Increasing the Accuracy of Malware Detection in PE Files Using Advanced Machine-Learning Techniques

This work presents the design and implementation of a new malware detection system for Portable Executable (PE) files in the Windows operating system using machine learning methods. The system uses various techniques for extracting attributes from binary files, including the n-gram method, branch an...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:IEEE access Ročník 13; s. 191180 - 191202
Hlavní autoři: Papan, Jozef, Scasny, Martin, Bridova, Ivana, Janovec, Michal
Médium: Journal Article
Jazyk:angličtina
Vydáno: Piscataway IEEE 2025
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Témata:
Accuracy
Application programming interface
Application programming interfaces
Classification
Codes
Detection system
Feature extraction
Machine learning
Malware
Neural networks
Operating systems
PE files
Security
Symbols
Training
Windows (computer programs)
ISSN:2169-3536, 2169-3536
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:This work presents the design and implementation of a new malware detection system for Portable Executable (PE) files in the Windows operating system using machine learning methods. The system uses various techniques for extracting attributes from binary files, including the n-gram method, branch analysis of instructions, and frequency analysis of instructions, which are combined with information about imported functions. To improve the classification accuracy and optimize the computational effort, neural networks with different architectures were trained and optimized. The implemented API (Application Programming Interface) interface allows easy integration of the system into existing security solutions and offers flexibility in the choice of classification models. Experimental results are compared with commercial detection systems, while the detection accuracy and false positive and false negative rates are analyzed. The limitations of the proposed approach, possibilities for its improvement, and perspectives for further use of machine learning in the field of malware detection are discussed in the conclusion of the work.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2025.3627324