Static PE Malware Type Classification Using Machine Learning Techniques

Shao Huai Zhang; Cheng Chung Kuo; Chu Sing Yang

doi:10.1109/ICEA.2019.8858297

Static PE Malware Type Classification Using Machine Learning Techniques

Shao Huai Zhang, Cheng Chung Kuo, Chu Sing Yang

電機工程學系

研究成果: Conference contribution

4 引文斯高帕斯（Scopus）

摘要

In recent years, machine learning techniques have become more and more popular. It is also introduced to the research about malware detection. However, most of research are still focused on binary classification issue, which predicts a file as benign or malicious. Only a small fraction of them work on malware type detection or classification of malware family. This work mainly uses several machine learning models to build static malware type classifiers on PE-format files. A recently released dataset for windows malware detection are used and relabeled into multi-class via VirusTotal, and several efficient and scalable machine learning models are considered. The evaluation results show that our best model, random forest, can achieve high performance with micro avg f1 score 0.96 and macro avg f1 score 0.89, which is better than the model used in referred work.

原文	English
主出版物標題	Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019
發行者	Institute of Electrical and Electronics Engineers Inc.
頁面	81-86
頁數	6
ISBN（電子）	9781728131597
DOIs	https://doi.org/10.1109/ICEA.2019.8858297
出版狀態	Published - 2019 8月
事件	2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019 - Tainan, Taiwan 持續時間: 2019 8月 30 → 2019 9月 1

出版系列

名字	Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019

Conference

Conference	2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019
國家/地區	Taiwan
城市	Tainan
期間	19-08-30 → 19-09-01

All Science Journal Classification (ASJC) codes

人工智慧
電腦網路與通信
電腦科學應用
健康資訊學
通訊
社會科學（雜項）

存取文件

10.1109/ICEA.2019.8858297

其它文件與鏈接

引用此

Zhang, S. H., Kuo, C. C., & Yang, C. S. (2019). Static PE Malware Type Classification Using Machine Learning Techniques. 於 Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019 (頁 81-86). 文章 8858297 (Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICEA.2019.8858297

Zhang, Shao Huai ; Kuo, Cheng Chung ; Yang, Chu Sing. / Static PE Malware Type Classification Using Machine Learning Techniques. Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019. Institute of Electrical and Electronics Engineers Inc., 2019. 頁 81-86 (Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019).

@inproceedings{5fbbececf14642e5b8156ca22aab2fbb,

title = "Static PE Malware Type Classification Using Machine Learning Techniques",

abstract = "In recent years, machine learning techniques have become more and more popular. It is also introduced to the research about malware detection. However, most of research are still focused on binary classification issue, which predicts a file as benign or malicious. Only a small fraction of them work on malware type detection or classification of malware family. This work mainly uses several machine learning models to build static malware type classifiers on PE-format files. A recently released dataset for windows malware detection are used and relabeled into multi-class via VirusTotal, and several efficient and scalable machine learning models are considered. The evaluation results show that our best model, random forest, can achieve high performance with micro avg f1 score 0.96 and macro avg f1 score 0.89, which is better than the model used in referred work.",

author = "Zhang, {Shao Huai} and Kuo, {Cheng Chung} and Yang, {Chu Sing}",

year = "2019",

month = aug,

doi = "10.1109/ICEA.2019.8858297",

language = "English",

series = "Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "81--86",

booktitle = "Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019",

address = "United States",

note = "2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019 ; Conference date: 30-08-2019 Through 01-09-2019",

}

Zhang, SH, Kuo, CC & Yang, CS 2019, Static PE Malware Type Classification Using Machine Learning Techniques. 於 Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019., 8858297, Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019, Institute of Electrical and Electronics Engineers Inc., 頁 81-86, 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019, Tainan, Taiwan, 19-08-30. https://doi.org/10.1109/ICEA.2019.8858297

Static PE Malware Type Classification Using Machine Learning Techniques. / Zhang, Shao Huai; Kuo, Cheng Chung; Yang, Chu Sing.
Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 81-86 8858297 (Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019).

研究成果: Conference contribution

TY - GEN

T1 - Static PE Malware Type Classification Using Machine Learning Techniques

AU - Zhang, Shao Huai

AU - Kuo, Cheng Chung

AU - Yang, Chu Sing

PY - 2019/8

Y1 - 2019/8

N2 - In recent years, machine learning techniques have become more and more popular. It is also introduced to the research about malware detection. However, most of research are still focused on binary classification issue, which predicts a file as benign or malicious. Only a small fraction of them work on malware type detection or classification of malware family. This work mainly uses several machine learning models to build static malware type classifiers on PE-format files. A recently released dataset for windows malware detection are used and relabeled into multi-class via VirusTotal, and several efficient and scalable machine learning models are considered. The evaluation results show that our best model, random forest, can achieve high performance with micro avg f1 score 0.96 and macro avg f1 score 0.89, which is better than the model used in referred work.

AB - In recent years, machine learning techniques have become more and more popular. It is also introduced to the research about malware detection. However, most of research are still focused on binary classification issue, which predicts a file as benign or malicious. Only a small fraction of them work on malware type detection or classification of malware family. This work mainly uses several machine learning models to build static malware type classifiers on PE-format files. A recently released dataset for windows malware detection are used and relabeled into multi-class via VirusTotal, and several efficient and scalable machine learning models are considered. The evaluation results show that our best model, random forest, can achieve high performance with micro avg f1 score 0.96 and macro avg f1 score 0.89, which is better than the model used in referred work.

UR - http://www.scopus.com/inward/record.url?scp=85074212170&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85074212170&partnerID=8YFLogxK

U2 - 10.1109/ICEA.2019.8858297

DO - 10.1109/ICEA.2019.8858297

M3 - Conference contribution

T3 - Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019

SP - 81

EP - 86

BT - Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019

Y2 - 30 August 2019 through 1 September 2019

ER -

Zhang SH, Kuo CC, Yang CS. Static PE Malware Type Classification Using Machine Learning Techniques. 於 Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 81-86. 8858297. (Proceedings - 2019 International Conference on Intelligent Computing and Its Emerging Applications, ICEA 2019). doi: 10.1109/ICEA.2019.8858297

Static PE Malware Type Classification Using Machine Learning Techniques

摘要

出版系列

Conference

All Science Journal Classification (ASJC) codes

存取文件

其它文件與鏈接

指紋

引用此