MALWARE DETECTION SYSTEM BASED ON MACHINE LEARNING TECHNOLOGY
UDC 004.85:004.056.57
DOI:10.26102/2310-6018/2020.30.3.042
O.N. Vybornova, I.A. Pidchenko
The continuous growth in the number of malicious programs makes the task of their detection urgent: classifying programs into malicious and safe. In this regard, this study is devoted to the development of a malware detection system based on machine learning, namely, training an artificial neural network with a teacher. In the course of the study, we analyzed the structure of Portable Executable files of the Windows operating system, selected characteristics from PE-files to form a training set, and also selected and substantiated the topology (four-level perceptron) and parameters of the antivirus neural network. The Keras library was used to create and train the model. The Ember dataset of safe and malicious software was used to form the training set. We have trained and verified the adequacy of training for the developed malicious code recognition model. The training results of the anti-virus neural network proposed in the study showed a high accuracy of malware detection and the absence of the overtraining effect, which indicates good prospects for using the model. Although the experimental model of a neural network is not able to fully replace the anti-virus scanners, the materials of the article are of practical value for the tasks of classifying programs into malicious and safe.
Keywords: malware, machine learning, anti-virus neural network, neural network training, Keras, Ember, Dropout.
Full text:
VybornovaPidchenko_3_20_1.pdf