NUST Institutions Library Catalogue

Machine Learning based Malware Classification Framework using Malware Behavior / Sheikh Muhammad Zeeshan Javed

By: Javed, Sheikh Muhammad ZeeshanContributor(s): Supervised by Dr. Muhammad Faisal AmjadMaterial type: TextTextPublisher: Rawalpindi, MCS (NUST), 2026Description: xvii, 132 pSubject(s): PhD Information Security Thesis | PhD IS ThesisDDC classification: 005.8,JAV
Contents:
Malware analysis is a critical component of modern cybersecurity, enabling the identification, understanding, and mitigation of malicious software. This dissertation investigates the evolution of machine learning–based approaches for large-scale, behavior-driven malware classification, with the objective of improving detection accuracy, scalability, and robustness across diverse computing platforms. Initially, this research presents a comprehensive review of existing machine learning– based malware detection and classification techniques, highlighting their strengths and limitations. Static analysis–based approaches, which extract features directly from executable files without program execution, have gained widespread adoption due to their low computational cost and ease of deployment. However, these methods are highly susceptible to obfuscation, packing, and evasion techniques. Dynamic analysis–based approaches, which examine malware behavior during execution in controlled environments, have been increasingly explored. Although dynamic analysis offers improved resilience against static evasion techniques, many existing approaches rely on a limited set of behavioral features, such as API call sequences. This narrow feature representation limits their ability to capture complex and evolving malware behaviors, thereby reducing classification performance and generalization in real-world, large-scale environments. Subsequently, this dissertation proposes a novel malware classification framework based on a stack ensemble machine learning model that leverages large-scale IoT malware behavioral data. The proposed framework integrates multi-dimensional dynamic features, including memory dump characteristics, file system activities, network interactions, process behaviors, command executions, URL communications, and memory access patterns. A key contribution of this work is its scalability and computational efficiency, which make it well-suited for deployment in resource-constrained IoT environments while achieving high classification accuracy.
Tags from this library: No tags from this library for this title. Log in to add tags.
Item type Current location Home library Shelving location Call number Status Date due Barcode Item holds
Thesis Thesis Military College of Signals (MCS)
Military College of Signals (MCS)
Thesis 005.8,JAV (Browse shelf) Available MCSPhD IS-19
Total holds: 0

Malware analysis is a critical component of modern cybersecurity, enabling the identification,
understanding, and mitigation of malicious software. This dissertation investigates
the evolution of machine learning–based approaches for large-scale, behavior-driven
malware classification, with the objective of improving detection accuracy, scalability,
and robustness across diverse computing platforms.
Initially, this research presents a comprehensive review of existing machine learning–
based malware detection and classification techniques, highlighting their strengths
and limitations. Static analysis–based approaches, which extract features directly from
executable files without program execution, have gained widespread adoption due to
their low computational cost and ease of deployment. However, these methods are highly
susceptible to obfuscation, packing, and evasion techniques. Dynamic analysis–based approaches,
which examine malware behavior during execution in controlled environments,
have been increasingly explored. Although dynamic analysis offers improved resilience
against static evasion techniques, many existing approaches rely on a limited set of
behavioral features, such as API call sequences. This narrow feature representation
limits their ability to capture complex and evolving malware behaviors, thereby reducing
classification performance and generalization in real-world, large-scale environments.
Subsequently, this dissertation proposes a novel malware classification framework
based on a stack ensemble machine learning model that leverages large-scale IoT malware
behavioral data. The proposed framework integrates multi-dimensional dynamic
features, including memory dump characteristics, file system activities, network interactions,
process behaviors, command executions, URL communications, and memory access patterns. A key contribution of this work is its scalability and computational
efficiency, which make it well-suited for deployment in resource-constrained IoT environments
while achieving high classification accuracy.

There are no comments on this title.

to post a comment.
Close
© 2023 Central Library, National University of Sciences and Technology. All Rights Reserved.