Binary and multiclass malware classification of windows portable executable using classic machine learning and deep learning
Cybersecurity has become a significant concern in recent decades. Enhancing cybersecurity and safeguarding important information systems are essential in today’s world. It is now one of the most important challenges in the realm of IT. Malware has become a significant issue in the modern digital age...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Frontiers Media S.A.
2025-03-01
|
| Series: | Frontiers in Computer Science |
| Subjects: | |
| Online Access: | https://www.frontiersin.org/articles/10.3389/fcomp.2025.1539519/full |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849773332018233344 |
|---|---|
| author | Moeiz Miraoui Mohamed Ben Belgacem |
| author_facet | Moeiz Miraoui Mohamed Ben Belgacem |
| author_sort | Moeiz Miraoui |
| collection | DOAJ |
| description | Cybersecurity has become a significant concern in recent decades. Enhancing cybersecurity and safeguarding important information systems are essential in today’s world. It is now one of the most important challenges in the realm of IT. Malware has become a significant issue in the modern digital age. The primary objectives of malware are to disrupt, harm, or impair computer systems and information systems without the user’s consent or awareness. Currently, malwares are viewed as some of the most prevalent cyber threats. The prevalence of Windows operating system has made it a prime target for malware attacks. PE (Portable Executable) is the standard file format for executable files and DLLs on Windows systems, with PE malware being the most common form of malicious software. Static analysis, which is mainly a signature-based method for detecting malware, can only identify already known malware. The main weakness of this approach is its struggle with obfuscation, such as encryption and packing. The use of machine learning methods has demonstrated significant potential in the field of malware detection and is an emerging field with many opportunities. Most previous works focus on binary classification, limited number of ML algorithms and even a single dataset. In this paper, we present both a binary and multiclass PE malware classification using four classic machine learning algorithms and four deep learning algorithms. We have applied this algorithm on three publicly available datasets and deduced the best algorithm depending on the number of features and dataset size. |
| format | Article |
| id | doaj-art-1617bfdad0b34cf2a35dd6179b1f034d |
| institution | DOAJ |
| issn | 2624-9898 |
| language | English |
| publishDate | 2025-03-01 |
| publisher | Frontiers Media S.A. |
| record_format | Article |
| series | Frontiers in Computer Science |
| spelling | doaj-art-1617bfdad0b34cf2a35dd6179b1f034d2025-08-20T03:02:06ZengFrontiers Media S.A.Frontiers in Computer Science2624-98982025-03-01710.3389/fcomp.2025.15395191539519Binary and multiclass malware classification of windows portable executable using classic machine learning and deep learningMoeiz Miraoui0Mohamed Ben Belgacem1Department of Computer Studies, Arab Open University, Riyadh, Saudi ArabiaDepartment of Computer Sciences, ISSAT, University of Gafsa, Gafsa, TunisiaCybersecurity has become a significant concern in recent decades. Enhancing cybersecurity and safeguarding important information systems are essential in today’s world. It is now one of the most important challenges in the realm of IT. Malware has become a significant issue in the modern digital age. The primary objectives of malware are to disrupt, harm, or impair computer systems and information systems without the user’s consent or awareness. Currently, malwares are viewed as some of the most prevalent cyber threats. The prevalence of Windows operating system has made it a prime target for malware attacks. PE (Portable Executable) is the standard file format for executable files and DLLs on Windows systems, with PE malware being the most common form of malicious software. Static analysis, which is mainly a signature-based method for detecting malware, can only identify already known malware. The main weakness of this approach is its struggle with obfuscation, such as encryption and packing. The use of machine learning methods has demonstrated significant potential in the field of malware detection and is an emerging field with many opportunities. Most previous works focus on binary classification, limited number of ML algorithms and even a single dataset. In this paper, we present both a binary and multiclass PE malware classification using four classic machine learning algorithms and four deep learning algorithms. We have applied this algorithm on three publicly available datasets and deduced the best algorithm depending on the number of features and dataset size.https://www.frontiersin.org/articles/10.3389/fcomp.2025.1539519/fullmalwarePE filemachine learningdeep learningclassification |
| spellingShingle | Moeiz Miraoui Mohamed Ben Belgacem Binary and multiclass malware classification of windows portable executable using classic machine learning and deep learning Frontiers in Computer Science malware PE file machine learning deep learning classification |
| title | Binary and multiclass malware classification of windows portable executable using classic machine learning and deep learning |
| title_full | Binary and multiclass malware classification of windows portable executable using classic machine learning and deep learning |
| title_fullStr | Binary and multiclass malware classification of windows portable executable using classic machine learning and deep learning |
| title_full_unstemmed | Binary and multiclass malware classification of windows portable executable using classic machine learning and deep learning |
| title_short | Binary and multiclass malware classification of windows portable executable using classic machine learning and deep learning |
| title_sort | binary and multiclass malware classification of windows portable executable using classic machine learning and deep learning |
| topic | malware PE file machine learning deep learning classification |
| url | https://www.frontiersin.org/articles/10.3389/fcomp.2025.1539519/full |
| work_keys_str_mv | AT moeizmiraoui binaryandmulticlassmalwareclassificationofwindowsportableexecutableusingclassicmachinelearninganddeeplearning AT mohamedbenbelgacem binaryandmulticlassmalwareclassificationofwindowsportableexecutableusingclassicmachinelearninganddeeplearning |