AN ENSEMBLE BASED CLASSIFIER MODEL FOR THE DETECTION OF OBFUSCATED MALWARE IN PORTABLE EXECUTABLES.

Abstract

This research work will focus on detection of malicious obfuscated malware by formulating an Ensemble based model for the detection of obfuscated malware in portable executable files with the ability to detect obfuscated malware with reasonable accuracy. A large dataset retrieved from the website https://github.com/chihebchebbi/Mastering Machine-Learning-for-Penetration-Testing/blob/master/Chapter03/MalwareData.csv.gz was used. The training dataset comprises of 138,047 PE header file records samples which was divided into: 41,323 clean files containing exe and dll file samples and 96,724 malware file samples. The performance metrics evaluates the above mentioned machine learning algorithms in relation to their predictive capability. Based on the analysis of the tests and experimental results of the Ensemble Model, the Ensemble Model classifier predicted the obfuscated malware dataset with an Accuracy metrics of 98.8%, Precision metrics of 98.9%, Recall metrics of 98.9% and an F1-Score of 98.8%