Enhancing Malware Detection by Integrating Machine Learning with Cuckoo Sandbox

TL;DR

This paper compares deep learning and traditional machine learning algorithms for malware detection using API call sequences, demonstrating high accuracy levels up to 99% and highlighting the effectiveness of integrating machine learning with sandbox analysis.

Contribution

It introduces a comparative analysis of deep learning and traditional machine learning methods for malware detection using API call data, emphasizing the potential of deep learning techniques.

Findings

Deep learning models like CNN and RNN outperform traditional methods in accuracy.

Both approaches achieve up to 99% accuracy in malware classification.

Deep learning offers a promising avenue for enhanced malware detection.

Abstract

In the modern era, malware is experiencing a significant increase in both its variety and quantity, aligning with the widespread adoption of the digital world. This surge in malware has emerged as a critical challenge in the realm of cybersecurity, prompting numerous research endeavors and contributions to address the issue. Machine learning algorithms have been leveraged for malware detection due to their ability to uncover concealed patterns within vast datasets. However, deep learning algorithms, characterized by their multi-layered structure, surpass the limitations of traditional machine learning approaches. By employing deep learning techniques such as CNN (Convolutional Neural Network) and RNN (Recurrent Neural Network), this study aims to classify and identify malware extracted from a dataset containing API call sequences. The performance of these algorithms is compared with that of conventional machine learning methods, including SVM (Support Vector Machine), RF (Random Forest), KNN (K-Nearest Neighbors), XGB (Extreme Gradient Boosting), and GBC (Gradient Boosting Classifier), all using the same dataset. The outcomes of this research demonstrate that both deep learning and machine learning algorithms achieve remarkably high levels of accuracy, reaching up to 99% in certain cases.