Eng (Feb 2023)

Covering Arrays ML HPO for Static Malware Detection

  • Fahad T. ALGorain,
  • John A. Clark

DOI
https://doi.org/10.3390/eng4010032
Journal volume & issue
Vol. 4, no. 1
pp. 543 – 554

Abstract

Read online

Malware classification is a well-known problem in computer security. Hyper-parameter optimisation (HPO) using covering arrays (CAs) is a novel approach that can enhance machine learning classifier accuracy. The tuning of machine learning (ML) classifiers to increase classification accuracy is needed nowadays, especially with newly evolving malware. Four machine learning techniques were tuned using cAgen, a tool for generating covering arrays. The results show that cAgen is an efficient approach to achieve the optimal parameter choices for ML techniques. Moreover, the covering array shows a significant promise, especially cAgen with regard to the ML hyper-parameter optimisation community, malware detectors community and overall security testing. This research will aid in adding better classifiers for static PE malware detection.

Keywords