IEEE Access (Jan 2024)

A Comparative Performance Analysis of Malware Detection Algorithms Based on Various Texture Features and Classifiers

  • Ismail Taha Ahmed,
  • Baraa Tareq Hammad,
  • Norziana Jamil

DOI
https://doi.org/10.1109/ACCESS.2024.3354959
Journal volume & issue
Vol. 12
pp. 11500 – 11519

Abstract

Read online

Three frequent factors such as low classification accuracy, computational complexity, and resource consumption have an impact on malware evaluation methods. These challenges are exacerbated by elements such as unbalanced data environments and specific feature generation. To address these challenges, we aim to identify optimal texture features and classifiers for effective malware detection. The article outlines a method that consists of four stages: malware conversion to grayscale, feature extraction using (segmentation-based fractal texture analysis (SFTA), Local Binary Pattern (LBP), Haralick, Gabor, and Tamura), classification using (Gaussian Discriminant Analysis (GDA), k-Nearest Neighbor (KNN), Logistic, Support Vector Machines (SVM), Random Forest (RF), Extreme Learning Machine (Ensemble)), and finally the evaluation. Using the Malimg imbalanced and MaleVis balanced datasets, we assess classifier performance and feature effectiveness. Comparative analysis indicates that KNN outperforms other classifiers in terms of Accuracy, Error, F1, and Precision, while SVM and RF as runners-up. Gabor performs better in MaleVis, whereas the SFTA feature performs better under the Malimg dataset. The proposed SFTA-KNN and Gabor-KNN methods achieve 96.29% and 98.02% accuracy, respectively, surpassing current state-of-the-art approaches. Additionally, higher computing performance is achieved by using fewer dimensions when employing our feature extraction method.

Keywords