Enhanced Training Phase Reduction with Feature Filtering for Malware Detection Using Ensemble SVM

Malware is defined as software which is used with the aim of attempting to break the computer systems security policy with respect to confidentiality, integrity or availability. Thus malware detection is the vital issue in the computer security. There are various methods for malware detection viz. Signature based detection, Anomaly based malware detection and specification based malware detection. Out of this, Signature based malware detection is more accepted method to detect the malware attack but main drawback of this method is, not used to detect the Zero-day attack. We need to update the data repository regularly and human experts are required to create the signature. SVM classifier addresses this issue. Proposed system represents the idea of opcodes to detect the malware. The input given to the system is taken in the form of *. exe files which are both malware and benign files. Using the dataset the opcodes are generated. Then feature extraction and feature reduction steps are carried out. For feature reduction - Subspace analysis using eigenvectors- method is used. Then Ensemble SVM classification technique is used to perform the searching on all the opcode and decides which type of opcode having positive impact on detecting the malware. Ensemble SVM classifier provides good accuracy to classify malware and benign files as compared to other.