Machine Learning Approach for Malware Detection Using Malware Memory Analysis Data

Machine Learning Approach for Malware Detection Using Malware Memory Analysis Data

연구 분야: Safety

학회: International Conference on Applications and Techniques in Information Security

Malware has intensified due to technological advancements. It is critical to identify malware. To detect malware, both static and dynamic methods are used. Sophisticated malware may evade detection by conventional static and dynamic methods. The static and dynamic methods Memory analysis may reveal harmful activities that traditional file analysis may overlook by adding a review of volatile memory to static and dynamic techniques. This is especially useful in discovering complex or fileless malware. Virus behaviors and actions may be uncovered using memory analysis. Computer memory becomes a breeding ground for malware. Therefore, memory analysis should be the top priority in malware detection research. One study found that RAM data might identify malicious software. The use of machine learning in a massive dataset allowed for the detection of memory-based malware. Though it has persisted in the digital age, the effects of malicious software have grown in recent years. The detection of harmful software has traditionally relied on the identification of malware samples and families. These systems use detection approaches that rely on rules and traditional signatures. Machine learning malware detection is the main topic of the research. Differentiating this method is its emphasis on component-dependent malware. We want to develop smart detecting systems that are more robust and sophisticated. The key characteristics of malware are identified using a combination of random forest and naive Bayes classifiers. Viruses are caught by this. The HRFNB Classifier integrates both Naive Bayes and Hybrid Random Forest. Decision Tree, XGBoost, CatBoost, GBM, and LightGBM were among the HRFNB algorithms that were put to the test. The findings were analyzed using Accuracy, F1-score, Precision, Recall, and AUC. Using HRFNB for memory analysis, malware was detected 99.89% of the time.