Machine Learning Techniques for Enhanced Malware Detection in Portable Executable Files

The rapid proliferation of malicious software presents significant challenges to conventional detection systems, prompting the exploration of machine learning algorithms as a promising solution. This chapter addresses key research questions related to the effectiveness of machine learning methods in malware detection, focusing on Portable Executable (PE) files. With a dataset comprising 96,765 malware samples and 41,323 legitimate samples, the study employs feature selection techniques to tackle imbalances and complexities. Five machine learning algorithms, including random forests and gradient boosting, were trained and tested, with hyperparameter tuning significantly enhancing accuracy. The research underscores the importance of data pre-processing, feature selection, and model optimization in achieving high-performance malware detection. It evaluates algorithms based on accuracy, precision, and performance on unseen files, providing valuable insights into the potential and limitations of machine learning in this domain. The chapter also introduces a novel perspective by identifying optimal initial hyperparameter values, serving as a reference for future research. The findings contribute to advancing malware analysis and offer practical implications for enhancing cybersecurity measures.