An Efficient Approach For Malware Detection Using PE Header Specification
Tina Rezaei, Ali Hamzeh
Code Available — Be the first to reproduce this paper.
ReproduceCode
Abstract
Following the dramatic growth of malware and the essential role of computer systems in our daily lives, the security of computer systems and the existence of malware detection systems become critical. In recent years, many machine learning methods have been used to learn the behavioral or structural patterns of malware. Because of their high generalization capability, they have achieved great success in detecting malware. In this paper, to identify malware programs, features extracted based on the header and PE file structure are used to train several machine learning models. The proposed method identifies malware programs with 95.59% accuracy using only nine features, the values of which have a significant difference between malware and benign files. Due to the high speed of the proposed model in feature extraction and the low number of extracted features, which lead to faster model training, the proposed method can be used in real-time malware detection systems