Publication

Abstract : From cloud computing to the Internet of Things, there are several applications and frameworks that are susceptible to cyber-attacks. To safeguard critical systems and companies from cyber security assaults, malicious activities are automatically detected using Machine Learning (ML) techniques. Choosing a classifier that determines a file's threat or maliciousness using static signature-based analysis, we performed bi-class and multi-class classification using 15 ML algorithms. As a data preprocessing technique, we used Truncated singular value decomposition (SVD) which significantly improved the classifier results on multi class classification. Synthetic Minority Oversampling Technique (SMOTE) technique is used to balance the imbalanced datasets, applied feature selection and 5-fold cross validation to improve the classifiers performance. With the extensive analysis we made on a spectrum of datasets which are used for malware analysis, we found ensemble-based classifiers are consistent and the results are remarkable. Our findings on the optimal classifier can be utilized to create intrusion detection systems or signature-based antiviral software in real time.