Enterprises and individual users heavily rely on the abilities of antiviruses and other security mechanisms. However, the methodologies used by such software are not enough to detect and prevent most of the malicious activities and also consume a huge amount of resources of the host machine for their regular operations. In this paper, we propose a combination of machine learning techniques applied on a rich set of features extracted from a large dataset of benign and malicious files through a bespoke feature extraction tool. We extracted a rich set of features from each file and applied support vector machine, decision tree, and boosting on decision tree to get the highest possible detection rate. We also introduce a cloud-based scalable architecture hosted on Amazon web services to cater the needs of detection methodology. We tested our methodology against different scenarios and generated high achieving results with lowest energy consumption of the host machine.
Mirza, Qublai K.AliAwan, IrfanYounas, Muhammad
Faculty of Technology, Design and Environment\School of Engineering, Computing and Mathematics
Year of publication: 2017Date of RADAR deposit: 2018-08-21