Home // INTERNET 2016, The Eighth International Conference on Evolving Internet // View article

Static Detection of Malware and Benign Executable Using Machine Learning Algorithm

Authors:
Dong-Hee Kim
Sang-Uk Woo
Dong-Kyu Lee
Tai-Myoung Chung

Keywords: Portable Executable; Machine Learning; Malware Detection

Abstract:
One of the popular way of detecting malware is signature based pattern matching. However, the signature of malware should be stored in advance for the pattern match- ing detection. Moreover, it calculates the similarity of input data using stored signature. Therefore, the storage problem and calculation overheads occur undoubtedly. Also, detection possibility is dropped, when malicious code is modified. So we use machine learning algorithm technique for detecting malicious executable and benign executable. In this paper, distinguished features of Portable Executable header are used. For the machine learning algorithm, Classification And Regression Tree (CART), Support Vector Classification (SVC), and Stochastic Gradient Descent (SGD) are applied. We have evaluated the performance of each algorithm. And the most outperformed algorithm each for classifying benign executable and malicious executable have been found. And then, these algorithms were combined to detect malware more precisely.

Pages: 14 to 19

Copyright: Copyright (c) IARIA, 2016

Publication date: November 13, 2016

Published in: conference

ISSN: 2308-443X

ISBN: 978-1-61208-516-6

Location: Barcelona, Spain

Dates: from November 13, 2016 to November 17, 2016