Impact of portable executable header features on malware detection accuracy
Sep 22, 2022
DOI:
Published in: Computers, Materials & Continua
One aspect of cybersecurity incorporates the study of Portable Executable (PE) file maleficence. Artificial Intelligence (AI) can be employed in such studies, since AI has the ability to discriminate benign from malicious files. In this study, an exclusive set of 29 features was collected from trusted implementations; this set was used as a baseline to analyze the presented work in this research. A Decision Tree (DT) and Neural Network Multi-Layer Perceptron (NN-MLPC) algorithms were utilized during this work. Both algorithms were chosen after testing a few diverse procedures. This work implements a method of subgrouping features to answer questions such as, which feature has a positive impact on accuracy when added? Is it possible to determine a reliable feature set to distinguish a malicious PE file from a benign one? When combining features, would it have any effect on malware detection accuracy in a PE file? Results obtained using the proposed method were improved and carried few observations. Generally, the obtained results had practical and numerical parts. For the practical part, the number of features and which features are included are the main factors impacting the calculated accuracy. Also, the combination of features is as crucial in these calculations. Numerical results included finding accuracies with enhanced values; for example, NN_MLPC attained 0.979 and 0.98, and for DT, an accuracy of 0.9825 and 0.986 was attained.
Other Researches
Modified YOLOv8x model for coronary stenosis detection and troponin risk stratification
Detection of coronary artery stenosis and risk stratification of troponin play a pivotal role in offering early diagnosis and treatment of cardiovascular diseases. In this paper, an improved deep learning framework that allows using both spatial and...
PUF-Enabled Key-Exchange Protocol for Vehicular Ad-Hoc Networks
The Internet of Vehicles (IoV) enables data exchange among individuals, cloud resources, road infrastructures, and vehicles, interconnected through Vehicular Ad Hoc Networks (VANETs). VANETs comprise vehicles with Onboard Units (OBUs), Roadside Unit...
LSOARP: A Link Stability and Obstacle-Aware Routing Protocol for UAV Networks
As using Unmanned Aerial Vehicles (UAVs) continues to grow across military, environmental, and public safety sectors, we are seeing a fast development of Flying Ad Hoc Networks (FANETs). Despite this progress, creating reliable routing protocols for...
Generalizing location-centric variations to enhance contactless human activity recognition
Contactless Human Activity Recognition (HAR) has played a critical role in smart healthcare and elderly care homes to monitor patient behavior and detect falls or abnormal activities in real time. The effectiveness of non-invasive HAR is often hinde...
Filtered orthogonal frequency division multiplexing (F-OFDM), employed in visible light communication (VLC) systems, has been considered a promising technique for overcoming OFDM’s large out-of-band emissions and thus reducing bandwidth efficiency. ...
Malware Detection with Subspace Learning-based One-Class Classification
Detecting malware is crucial for ensuring the security of computer systems. Traditional machine learning models face challenges in effectively detecting malware, mainly due to the class imbalance problem, where the number of malware samples is signi...
The filtered-orthogonal frequency division multiplexing (F-OFDM) scheme has gained attention as a promising solution in the field of visible light communication (VLC) systems. One crucial aspect in VLC is the conversion of the complex F-OFDM signal ...
Wildfires are common disasters that have long-lasting climate effects and serious ecological, social, and economic effects due to climate change. Since Earth observation (EO) satellites were launched into space, remote sensing (RS) has become a more...
Novel partial overlapped gaussian pulse multi-access system aided by data analysis
Orthogonal frequency-division multi-access (OFDMA) systems have limited flexibility to improve efficiency due to their dependency on subcarrier orthogonality. As a result of this restriction, attention has shifted to a new multi-access communication...
YOLO-V3 based real-time drone detection algorithm
Drones are currently being used in a wide range of useful tasks that are too dangerous and/or expensive to be performed by humans. However, this is increasingly developing security breaching issues due to the possibility of misuse of unmanned aircra...