Random Forest for Malware Classification

Felan Carlo C. Garcia; Felix P. Muga II

arXiv:1609.07770·cs.CR·September 27, 2016·44 cites

Random Forest for Malware Classification

Felan Carlo C. Garcia, Felix P. Muga II

PDF

Open Access

TL;DR

This paper presents a novel malware classification method that converts malware binaries into images and uses Random Forest to achieve high accuracy, effectively countering obfuscation techniques.

Contribution

It introduces a new approach of malware classification using image conversion and Random Forest, improving detection accuracy over traditional static methods.

Findings

01

Achieved 95.62% accuracy in malware classification

02

Effective against code obfuscation techniques

03

Demonstrates the viability of image-based malware analysis

Abstract

The challenge in engaging malware activities involves the correct identification and classification of different malware variants. Various malwares incorporate code obfuscation methods that alters their code signatures effectively countering antimalware detection techniques utilizing static methods and signature database. In this study, we utilized an approach of converting a malware binary into an image and use Random Forest to classify various malware families. The resulting accuracy of 0.9562 exhibits the effectivess of the method in detecting malware

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdvanced Malware Detection Techniques · Network Security and Intrusion Detection · Anomaly Detection Techniques and Applications