Analysis of Maliciousness of Software Using Multiclass Classification

Abstract

Malwares are intended to infect and harm the systems for theft, damages and personal gains. Malware detection is very important for the security of the systems from getting harmed by any such activities. Most of the modern-day malware analysis tools rely on static analysis technique. However, these techniques fail in identifying the threats that were never seen before. Many recent researches focused on developing dynamic analysis tools using machine learning and deep learning techniques. Machine learning helps in increasing the accuracy and detection capability of the system by improving the models and training procedure. The main objective of this work is to study the dynamic analysis method using machine learning techniques for malware detection and family classification. In this experiment, machine learning model is built for CICANDML 2017 dataset. The challenges of inconsistency in the dataset are handled by using different techniques. Dataset is then prepared for giving to the model for error free analysis. Both binary classification and the multiclass classification is carried out on the samples and the results of different models are compared with each other. The results of our model showed that random forest achieved 91.91% accuracy for multiclass classification and 98.4% accuracy for binary classification which is much higher than earlier proposed approaches.