Academia.edu no longer supports Internet Explorer.

To browse Academia.edu and the wider internet faster and more securely, please take a few seconds to upgrade your browser.

Log In
Sign Up

Figure 2 – uploaded by Moshe Kam

See full PDF downloadDownload figure

PER-FAMILY CLASSIFIER PRECISION, RECALL, AND F SCORES FOR THE MALWARE FAMILIES WITH THE HIGHEST AND LOWEST F SCORES Generally, the best performing families were those from narrowly defined malware categories, such as viruses, worms, and backdoors. Conversely, the worst performing families were those from more broadly defined categories, particularly Tro- jans. Furthermore, some of the poorly performing families are also broadly defined. For example, Gandlo!gmb, Ircbrute!gmb, and Sisron!gmb are all generically-defined Trojans. In contrast, the highest performing families are typically very narrowly defined. For example, Klez and MyDoom, are well studied families whose samples perform specific functions and have a shared heritage. — Table 2 PER-FAMILY CLASSIFIER PRECISION, RECALL, AND F SCORES FOR THE MALWARE FAMILIES WITH THE HIGHEST AND LOWEST F SCORES Generally, the best performing families were those from narrowly defined malware categories, such as viruses, worms, and backdoors. Conversely, the worst performing families were those from more broadly defined categories, particularly Tro- jans. Furthermore, some of the poorly performing families are also broadly defined. For example, Gandlo!gmb, Ircbrute!gmb, and Sisron!gmb are all generically-defined Trojans. In contrast, the highest performing families are typically very narrowly defined. For example, Klez and MyDoom, are well studied families whose samples perform specific functions and have a shared heritage.

Related Figures (4)

CLASSIFIER AND FEATURE EXTRACTION STRATEGY COMPARISON TABLE II

Fig. 1. Weighted F) score vs. n-gram length for LR classifier and trace length of 1500 system calls

Fig. 2. Weighted F score vs. trace length for LR classifier and n = 3

Fig. 3. Classifier confusion matrix for Microsoft category ground truth labels, showing the fraction of samples in each class indicated by the row labels classified as the column labels

Related topics:

Computer Science system call

Connect with 287M+ leading minds in your field

Discover breakthrough research and expand your academic network

Explore
Papers
Topics

Features
Mentions
Analytics
PDF Packages
Advanced Search
Search Alerts

Journals
Academia.edu Journals
My submissions
Reviewer Hub
Why publish with us
Testimonials

Company
About
Careers
Press
Help Center
Terms
Privacy
Copyright
Content Policy

580 California St., Suite 400

San Francisco, CA, 94104

© 2025 Academia. All rights reserved