2 Feb
2021
2 Feb
'21
7:10 a.m.
Dear all,
We are submitting a paper “Ensemble Based Classification using Neural Networks and Machine
Learning Models for Windows PE Malware Detection” to the journal Electronics MDPI. The
paper’s abstract is below. If accepted we will acknowledge SPARTA.
The authors are Robertas Damaševičius, Algimantas Venčkauskas, Jevgenijus Toldinas,
Šarūnas Grigaliūnas.
All the best,
Algimantas Venčkauskas
______________________________________________________
Abstract: Security of information is one of the greatest challenges facing organizations
and institutions. Cybercrime is rising in frequency and magnitude in recent years with new
ways to steal, change, destroy information or disable the information system appearing
every day. One of the types of penetration into the information system where confidential
information is processed is malware. An attacker injects malware into a computer system,
after which he has full or partial access to critical information in the information
system. This paper proposes an ensemble classification-based methodology for malware
detection. The first-stage classification is performed by a stacked ensemble of dense
(fully connected) and convolutional neural networks (CNN), while the final stage
classification is performed by a meta-learner. For a meta-learner, we explored and
compared 14 classifiers. For a baseline comparison, 13 machine learning methods are used:
K-Nearest Neighbors, Linear Support Vector Machine (SVM), RBF SVM, Random Forest,
AdaBoost, Decision Tree, ExtraTrees, Linear Discriminant Analysis, Logistic, Neural Net,
Passive Classifier, Ridge Classifier, and Stochastic Gradient Descent classifier. We
present the results of experiments performed on the Classification of Malware with PE
headers (ClaMP) dataset. The best performance was achieved by an ensemble of five dense
and CNN neural networks, and the ExtraTrees classifier as a meta-learner.