Malware detection is a crucial task in the computer system to secure the system from malware and cyber-attacks. Identifying the malware variants is important in malware detection. Clustering malware helps identify the malware variants by grouping the familiar malware variants based on their similarity and classifying the new malware variants. Traditional clustering for malware variants approaches is time-consuming, and posses data set size and concept drift problems.
The incremental clustering model is the novel clustering approach that owns the ability to handle data set size and concept drift problems. The incremental clustering model identifies the new malware variants by systematically clustering the malware based on similarity. The incremental clustering model has the ability to analyze dynamic features of the malware. Malware detection and classification using incremental clustering model provide high accuracy and performance with low execution time.