Malware Analysis Using Machine Learning Techniques

S. Kinger, B. V. Reddy, Sanket Jadhao, Kaustubh Hambarde, Aamir Hullur
{"title":"Malware Analysis Using Machine Learning Techniques","authors":"S. Kinger, B. V. Reddy, Sanket Jadhao, Kaustubh Hambarde, Aamir Hullur","doi":"10.1109/CONIT55038.2022.9848045","DOIUrl":null,"url":null,"abstract":"The number of malware samples intercepted and analyzed by antivirus providers has increased considerably in recent years. However, much of this software is essentially a repackaged version of malware that has already been identified. Consequently, assessing whether a piece of malware belongs to a known family or exhibits previously identified behavior that requires additional examination has become crucial. Random forest and Decision tree algorithms, as well as hybrid models of both algorithms, have been employed in past studies and research papers. We attempted to introduce an additional prediction technique known as SGD, which delivers good results when a dataset has over 100k variables (In our case 130k). As a result, SGD is one of our study paper's distinguishing characteristics. Our approach has also been tested on both packed and obfuscated malware samples, ensuring that it is both reliable and scalable.","PeriodicalId":270445,"journal":{"name":"2022 2nd International Conference on Intelligent Technologies (CONIT)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 2nd International Conference on Intelligent Technologies (CONIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CONIT55038.2022.9848045","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

The number of malware samples intercepted and analyzed by antivirus providers has increased considerably in recent years. However, much of this software is essentially a repackaged version of malware that has already been identified. Consequently, assessing whether a piece of malware belongs to a known family or exhibits previously identified behavior that requires additional examination has become crucial. Random forest and Decision tree algorithms, as well as hybrid models of both algorithms, have been employed in past studies and research papers. We attempted to introduce an additional prediction technique known as SGD, which delivers good results when a dataset has over 100k variables (In our case 130k). As a result, SGD is one of our study paper's distinguishing characteristics. Our approach has also been tested on both packed and obfuscated malware samples, ensuring that it is both reliable and scalable.
使用机器学习技术进行恶意软件分析
近年来,反病毒提供商拦截和分析的恶意软件样本数量大幅增加。然而,这些软件中的大部分本质上是已经被识别出来的恶意软件的重新打包版本。因此,评估一个恶意软件是属于已知的家族,还是表现出需要额外检查的先前识别的行为变得至关重要。随机森林和决策树算法,以及两种算法的混合模型,已经在过去的研究和研究论文中被采用。我们尝试引入一种额外的预测技术,称为SGD,当数据集有超过100,000个变量(在我们的例子中是130k)时,它会提供很好的结果。因此,SGD是我们研究论文的显著特征之一。我们的方法也在打包和混淆的恶意软件样本上进行了测试,确保它既可靠又可扩展。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信