Windows operating system malware detection using machine learning

Rawabi Hilabi, Ahmed Abu-Khadrah

Abstract


Over the years, cybercriminals have become more sophisticated in manipulating network users. Malware is a popular tool they use to exploit victims, targeting valuable assets such as identities and credit cards in the realm of digital technology. Cybersecurity professionals are consistently innovating to detect malicious activities. Machine learning (ML) algorithms are now a leading method for rapidly identifying unseen malware, offering efficiency and intelligence beyond traditional approaches. In fact, attackers like to see the victims suffer from damage caused by malware. Malware can destroy devices and networks. Additionally, hackers can blackmail individuals and organizations to obtain money through ransomware. Therefore, the aim of this research is developing a new model that has the capability of detecting malwares that are targeting Windows operating systems (OS) through enhancing an existing model by deploying several ML algorithms which are extreme gradient boosting (XGB) and random forest (RF). In addition, the swarm optimization and ML applied to portable executable (SOMLAP) dataset applied in the portable executable (PE) is used for training data and testing these learning algorithms. The result achieved by XGB and RF hybrid technique accuracy was 0.966, precision 0.990 and recall was 0.918.

Keywords


Extreme gradient boosting; Malicious; Malwares; Portable executable; Random forest

Full Text:

PDF


DOI: https://doi.org/10.11591/eei.v13i5.8018

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Bulletin of EEI Stats

Bulletin of Electrical Engineering and Informatics (BEEI)
ISSN: 2089-3191, e-ISSN: 2302-9285
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).