A Machine Learning Approach to Malware Detection Using Application Programming Interface Calls (MDAPI)
Today, all kinds of institutions and organizations depend on the Internet and information systems. They have been an inseparable part of human life. This brings out not only convenience, but also potentially devastating vulnerabilities. There are countless solutions for such risks and it is true tha...
Gespeichert in:
Veröffentlicht in: | Traitement du signal 2023-08, Vol.40 (4), p.1511-1520 |
---|---|
Hauptverfasser: | , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Today, all kinds of institutions and organizations depend on the Internet and information systems. They have been an inseparable part of human life. This brings out not only convenience, but also potentially devastating vulnerabilities. There are countless solutions for such risks and it is true that these solutions greatly contribute to security, but no effective solution has yet been found against Zero-Day malware. Zero-day malware is malicious software that has not yet been identified by competent authorities and is not classified as malicious software. A traditional malware detection tool can only detect previously detected software and classify it as malicious. Machine learning methods, which have proven effective in various domains, offer a promising approach to addressing Zero-Day malware. Throughout this study, a stable solution other than traditional methods have been investigated to overcome all kinds of malware. Instead of solutions consisting of complex, time-consuming and heterogeneous features (such as deleting/adding/changing files, monitoring registry records, or running processes) in various studies in the literature, a simple, low-time cost and stable solution with homogeneous features (only API calls) has been obtained. The 98.04% accuracy score shows that the method is quite successful. The importance of the study is having high accuracy using only API calls as features in malware detection. It has been realized that classical antivirus methods are no longer sufficient for combating malicious software. |
---|---|
ISSN: | 0765-0019 1958-5608 |
DOI: | 10.18280/ts.400419 |