Research Article
Mal-Netminer: Malware Classification Approach Based on Social Network Analysis of System Call Graph
Table 7
Comparison of classification accuracies and AUC for 3,615 types of malware and 153 benign samples.
| Classifier | Accuracy | AUC | Dataset_1 | Dataset_2 | Dataset_3 | Dataset_1 | Dataset_2 | Dataset_3 |
| Naïve Bayes | 99.96 | 90.19 | 95.16 | 1.00 | 0.95 | 0.98 | Boosted NB | 99.92 | 92.56 | 96.12 | 1.00 | 0.93 | 0.96 | RIPPER | 99.55 | 94.61 | 96.88 | 0.98 | 0.92 | 0.94 | Boosted RIPPER | 99.61 | 93.52 | 97.43 | 1.00 | 0.96 | 0.99 | RBF | 99.86 | 90.88 | 92.95 | 1.00 | 0.90 | 0.96 | Boosted RBF | 99.97 | 92.96 | 96.47 | 1.00 | 0.96 | 0.98 | C4.5 | 99.39 | 92.87 | 96.78 | 0.98 | 0.87 | 0.95 | Boosted C4.5 | 99.71 | 93.32 | 97.58 | 1.00 | 0.95 | 0.99 | -NN | 99.13 | 93.05 | 96.20 | 1.00 | 0.96 | 0.98 | Boosted -NN | 99.46 | 92.09 | 96.25 | 0.99 | 0.95 | 0.97 |
|
|
Dataset_1: adware + benign, Dataset_2: Trojan + benign, and Dataset_3: worm + benign.
|