An Improved Static Analysis Approach for Malware Detection by Optimizing Feature Extraction Combining Different ML Algorithms

An Improved Static Analysis Approach for Malware Detection by Optimizing Feature Extraction Combining Different ML Algorithms

연구 분야: Verification

학회: International Conference on Intelligent Systems and Pattern Recognition

One of the essential factors in cyber defense is malware analysis. Attackers use various social engineering techniques along with one or more zero-day vulnerabilities to deploy malicious software. In this regard, various malware detection algorithms are being developed to deal with this type of threat faced not only by individual users but also by organizations/nations. Low classification accuracy, computational complexity, and resource usage are among the factors influencing malware evaluation methods. Therefore, our efforts are also focused on improving the detection and classification of malware. To this end, an improved static analysis approach for malware detection is proposed by optimizing feature extraction by combining different machine learning algorithms. Three hybrid algorithms based on the combination of Naive Bayes, K Nearest Neighbors, and Random Forest are defined. To measure the accuracy of these hybrid algorithms a proper formula is presented. The applicability of the proposed hybrid algorithms is tested on a subset of the IoT-23 dataset, generated by the Avast AIC laboratory using Zeek Net-work Security Monitor. The conducted experiments and the obtained results about the hybrid algorithms’ performance are not only accurate but also precise and reliable in detecting true positives while minimizing false positives and negatives.