Malware Analysis Using Machine Learning Techniques

Abstract

The number of malware samples intercepted and analyzed by antivirus providers has increased considerably in recent years. However, much of this software is essentially a repackaged version of malware that has already been identified. Consequently, assessing whether a piece of malware belongs to a known family or exhibits previously identified behavior that requires additional examination has become crucial. Random forest and Decision tree algorithms, as well as hybrid models of both algorithms, have been employed in past studies and research papers. We attempted to introduce an additional prediction technique known as SGD, which delivers good results when a dataset has over 100k variables (In our case 130k). As a result, SGD is one of our study paper's distinguishing characteristics. Our approach has also been tested on both packed and obfuscated malware samples, ensuring that it is both reliable and scalable.