Advertisement

Static Based Classification of Malicious Software Using Machine Learning Methods

  • Ali Kutlay
  • Kanita Karađuzović-HadžiabdićEmail author
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 83)

Abstract

In this work, we perform classification of malicious software by evaluating the performance of six machine learning methods: Multilayer Perceptron Neural Network (MLP), Support Vector Machine (SVM), C4.5, CART, Random Forest and K-Nearest Neighbors (K-NN). The classification is performed using only structural information from portable executable file header that can be extracted from Win32 driver files. The best classification accuracy was achieved by the Random Forest method with 93.3% overall classification accuracy, followed by C4.5, CART, K-NN, SMV and MLP method with classification accuracy of 92.9% 92.5%, 91.6%, 77.7% and 89.0% respectively.

References

  1. 1.
    White, R.: The cost of cyber security breaches: British business lost almost £30 billion in 2016 (2017) https://www.beaming.co.uk/press-releases/cyber-security-breaches-cost-businesses-30-billion
  2. 2.
  3. 3.
    Berkeley ISP: What is the possible impact of ransomware (2018). https://security.berkeley.edu/faq/ransomware/what-possible-impact-ransomware
  4. 4.
    Liu, L., Wang, B., Yu, B., Zhong, Q.: Automatic malware classification and new malware detection using machine learning. Front. Inf. Technol. Electron. Eng. 18, 1336 (2017)CrossRefGoogle Scholar
  5. 5.
    Burnap, P., French, R., Turner, F., Jones, K.: Malware classification using self organizing feature maps and machine activity data. Comput. Secur. 73, 399–410 (2018)CrossRefGoogle Scholar
  6. 6.
    Xu, L., Zhang, D., Jayasena, N., Cavazos, J.: HADM: hybrid analysis for detection of malware. In: Proceedings of SAI Intelligent Systems Conference (IntelliSys) (2016)Google Scholar
  7. 7.
    Bounouh, T., Zakaria, B., Al-Nemrat, A., Benzaid, C.: A scalable malware classification based on integrated static and dynamic features. In: Communications in Computer and Information Science book series (CCIS, vol. 630). Springer, Cham (2017)Google Scholar
  8. 8.
  9. 9.
    Haykin, S.: Neural Network: A Comprehensive Foundation. Prentice Hall, Upper Saddle River (1999)zbMATHGoogle Scholar
  10. 10.
    Mitchell, T.: Machine Learning. McGraw Hill, New York (1997)zbMATHGoogle Scholar
  11. 11.
    Deville, B.: Decision Trees for Business Intelligence and Data Mining: Using SAS Enterprise Miner. SAS Institute Inc, Cary, ISBN - 13:978-1-59047-567-6 (2006)Google Scholar
  12. 12.
    Breiman, L., Friedman, J.H., Olsen, R.A., Stone, C.J.: Classification and Regression Trees. Taylor & Francis, Wadsworth (1984)zbMATHGoogle Scholar
  13. 13.
    Breiman L.: Random forests. Machine Learning 45, 5–32, Kluwer Academic Publishers (2001)Google Scholar
  14. 14.
    Weka: Weka 3: data mining software in Java. Weka The University of Waikato (2018). https://www.cs.waikato.ac.nz/ml/weka

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Zemana Ltd.SarajevoBosnia and Herzegovina
  2. 2.Faculty of Engineering and Natural Sciences, Computer Sciences and Engineering ProgramInternational University of SarajevoSarajevoBosnia and Herzegovina

Personalised recommendations