number of malware families/variants has exploded dramatically. Automatic malware classification is becoming an important research area. Using data mining, we identify seven key features within the Microsoft PE file format that can be fed to machine learning algorithms to classify malware. In this paper, resting on the analysis of Windows API execution sequences called by PE files, we develop the Intelligent Malware Detection System (IMDS) using ObjectiveOriented Association (OOA) mining based classification. IMDS is an integrated system consisting of three major modules: PE parser, OOA rule generator, and rule based classifier. An OOA_Fast_FP Growth algorithm is adapted to efficiently generate OOA rules for classification. Promising experimental results demonstrate that the accuracy and efficiency of our IMDS system outperform popular antivirus software such as Norton Antivirus and McAfee Virus Scan, as well as previous data mining based detection systems which employed Naive Bayes, Support Vector Machine (SVM) and Decision Tree techniques.