{"id":"https://openalex.org/W2594844144","doi":"https://doi.org/10.5220/0006174301010112","title":"Towards an Understanding of the Misclassification Rates of Machine Learning-based Malware Detection Systems","display_name":"Towards an Understanding of the Misclassification Rates of Machine Learning-based Malware Detection Systems","publication_year":2017,"publication_date":"2017-01-01","ids":{"openalex":"https://openalex.org/W2594844144","doi":"https://doi.org/10.5220/0006174301010112","mag":"2594844144"},"language":"en","primary_location":{"id":"doi:10.5220/0006174301010112","is_oa":true,"landing_page_url":"https://doi.org/10.5220/0006174301010112","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 3rd International Conference on Information Systems Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.5220/0006174301010112","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055210199","display_name":"Nada Alruhaily","orcid":null},"institutions":[{"id":"https://openalex.org/I79619799","display_name":"University of Birmingham","ror":"https://ror.org/03angcq70","country_code":"GB","type":"education","lineage":["https://openalex.org/I79619799"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Nada Alruhaily","raw_affiliation_strings":["University of Birmingham, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University of Birmingham, United Kingdom","institution_ids":["https://openalex.org/I79619799"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062816254","display_name":"Behzad Bordbar","orcid":"https://orcid.org/0000-0002-6811-6216"},"institutions":[{"id":"https://openalex.org/I79619799","display_name":"University of Birmingham","ror":"https://ror.org/03angcq70","country_code":"GB","type":"education","lineage":["https://openalex.org/I79619799"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Behzad Bordbar","raw_affiliation_strings":["University of Birmingham, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University of Birmingham, United Kingdom","institution_ids":["https://openalex.org/I79619799"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020004082","display_name":"Tom Chothia","orcid":"https://orcid.org/0000-0002-9381-1368"},"institutions":[{"id":"https://openalex.org/I79619799","display_name":"University of Birmingham","ror":"https://ror.org/03angcq70","country_code":"GB","type":"education","lineage":["https://openalex.org/I79619799"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Tom Chothia","raw_affiliation_strings":["University of Birmingham, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University of Birmingham, United Kingdom","institution_ids":["https://openalex.org/I79619799"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5055210199"],"corresponding_institution_ids":["https://openalex.org/I79619799"],"apc_list":null,"apc_paid":null,"fwci":0.1849,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.40923204,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"101","last_page":"112"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9891999959945679,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9606000185012817,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8760879635810852},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7527860999107361},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4628905653953552},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.44348180294036865},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2646646499633789}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8760879635810852},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7527860999107361},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4628905653953552},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.44348180294036865},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2646646499633789}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.5220/0006174301010112","is_oa":true,"landing_page_url":"https://doi.org/10.5220/0006174301010112","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 3rd International Conference on Information Systems Security and Privacy","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.atira.dk:openaire_cris_publications/e3d8ae28-e78f-4a75-b1e3-4c3db9103989","is_oa":true,"landing_page_url":"https://research.birmingham.ac.uk/en/publications/e3d8ae28-e78f-4a75-b1e3-4c3db9103989","pdf_url":null,"source":{"id":"https://openalex.org/S4306402634","display_name":"University of Birmingham Research Portal (University of Birmingham)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79619799","host_organization_name":"University of Birmingham","host_organization_lineage":["https://openalex.org/I79619799"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Alruhaily, N, Bordbar, B & Chothia, T 2017, Towards an understanding of the misclassification rates of machine learning-based malware detection systems. in P Mori , S Furnell & O Camp (eds), ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. vol. 2017-January, SciTePress, pp. 101-112, 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal, 19/02/17. https://doi.org/10.5220/0006174301010112","raw_type":"contributionToPeriodical"}],"best_oa_location":{"id":"doi:10.5220/0006174301010112","is_oa":true,"landing_page_url":"https://doi.org/10.5220/0006174301010112","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 3rd International Conference on Information Systems Security and Privacy","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1208334278","display_name":null,"funder_award_id":"EP/L001802/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G8682795926","display_name":null,"funder_award_id":"EP/R007128/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W3046775127","https://openalex.org/W3107602296","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W4364306694","https://openalex.org/W4312192474","https://openalex.org/W4283697347"],"abstract_inverted_index":{"A":[0],"number":[1],"of":[2,52,109,135,152,171],"machine":[3],"learning":[4],"based":[5,15,39],"malware":[6,34,45,67,89,105,132,155],"detection":[7,16,28,96],"systems":[8,19,38],"have":[9,20],"been":[10],"suggested":[11],"to":[12,57,82,116,121,130,146,168,185,193],"replace":[13],"signature":[14],"methods.":[17],"These":[18],"shown":[21],"that":[22,88,100,114,140,176,196],"they":[23],"can":[24,46,124,165,190],"provide":[25],"a":[26,50,182],"high":[27],"rate":[29],"when":[30],"recognising":[31],"non-previously":[32],"seen":[33],"samples.":[35],"However,":[36],"in":[37,54,104],"on":[40],"behavioural":[41,147],"features,":[42],"some":[43],"new":[44],"go":[47],"undetected":[48],"as":[49,162],"result":[51],"changes":[53,90,99,126,142,148],"behaviour":[55],"compared":[56],"the":[58,95,107,150,169,174,194],"training":[59],"data.":[60],"In":[61],"this":[62],"paper":[63],"we":[64,86],"analysed":[65],"misclassified":[66],"instances":[68,113],"and":[69],"investigated":[70],"whether":[71],"there":[72],"were":[73,179,199],"recognisable":[74],"patterns":[75],"across":[76,154],"these":[77,141,177,197],"misclassifications.":[78],"Several":[79],"questions":[80],"needed":[81],"be":[83,127,166,186,191],"understood:":[84],"Can":[85],"claim":[87],"over":[91],"time":[92],"directly":[93],"affect":[94,101],"rate?":[97],"Do":[98],"classification":[102],"occur":[103],"at":[106,149],"level":[108,151],"families,":[110],"where":[111,157],"all":[112],"belong":[115],"certain":[117,131],"families":[118,156],"are":[119,143],"hard":[120],"detect?":[122],"Alternatively,":[123],"such":[125],"traced":[128],"back":[129],"variants":[133,153,158,178,198],"instead":[134],"families?":[136],"Our":[137],"experiments":[138],"showed":[139],"mostly":[144],"due":[145,167,192],"did":[159],"not":[160],"behave":[161],"expected.":[163],"This":[164],"adoption":[170],"anti-virtualisation":[172],"techniques,":[173],"fact":[175,195],"looking":[180],"for":[181],"specific":[183],"argument":[184],"activated":[187],"or":[188],"it":[189],"actually":[200],"corrupted.":[201]},"counts_by_year":[{"year":2022,"cited_by_count":3},{"year":2018,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}