A Novel Machine Learning Based Malware Detection and Classification Framework

Sethi, Kamalakanta; Kumar, Rahul; Sethi, Lingaraj; Bera, Padmalochan; Patra, Prashanta Kumar

doi:10.1109/cybersecpods.2019.8885196

Cited by 48 publications

(22 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Lastly, a learning algorithm is employed for creating the classification method to categorize a PDF file as malevolent or benign. Sethi et al [12] proposed an ML based malware analysis method for accurate and efficient malware classification and detection. Furthermore, we proposed feature selection and extraction modules that extract features from the report and select the essential feature to ensure higher accuracy at a minimal computational cost.…”

Section: Literature Reviewmentioning

confidence: 99%

Optimal Deep Belief Network Enabled Malware Detection and Classification Model

Chandran¹,

Rajini²,

Jeyakarthic³

2023

Intelligent Automation &Amp; Soft Computing

View full text Add to dashboard Cite

Cybercrime has increased considerably in recent times by creating new methods of stealing, changing, and destroying data in daily lives. Portable Document Format (PDF) has been traditionally utilized as a popular way of spreading malware. The recent advances of machine learning (ML) and deep learning (DL) models are utilized to detect and classify malware. With this motivation, this study focuses on the design of mayfly optimization with a deep belief network for PDF malware detection and classification (MFODBN-MDC) technique. The major intention of the MFODBN-MDC technique is for identifying and classifying the presence of malware exist in the PDFs. The proposed MFODBN-MDC method derives a new MFO algorithm for the optimal selection of feature subsets. In addition, Adamax optimizer with the DBN model is used for PDF malware detection and classification. The design of the MFO algorithm to select features and Adamax based hyperparameter tuning for PDF malware detection and classification demonstrates the novelty of the work. For demonstrating the improved outcomes of the MFODBN-MDC model, a wide range of simulations are executed, and the results are assessed in various aspects. The comparison study highlighted the enhanced outcomes of the MFODBN-MDC model over the existing techniques with maximum precision, recall, and F1 score of 97.42%, 97.33%, and 97.33%, respectively.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Optimal Deep Belief Network Enabled Malware Detection and Classification Model

Chandran¹,

Rajini²,

Jeyakarthic³

2023

Intelligent Automation &Amp; Soft Computing

View full text Add to dashboard Cite

show abstract

“…A genetic algorithm-based malware detection scheme for android devices is presented in [4], which applies genetic algorithm in feature selection and uses machine learning classifiers in detecting malwares. The problem of malware detection and classification is approached with a machine learning algorithm in [5], which uses the Cuckoo sandbox to analyze the effect of malware in isolated environment. The method extracts various features from the reports, and subsets of features are selected to maximize the accuracy.…”

Section: Related Workmentioning

confidence: 99%

An Adaptive-Feature Centric XGBoost Ensemble Classifier Model for Improved Malware Detection and Classification

Pavithra¹,

Selvakumarasamy²

2022

Journal of Cyber Security

View full text Add to dashboard Cite

Machine learning (ML) is often used to solve the problem of malware detection and classification, and various machine learning approaches are adapted to the problem of malware classification; still acquiring poor performance by the way of feature selection, and classification. To address the problem, an efficient novel algorithm for adaptive feature-centered XG Boost Ensemble Learner Classifier "AFC-XG Boost" is presented in this paper. The proposed model has been designed to handle varying data sets of malware detection obtained from Kaggle data set. The model turns the XG Boost classifier in several stages to optimize performance. At preprocessing stage, the data set given has been noise removed, normalized and tamper removed using Feature Base Optimizer "FBO" algorithm. The FBO would normalize the data points, as well as perform noise removal according to the feature values and their base information. Similarly, the performance of standard XG Boost has been optimized by adapting the selection using Class Based Principle Component Analysis "CBPCA" algorithm, which performs the selection according to the fitness of any feature for different classes. Based on the selected features, the method generates a regression tree for each feature considered. Based on the generated trees, the method performs classification by computing the tree-level ensemble similarity 'TLES' and the class-level ensemble similarity 'CLES'. Using both methods calculates the value of the class match similarity 'CMS' based on which the malware has been classified. The proposed approach achieves 97% accuracy in malware detection and classification with the less time complexity of 34 s for 75000 samples.

show abstract

“…According to [38], They explored a machine learning-based malware detection framework and demonstrated the usefulness of a variety of machine learning models, including Decision Trees, Support Vector Machines, and others. They used the Cuckoo sandbox to evaluate malware samples in a simulation environment.…”

Section: Related Workmentioning

confidence: 99%

“…The Cuckoo sandbox runs malware samples in a virtual environment and generates an analysis report based on their behavior. Many researchers [38], [39] have used the Cuckoo sandbox for malware investigation in the past.…”

Section: Related Workmentioning

confidence: 99%

Trojan Horse Infection Detection in Cloud Based Environment Using Machine Learning

Kanaker¹,

Karim

Awwad

et al. 2022

Int. J. Interact. Mob. Technol.

View full text Add to dashboard Cite

Cloud computing technology is known as a distributed computing network, which consists of a large number of servers connected via the internet. This technology involves many worthwhile resources, such as applications, services, and large database storage. Users have the ability to access cloud services and resources through web services. Cloud computing provides a considerable number of benefits, such as effective virtualized resources, cost efficiency, self-service access, flexibility, and scalability. However, many security issues are present in cloud computing environment. One of the most common security challenges in the cloud computing environment is the trojan horses. Trojan horses can disrupt cloud computing services and damage the resources, applications, or virtual machines in the cloud structure. Trojan horse attacks are dangerous, complicated and very difficult to be detected. In this research, eight machine learning classifiers for trojan horse detection in a cloud-based environment have been investigated. The accuracy of the cloud trojan horses detection rate has been investigated using dynamic analysis, Cukoo sandbox, and the Weka data mining tool. Based on the conducted experiments, the SMO and Multilayer Perceptron have been found to be the best classifiers for trojan horse detection in a cloud-based environment. Although SMO and Multilayer Perceptron have achieved the highest accuracy rate of 95.86%, Multilayer Perceptron has outperformed SMO in term of Receiver Operating Characteristic (ROC) area.

show abstract

A Novel Machine Learning Based Malware Detection and Classification Framework

Cited by 48 publications

References 4 publications

Optimal Deep Belief Network Enabled Malware Detection and Classification Model

Optimal Deep Belief Network Enabled Malware Detection and Classification Model

An Adaptive-Feature Centric XGBoost Ensemble Classifier Model for Improved Malware Detection and Classification

Trojan Horse Infection Detection in Cloud Based Environment Using Machine Learning

Contact Info

Product

Resources

About