Enhanced Malware Detection: Leveraging Volatility Analysis and Machine Learning Synergy

Enhanced Malware Detection: Leveraging Volatility Analysis and Machine Learning Synergy

연구 분야: Safety

학회: International Conference on Advanced Informatics for Computing Research

The process of locating, analyzing, and looking into different parts of malware with the goal of identifying the attackers and the root cause of the attack is known as malware forensics. Malware detection entails employing strategies and technologies to discover, stop, notify, and respond to malware threats. The aim is to develop a software that is capable of detecting a malicious software that is injected into a file that can be downloaded from the Internet. Machine Learning is utilized for threat detection, which is critical in dealing with the tremendous increase in malware, and the algorithm that is implemented is Random Forest (RF). The accuracy of the prediction by the RF algorithm is 99%, and the testing is done on 30% of the dataset. The dataset contains features that the most recent malware consists of, and these are used to determine if a particular file is malicious. The number of malware features used for training is 75, out of 79 features in total, and the number of virus samples is 19611. In order to develop the software, the tools used for the backend development are Django, and a Python code is injected in the form of an API. For the frontend, ReactJS is used. The malware is further analysed through memory forensics by using the volatility tool.