Detecting Java Compiled Malware using Machine Learning Techniques

Abstract

Malicious software using Java Language in order to implement the attack evolved rapidly in the past years. Initially we were used to find malicious Applets and exploitation methods to escape the controlled environments and to gain access to victims. Nowadays, as a react to the security measurements implemented in browsers, it is common to distribute the malware through spear-phishing emails. This paper presents two methods to detect the Java malicious code. One method is using an unsupervised machine learning algorithm while the other is using the Perceptron algorithm in order to shape a detection model. Combining their capacities we obtained a very good solution to detect Java threats in a proactive manner and to make sure that the known malware variants are still detected. The detection is focused on the class files as a response to the Malware as a Service concept.