Full Program
Summary:
Recently the concept of cybersecurity has become crucial in daily life routines. Every day thousands of attacks are perpetrated by attackers to obtain information and gain money. One of the most common attacks proposed by malicious users is ransomware. Due to the inefficiency of several methods proposed in the literature such as signature-based experts have proposed several solutions to curb these attacks including artificial intelligence. This research proposes a malware detector able to classify malware ransomware and trusted Windows executable files leveraging machine learning. As the first step we created a dataset of almost 15 000 Portable Executable files from which we extracted opcodes and computed feature vectors like the frequency and the distribution of each opcode for each file taken under analysis. Once we concluded the dataset creation phase we trained and tested several classifiers such as Decision Tree Extra Trees Gradient Boosting K-Neighbors Logistic Regression Random Forest andAuthor(s):
Giovanni Ciaramella
IMT School for Advanced Studies Lucca & Institute for Informatics and Telematics, National Research Council of Italy (CNR)
Italy
Fabio Martinelli
Institute for High Performance Computing and Networking, National Research Council of Italy (CNR)
Italy
Antonella Santone
University of Molise
Italy
Francesco Mercaldo
University of Molise & Institute for Informatics and Telematics, National Research Council of Italy (CNR)
Italy