Project 2 Concepts Flashcards
What is the definition of precision with regards to Malheur?
a. Measures to what extent classes are scattered across clusters
b. Short behavioral patterns of given malware samples
c. Measures how close malware subjects are to the cluster’s center
d. Reflection of how well individual clusters agree with malware classes
Correct Answer: D
What is the definition of recall with regards to Malheur?
a. Measures to what extent classes are scattered across clusters
b. Short behavioral patterns of given malware samples
c. Measures how close malware subjects are to the cluster’s center
d. Reflection of how well individual clusters agree with malware classes
Correct Answer: A
What is the definition of q-grams with regards to Malheur?
a. Measures to what extent classes are scattered across clusters
b. Short behavioral patterns of given malware samples
c. Measures how close malware subjects are to the cluster’s center
d. Reflection of how well individual clusters agree with malware classes
Correct Answer: B
What is the definition of intra-cluster cohesion with regards to Malheur?
a. Measures to what extent classes are scattered across clusters
b. Measures how close malware subjects in a cluster are to cluster’s center
c. Measures how far away clusters’ centers are from one another
d. Reflection of how well individual clusters agree with malware classes
Correct Answer: B
What is the definition of inter-cluster separation with regards to Malheur?
a. Measures to what extent classes are scattered across clusters
b. Measures how close malware subjects in a cluster are to cluster’s center
c. Measures how far away clusters’ centers are from one another
d. Reflection of how well individual clusters agree with malware classes
Correct Answer: C
Choose the more accurate statement:
a. Clustering enables identification of novel classes of malware. Classification is the assignment of malware to known classes of behavior.
b. Classification enables identification of novel classes of malware. Clustering is the assignment of malware to known classes of behavior
Correct Answer: A
With regards to prototypes in Malheur:
a. They decrease speed in analysis but increase accuracy and efficiency
b. They increase both speed and efficiency in analysis
c. They offer less accurate but much faster analysis for quick overview of behavior
d. It is easy for the analyst to quickly gather a small & representative set of prototypes
Correct Answer: B
In Malheur, what is the measure which produces an aggregate score of a model’s accuracy based on recall & precision?
a. q-gram score
b. accuracy score
c. f-score
d. efficiency score
Correct Answer: C
There are many types of clustering techniques. Malheur uses this technique for its data analysis:
a. Role hierarchy
b. Grouping technique
c. Dynamic clustering
d. Hierarchical clustering
Correct Answer: D
The correct order in which you executed your machine learning models in Malheur was:
a. testing, training, classifying
b. classifying, training, testing
c. training, testing, classifying
d. training, classifying, testing
Correct Answer: C
Malheur uses a classification method called ________ which is the algorithm determining the nearest prototype of the clusters in the training data.
a. Nearest prototype classification
b. K-nearest neighbor classification
c. Closest prototype classification
d. Nearest cluster prototype classification
Correct Answer: A
In Malheur, an application data set:
a. Contains known classes of malware which is used to evaluate the framework
b. Comprises unknown malware obtained from the security center of an anti-malware vendor
c. Comprises both known and unknown classes of malware used for comparison against a prototype data set
Correct Answer: B
In Malheur, a reference data set:
a. Contains known classes of malware which is used to evaluate the framework
b. Comprises unknown malware obtained from the security center of an anti-malware vendor
c. Comprises both known and unknown classes of malware used for comparison against a prototype data set
Correct Answer: A