Firdausi, Ivan and Lim, Charles (2010) Analysis of Machine Learning Techniques Used in Behavior-Based Malware Detection. Bachelor thesis, Swiss German University.
|
Text
Ivan Firdausi 1-2206-032 TOC.pdf Download (256kB) | Preview |
|
![[img]](http://repository.sgu.ac.id/style/images/fileicons/text.png) |
Text
Ivan Firdausi 1-2206-032 1.pdf Restricted to Registered users only Download (219kB) |
|
|
Text
Ivan Firdausi 1-2206-032 2.pdf Restricted to Registered users only Download (895kB) |
|
|
Text
Ivan Firdausi 1-2206-032 3.pdf Restricted to Registered users only Download (673kB) |
|
|
Text
Ivan Firdausi 1-2206-032 4.pdf Restricted to Registered users only Download (566kB) |
|
|
Text
Ivan Firdausi 1-2206-032 5.pdf Restricted to Registered users only Download (215kB) |
|
|
Text
Ivan Firdausi 1-2206-032 Ref.pdf Download (174kB) | Preview |
Abstract
The increasing of malware that are exploiting the Internet daily has become a serious threat. The manual heuristic inspection of malware analysis is no longer considered effective and efficient compared against the high spreading rate of malware. Conventional signature matching-based antivirus systems fail to detect polymorphic, obfuscated, and new, previously unseen malicious executables. Hence, automated behavior-based malware detection using machine learning techniques is considered a profound solution. The behavior of each malware on an emulated (sandbox) environment will be automatically analyzed and will generate behavior reports. These reports will be preprocessed into sparse vector models for further machine learning (classification). The classifiers used in this research are k-Nearest Neighbors (kNN), Naïve Bayes, Decision Tree, Support Vector Machine (SVM), and Artificial Neural Network (ANN). According to the analysis of the test and experiment results of all the 5 classifiers, the overall best performance goes to J48 with a recall (true positive rate) of 95.9%, a false positive rate of 2.4%, a precision (positive predictive value) of 97.3%, and an accuracy of 96.8%. In summary, it can be concluded that a proofof-concept based on automatic behavior-based malware analysis and the use of machine learning techniques could detect malware quite effectively and efficiently.
| Item Type: | Thesis (Bachelor) |
|---|---|
| Uncontrolled Keywords: | Malware Analysis; Dynamic Analysis; Behavior Analysis; Data Mining; Machine Learning |
| Subjects: | Q Science > QA Mathematics > QA76 Computer software > > QA76.91 Data mining Q Science > QA Mathematics > QA76 Computer software > > QA76.93 Computer networks--Security measures |
| Divisions: | Faculty of Engineering and Information Technology > Department of Information Technology |
| Depositing User: | Astuti Kusumaningrum |
| Date Deposited: | 03 Mar 2021 16:03 |
| Last Modified: | 03 Mar 2021 16:03 |
| URI: | http://repository.sgu.ac.id/id/eprint/1032 |
Actions (login required)
 |
View Item |