Malware Detection in Files and URL’s Using Machine Learning

Abstract

The rampant extrusion of personal or sensitive data by malicious software has inflicted significant damage worldwide, posing a critical threat to individuals and various sectors of society. Cyber attackers engage in relentless warfare against computer systems, deploying malware to breach crucial data. Consequently, safeguarding this data has become a paramount concern for researchers. This paper aims to address this challenge by proposing the development of an application leveraging machine learning algorithms to discern between malicious and legitimate files effectively. In the contemporary era, marked by pervasive technological advancements, the widespread adoption of the internet has facilitated unprecedented connectivity but also heightened the risk of cyber threats perpetrated by malicious actors. These threats, often executed through the deployment of malware, have inflicted substantial financial losses, amounting to billions of dollars globally. Consequently, safeguarding against malicious attacks has become a paramount endeavor in the ongoing battle against cybercrime. To address this imperative, this paper endeavors to leverage machine learning algorithms to prognosticate the likelihood of malware infections in computer systems, utilizing a supervised learning approach alongside gradient boosting algorithms. Drawing upon a publicly available dataset, meticulously partitioned into training and testing sets, the study embarks on four distinct experiments employing the aforementioned algorithms. Notably, the findings underscore Light GBM as the most efficacious model, boasting an impressive AUC Score of 0.73926, thus signifying a pivotal advancement in fortifying cyber defenses through predictive analytics. Malware poses a significant threat in today's digital landscape, with various forms proliferating over the last decade, leading to substantial financial losses for organizations. Defined as malicious software, malware wreaks havoc on users' computers through various means. To address this challenge, a solution leveraging machine learning techniques has been proposed to detect malware in downloaded files. By analyzing features such as MD5 hash, Optional Header size, and Load Configuration Size, different machine learning algorithms are trained to distinguish between malicious and benign files effectively. Through rigorous training and comparison using Validation and Test datasets, the SVM Classifier emerged as the most accurate, achieving up to 99.99% accuracy in detecting malware types like Adware, Trojan, Backdoors, Unknown, Multidrop, Rbot, Spam, and Ransomware. This approach not only identifies malware but also mitigates potential risks to users' systems, safeguarding against detrimental impacts from infections.