Enhancing Malware Detection by Integrating Machine Learning with Cuckoo Sandbox
Autor: | Amaal F. Alshmarni, Mohammed A. Alliheedi |
---|---|
Jazyk: | angličtina |
Rok vydání: | 2024 |
Předmět: | |
Zdroj: | Journal of Information Security and Cybercrimes Research, Vol 7, Iss 1, Pp 85-92 (2024) |
Druh dokumentu: | article |
ISSN: | 1658-7782 1658-7790 |
DOI: | 10.26735/WZNG1384 |
Popis: | In this work, two categories of deep learning and conventional machine learning were used to classify malware using a dataset of all possible API call sequences. Specifically, the objective was to determine the best strategy to tackle the ever-rising menace as malware becomes more complex. A new dataset was created employing Cuckoo Sandbox, where API call sequences originating from both benign and malware samples were recorded. The performance of these algorithms was benchmarked and tested using this dataset, which includes SVM, RF, KNN, XGB, GBC, CNN, and RNN. The study established that both deep learning and conventional machine learning algorithms provided high accuracy above 90%. Specifically, the recurrent neural networks (RNNs) demonstrated high accuracy rates ranging from 95% to 99%. These results are highly indicative of deep learning, especially RNN, as a promising approach to improving the effectiveness of malware detection. The data obtained from dynamic analysis, when integrated into a database, serves as a more reliable source for training and testing of such models, and can improve the model’s ability to identify new threats posed by malware. Thus, this work is salient in enhancing the development of new approaches to fight malware that constantly evolve in the modern world. |
Databáze: | Directory of Open Access Journals |
Externí odkaz: |