A Novel Machine Learning-Based Approach for the Automatic Detection of Malware in PE Files
摘要
Computer security hinges on accurate malware detection in Portable Executable (PE) files, as these files may harbor various malicious elements such as worms, trojans, ransomware, and viruses. This research explores four commonly used classification algorithms such as Support Vector Machine (SVM), and Logistic Regression (LR), followed by Decision Tree (DT) and Random Forest (RF), to assess their optimality towards malware detection from PE files. The optimality of a machine learning algorithm can depend on the information needs of the study, the level of data quality, and the capacity of physical resources in the research environment. Performance evaluations of the algorithms provide proficiency measures of their work through accuracy evaluations, built-in efficiency measurements, and interpretability capabilities. The paper discusses the algorithms, SVM and LR, together with DT and RF, and details information about their distinct characteristics in detecting, and classifying malware in PE files. This paper discusses the pros and cons of each algorithm, to help researchers and practitioners select the most appropriate approach for their unique information needs and operational parameters. These findings contribute to methodologies for detecting malware by indicating the merits and limitations of the machine-learning algorithms studied. Security analysts looking to explore the distinguishing features of SVM with LR and DT and RF can expect better results identifying malware embedded in PE files and subsequently enhancing the protection of their organizations’ computer systems.