Özet:

Abstract The world's digitalization is currently being threatened by the daily appearance of new and complicated viruses. As a result, the conventional signature-based approaches for malware detection are practically rendered useless. Modern research studies have demonstrated the effectiveness of machine-learning algorithms in terms of malware identification. In this study, we suggested a system to identify and categorize various files (such as exe, pdf, PHP, etc.), and API calls as benign and harmful utilizing two-level classifiers, namely Macro (for malware detection) and Micro (for classification of malware files as a Trojan, Spyware, Adware, etc.). One of the most used data mining (DM) methods is classification. In this research, we describe a classification technique for DM for malware discovery. On the basis of the characteristics and behaviors of each virus, we suggested many categorization approaches to identify malware. The malware traits have been identified using a dynamic analysis technique. Our solution executes sample files in a virtual environment using Cuckoo Sandbox to generate static and dynamic analysis reports. Additionally, utilizing the data produced by the Cuckoo Sandbox, a unique feature selection, and extraction segment has been produced that operates based on static, behavioral, and network analysis. Machine learning models are created utilizing the Weka Framework and training datasets. The experimental findings utilizing the suggested framework demonstrate high rates of detection and classification using various Machine Learning Algorithms.

Anahtar Kelimeler: