dmacko232
commented
2 years ago Note: do this with benign and malicious samples! Because using only one type could skew the results.
Open dmacko232 opened 2 years ago
dmacko232
commented
2 years ago Note: do this with benign and malicious samples! Because using only one type could skew the results.
Decide if normalizing by lines of code is not more appropriate than by count of classes. Do this by calculating correlation between the normalizing feature and count of crypto api records on Avast dataset.