Malware Detection with Machine Learning


Introduction

Listing below are 2 researches I've conducted on computer malware detaction. Each research addresses a different topic in the field of malware study with Machine Learning.


Zero-day Detection: Classification Experiments on Malware with Small Sample Size


Abstract

”Zero-day”, in computer security, refer to the situation when the computer system has no knowledge on a possible incoming attack. The ”zero” here is indicating that no previous warning or flag has risen for a security system to prepare. This paper conduct experiments on ”Zero-day” malware classification. The ”security system” here is a Deep Neural Network model that has been trained on detect 3 different types of malware - Zbot, Winwebsec and Zeroaccess. The experiment focus on testing the robustness of the DNN model under small amount of training data. In order to simulate the real-world ”Zero-day” scenario where only a few data is available.


Full Paper



Malware Classification with Ensemble Learning


Abstract

Ensemble methods are vastly used technique in Machine Learning. In order to obtain the best performing model, common ensemble methods like Bagging, Boosting and Stacking are applied in model selection. In this article, a malware classi cation model will be discussed. This model is a pipeline that combines HMM and SVM together. Experiments are conducted, including ensemble learning methods for HMM, SVM selection and pick of hyper-parameters, to understand and to analyze this pipeline model.


Full Paper