{"title":"机器学习算法在Windows操作系统上应用于基于PE头的恶意软件检测","authors":"Duc C. Le, Mau Pham, Duy Dinh, Hao T. Do","doi":"10.31799/1684-8853-2022-4-44-57","DOIUrl":null,"url":null,"abstract":"Introduction: The rapid growth of malware and its malicious use result in significant financial losses for various organizations. Many researchers are interested in applying machine learning methods to solve the problem of malware detection. Nevertheless, because of the diversity of algorithms, each machine learning algorithm has its advantages and disadvantages for a given situation. Purpose: To apply machine learning for malware detection in the Windows operating system using Portable Executable header; to compare six different machine learning algorithms based on several criteria. Results: The comparison of various algorithms, including such classifiers as Random Forest, Decision Tree, Naive Bayes, Support Vector Machine, Multilayer Perceptron, k-Nearest Neighbors algorithm with a large dataset shows that some algorithms such as Random Forest, Decision Tree, k-Nearest Neighbors, and Multilayer Perceptron can detect malware with very high accuracy (> 98%). The Random Forest algorithm is especially well suited for Windows OS malwaredetection. At the same time, Naive Bayes classifier also has a high accuracy rate (> 96%) and fast processing time. Therefore, we may consider using Naive Bayes as an alternative.","PeriodicalId":36977,"journal":{"name":"Informatsionno-Upravliaiushchie Sistemy","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Applying machine learning algorithms for PE-header-based malware detection on the Windows operating system\",\"authors\":\"Duc C. Le, Mau Pham, Duy Dinh, Hao T. Do\",\"doi\":\"10.31799/1684-8853-2022-4-44-57\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Introduction: The rapid growth of malware and its malicious use result in significant financial losses for various organizations. Many researchers are interested in applying machine learning methods to solve the problem of malware detection. Nevertheless, because of the diversity of algorithms, each machine learning algorithm has its advantages and disadvantages for a given situation. Purpose: To apply machine learning for malware detection in the Windows operating system using Portable Executable header; to compare six different machine learning algorithms based on several criteria. Results: The comparison of various algorithms, including such classifiers as Random Forest, Decision Tree, Naive Bayes, Support Vector Machine, Multilayer Perceptron, k-Nearest Neighbors algorithm with a large dataset shows that some algorithms such as Random Forest, Decision Tree, k-Nearest Neighbors, and Multilayer Perceptron can detect malware with very high accuracy (> 98%). The Random Forest algorithm is especially well suited for Windows OS malwaredetection. At the same time, Naive Bayes classifier also has a high accuracy rate (> 96%) and fast processing time. Therefore, we may consider using Naive Bayes as an alternative.\",\"PeriodicalId\":36977,\"journal\":{\"name\":\"Informatsionno-Upravliaiushchie Sistemy\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-09-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Informatsionno-Upravliaiushchie Sistemy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.31799/1684-8853-2022-4-44-57\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Mathematics\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Informatsionno-Upravliaiushchie Sistemy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31799/1684-8853-2022-4-44-57","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Mathematics","Score":null,"Total":0}
Applying machine learning algorithms for PE-header-based malware detection on the Windows operating system
Introduction: The rapid growth of malware and its malicious use result in significant financial losses for various organizations. Many researchers are interested in applying machine learning methods to solve the problem of malware detection. Nevertheless, because of the diversity of algorithms, each machine learning algorithm has its advantages and disadvantages for a given situation. Purpose: To apply machine learning for malware detection in the Windows operating system using Portable Executable header; to compare six different machine learning algorithms based on several criteria. Results: The comparison of various algorithms, including such classifiers as Random Forest, Decision Tree, Naive Bayes, Support Vector Machine, Multilayer Perceptron, k-Nearest Neighbors algorithm with a large dataset shows that some algorithms such as Random Forest, Decision Tree, k-Nearest Neighbors, and Multilayer Perceptron can detect malware with very high accuracy (> 98%). The Random Forest algorithm is especially well suited for Windows OS malwaredetection. At the same time, Naive Bayes classifier also has a high accuracy rate (> 96%) and fast processing time. Therefore, we may consider using Naive Bayes as an alternative.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
