Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
ASPECTS OF DETECTING MALICIOUS INSTALLATION FILES USING MACHINE LEARNING ALGORITHMS
P. E. Yugay, E. V. Zhukovsky, P. O. Semenov Peter the Great St. Petersburg Polytechnic University (SPbPU)
Annotation: This work presents the research of using machine learning methods to detect malicious installation files, specifically trojan droppers and downloaders, and installers with extraneous functionality. A comparative analysis of some classification methods of machine learning is presented: the naive bayes classifier, the random forest and the C4.5 algorithms. The classification was carried out using the Weka software in accordance with the methods under consideration. Significant attributes of executable files are defined, which give positive results in the classification of legitimate installers and trojans.
Keywords: malware, installation files, trojans, droppers, machine learning, naive bayes classifier, random forest, C4.5 algorithms.
Pages 37-46