Abstract
In this work, we perform classification of malicious software by evaluating the performance of six machine learning methods: Multilayer Perceptron Neural Network (MLP), Support Vector Machine (SVM), C4.5, CART, Random Forest and K-Nearest Neighbors (K-NN). The classification is performed using only structural information from portable executable file header that can be extracted from Win32 driver files. The best classification accuracy was achieved by the Random Forest method with 93.3% overall classification accuracy, followed by C4.5, CART, K-NN, SMV and MLP method with classification accuracy of 92.9% 92.5%, 91.6%, 77.7% and 89.0% respectively.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
White, R.: The cost of cyber security breaches: British business lost almost £30 billion in 2016 (2017) https://www.beaming.co.uk/press-releases/cyber-security-breaches-cost-businesses-30-billion
Verizon: Data breach investigations report (2018) https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_execsummary_en_xg.pdf
Berkeley ISP: What is the possible impact of ransomware (2018). https://security.berkeley.edu/faq/ransomware/what-possible-impact-ransomware
Liu, L., Wang, B., Yu, B., Zhong, Q.: Automatic malware classification and new malware detection using machine learning. Front. Inf. Technol. Electron. Eng. 18, 1336 (2017)
Burnap, P., French, R., Turner, F., Jones, K.: Malware classification using self organizing feature maps and machine activity data. Comput. Secur. 73, 399–410 (2018)
Xu, L., Zhang, D., Jayasena, N., Cavazos, J.: HADM: hybrid analysis for detection of malware. In: Proceedings of SAI Intelligent Systems Conference (IntelliSys) (2016)
Bounouh, T., Zakaria, B., Al-Nemrat, A., Benzaid, C.: A scalable malware classification based on integrated static and dynamic features. In: Communications in Computer and Information Science book series (CCIS, vol. 630). Springer, Cham (2017)
Haykin, S.: Neural Network: A Comprehensive Foundation. Prentice Hall, Upper Saddle River (1999)
Mitchell, T.: Machine Learning. McGraw Hill, New York (1997)
Deville, B.: Decision Trees for Business Intelligence and Data Mining: Using SAS Enterprise Miner. SAS Institute Inc, Cary, ISBN - 13:978-1-59047-567-6 (2006)
Breiman, L., Friedman, J.H., Olsen, R.A., Stone, C.J.: Classification and Regression Trees. Taylor & Francis, Wadsworth (1984)
Breiman L.: Random forests. Machine Learning 45, 5–32, Kluwer Academic Publishers (2001)
Weka: Weka 3: data mining software in Java. Weka The University of Waikato (2018). https://www.cs.waikato.ac.nz/ml/weka
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Kutlay, A., Karađuzović-Hadžiabdić, K. (2020). Static Based Classification of Malicious Software Using Machine Learning Methods. In: Avdaković, S., Mujčić, A., Mujezinović, A., Uzunović, T., Volić, I. (eds) Advanced Technologies, Systems, and Applications IV -Proceedings of the International Symposium on Innovative and Interdisciplinary Applications of Advanced Technologies (IAT 2019). IAT 2019. Lecture Notes in Networks and Systems, vol 83. Springer, Cham. https://doi.org/10.1007/978-3-030-24986-1_49
Download citation
DOI: https://doi.org/10.1007/978-3-030-24986-1_49
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24985-4
Online ISBN: 978-3-030-24986-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)