PEDM: Pre-Ensemble Decision Making for Malware Identification and Web Files

Abstract

Connecting your system or device to an insecure network can create the possibility of infecting by the unwanted files. Malware is every malicious code that has the potential to harm any computer or network. So, detecting harmful files is a crucial duty and an important role in any system. Machine learning approaches use a variety of features such as Opcodes, Bytecodes, and System-calls to achieve accurate malware identification. Each of these feature sets provides a unique semantic view, while, considering the effect of altogether is more reliable to detect attacks. Malware can disguise itself in some views, but hiding in all views will be much more difficult. Multi-View Learning (MVL) is an outstanding approach that considers multiple views of a problem to improve the overall performance. In this paper, inspiring MVL an approach is proposed to incorporate some various feature sets and exploit complementary information to identify a file. In this way, the consensus of multiple views is used to minimize the overall error of a classifier based on sparse representation. To show the generalization power of the proposed method, various datasets are employed. Experimental results indicate that in addition to high performance, the proposed method has the advantage of overcoming the imbalanced conditions.