Full metadata record

DC Field Value Language
dc.contributor.authorYousuf, Muhammad Irfan-
dc.contributor.authorAnwer, Izza-
dc.contributor.authorRiasat, Ayesha-
dc.contributor.authorZia, Khawaja Tahir-
dc.contributor.authorKim, Su hyun-
dc.date.accessioned2024-01-19T09:33:58Z-
dc.date.available2024-01-19T09:33:58Z-
dc.date.created2023-06-15-
dc.date.issued2023-04-
dc.identifier.issn2376-5992-
dc.identifier.urihttps://pubs.kist.re.kr/handle/201004/113800-
dc.description.abstractMalware or malicious software is an intrusive software that infects or performs harmful activities on a computer under attack. Malware has been a threat to individuals and organizations since the dawn of computers and the research community has been struggling to develop efficient methods to detect malware. In this work, we present a static malware detection system to detect Portable Executable (PE) malware in Windows environment and classify them as benign or malware with high accuracy. First, we collect a total of 27,920 Windows PE malware samples divided into six categories and create a new dataset by extracting four types of information including the list of imported DLLs and API functions called by these samples, values of 52 attributes from PE Header and 100 attributes of PE Section. We also amalgamate this information to create two integrated feature sets. Second, we apply seven machine learning models; gradient boosting, decision tree, random forest, support vector machine, K-nearest neighbor, naive Bayes, and nearest centroid, and three ensemble learning techniques including Majority Voting, Stack Generalization, and AdaBoost to classify the malware. Third, to further improve the performance of our malware detection system, we also deploy two dimensionality reduction techniques: Information Gain and Principal Component Analysis. We perform a number of experiments to test the performance and robustness of our system on both raw and selected features and show its supremacy over previous studies. By combining machine learning, ensemble learning and dimensionality reduction techniques, we construct a static malware detection system which achieves a detection rate of 99.5% and error rate of only 0.47%.-
dc.languageEnglish-
dc.publisherPeerJ Inc.-
dc.titleWindows malware detection based on static analysis with multiple features-
dc.typeArticle-
dc.identifier.doi10.7717/peerj-cs.1319-
dc.description.journalClass1-
dc.identifier.bibliographicCitationPeerJ Computer Science, v.9-
dc.citation.titlePeerJ Computer Science-
dc.citation.volume9-
dc.description.isOpenAccessY-
dc.description.journalRegisteredClassscie-
dc.description.journalRegisteredClassscopus-
dc.identifier.wosid000996397200008-
dc.identifier.scopusid2-s2.0-85159782624-
dc.relation.journalWebOfScienceCategoryComputer Science, Artificial Intelligence-
dc.relation.journalWebOfScienceCategoryComputer Science, Information Systems-
dc.relation.journalWebOfScienceCategoryComputer Science, Theory & Methods-
dc.relation.journalResearchAreaComputer Science-
dc.type.docTypeArticle-
dc.subject.keywordAuthorStatic malware analysis-
dc.subject.keywordAuthorWindows PE-
dc.subject.keywordAuthorMachine learning-
dc.subject.keywordAuthorMultiple features-
Appears in Collections:
KIST Article > 2023
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML

qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE