Comparing Support Vector Machine and Naive Bayes Classifiers for detecting malware

Show full item record



Permalink

http://urn.fi/URN:NBN:fi-fe201804208658
Title: Comparing Support Vector Machine and Naive Bayes Classifiers for detecting malware
Author: Davoudi, Amin
Contributor: University of Helsinki, Faculty of Science, Department of Computer Science
Publisher: Helsingin yliopisto
Date: 2018
Language: eng
URI: http://urn.fi/URN:NBN:fi-fe201804208658
http://hdl.handle.net/10138/273485
Thesis level: master's thesis
Discipline: Computer science
Tietojenkäsittelytiede
Datavetenskap
Abstract: In the Internet age, malware poses a serious threat to information security. Many studies have been conducted on using machine learning for detecting malicious software. Although major breakthroughs have been achieved in this area, the problem has not been completely eradicated. In this thesis, we are going through the concept of utilizing machine learning for malware detection and conduct several experiments with two different classifiers (Support Vector Machine and Naive Bayes) to compare their ability to detect malware based on Port-able Executable (PE) file format headers. A malware classifier dataset built with header field values of portable executable files was obtained from GitHub and used for experimental part of the thesis. We conducted 5 different experiments with several different trial settings. Various statistical methods have been used to assess the significance of the results. The first and second experiment show that using SVM and Naive Bayes classification methods for our dataset can result in high sensitivity rate. In the rest of the experiments, we focus on ac-curacy rate of both classifiers with different settings. The results show that although there were no big differences in the accuracy rates of the classifiers, the value of variance of ac-curacy rates is greater in Naive Bayes than in SVM. The study investigates ability of two different methods to classify information in their distinctive way. It also provides evidences that show that the learning-based approach provides a means for accurate automated analysis of malware behavior which helps in the struggle against malicious software.


Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show full item record