GithubHelp home page GithubHelp logo

a-tartarelli / malware-detection Goto Github PK

View Code? Open in Web Editor NEW
0.0 1.0 0.0 1.87 MB

Malware detection using machine learning and deep learning algoritms based on O.S. API calls

License: MIT License

Jupyter Notebook 99.70% Python 0.30%

malware-detection's Introduction

Malware detection

Malware detection using machine learning and deep learning algorithms based on O.S. (Windows) API calls sequence

Algorithms used:

  • Random Forest
  • CatBoost
  • XGBoost
  • ExtraTrees
  • TabNet
  • NODE

Dataset:

  • malware-analysis-datasets-api-call-sequences: It contains 42,797 malware API call sequences and 1,079 goodware API call sequences. Each API call sequence is composed of the first 100 non-repeated consecutive API calls associated with the parent process, extracted from the 'calls' elements of Cuckoo Sandbox reports.
  • APIMDS: Consists of 23,080 malware samples randomly chosen from two other datasets: the Malicia project and Virus Total.

Results

APIMDS

All results are 10-folds average, on left side you can see my result and on right side there are the results of the benchmark develop by ISLab laboratory of the department of computer science, university of Bari.

Algorithm Precision Recall F1 score AUC ROC Precision Recall F1 score AUC ROC
Random Forest 0.9936 0.9265 0.9572 0.9265 0.9914 0.9215 0.9532 0.9215
CatBoost 0.9933 0.9743 0.9834 0.9743 0.9955 0.9399 0.9655 0.9399
XGBoost 0.9934 0.9711 0.9815 0.9711 0.9944 0.9619 0.9779 0.9632
ExtraTree 0.9938 0.9297 0.9591 0.9297 0.9949 0.9132 0.9498 0.9132
NODE 0.9956 0.8547 0.9127 0.8547 0.9948 0.9166 0.9519 0.0022
TabNet 0.9449 0.9243 0.9334 0.9243 0.9843 0.9264 0.9529 0.9264

Malware-analysis-datasets-api-call-sequences

The same applies to these results.

Algorithm Precision Recall F1 score AUC ROC Precision Recall F1 score AUC ROC
Random Forest 0.958 0.819 0.874 0.819 0.9650 0.8090 0.8690 0.8094
CatBoost 0.954 0.831 0.882 0.831 0.9620 0.8200 0.8770 0.8201
XGBoost 0.956 0.839 0.888 0.839 0.9575 0.7816 0.8473 0.7816
ExtraTree 0.964 0.748 0.822 0.748 0.9700 0.7411 0.8162 0.7411
NODE 0.9888 0.7624 0.8376 0.7624 0.9532 0.7238 0.7971 0.7238
TabNet 0.872 0.801 0.830 0.801 0.8985 0.7674 0.8166 0.7674

malware-detection's People

Contributors

a-tartarelli avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.