Malware evolution and detection based on the Variable Precision Rough Set model

The integration of approaches that address imperfect data and knowledge are becoming appealing to come up with innovative malware evolution techniques. In fact, malware writers tend to target some precise features within the app's code to camouflage the malicious content. Those features may sometimes present conflictual information about the true nature of the content of the app (malicious/benign). In this paper, we show how the Variable Precision Rough Set (VPRS) model can be combined with optimization techniques, in particular Bilevel-Optimization-Problems (BLOPs), in order to establish a detection model capable of following the crazy race of malware evolution initiated among malware-developers. We propose a new malware detection technique, based on such hybridization, named Variable Precision Rough set Malware Detection (ProRSDet), that offers robust detection rules capable of revealing the new nature of a given app. ProRSDet attains encouraging results when tested against various state-of-the-art malware detection systems using common evaluation metrics.

---

1. Track 5: 4th International Symposium on Rough Sets: Theory and Applications

---

2. Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).