2017 Symposium Posters

Posters > 2017

PEA: PE Analyzer-Detecting PE malware Using Machine Learning Algorithms


PDF

Primary Investigator:
Connie Justice

Project Members
Rushabh Vyas, Xiao Luo, Nichole McFarland, Connie Justice
Abstract
Malware continues to be a critical concern foreveryone from home users to enterprises. Today, most devices areconnected through networks to the Internet. Therefore, maliciouscode can easily and rapidly spread. The objective of this paper isto examine how malicious portable executable (PE) files can bedetected on the network by utilizing machine learning algorithms.The efficiency and effectiveness of the network detection relyon the number of features and the learning algorithms. In thiswork, we examined 28 features extracted from metadata, packing,imported DLLs and functions of four different types of PE filesfor malware detection. The returned results showed that theproposed system can achieve 98.7% detection rates, 1.8% falsepositive rate, and with an average scanning speed of 0.5 secondsper file in our testing network environment.

Our annual information security symposium will take place on April 3rd and 4th, 2018.
Purdue University, West Lafayette, IN