| The number of malicious files present in the public domain continues to rise at a substantial rate. Current anti-malware software utilizes a signature-based method to detect the presence of malicious software. Generating these pattern signatures is time consuming due to malicious code complexity and the need for expert analysis, however, by making small code changes, malicious software designers can evade detection of signature-based detection methods and render the signature useless in detecting new variations. While research into the use of computer file images and machine learning to detect malicious software shows successful results, there is a need to research alternative feature extraction and pattern detection methods to protect against adversarial techniques. The purpose of this quantitative research study, through experimental research design, was to analyze the effectiveness of the use of machine learning classification for detecting malware occurrence in computer file images as an alternative to current signature-based methods. Utilizing large samples of malware binary files and multiple kernel algorithms, this research addressed issues of maintaining both performance and high accuracy rates in the utilization of machine learning for detecting malware occurrence. This research analysis utilized a large dataset of 10,853 malware samples obtained from a well-known and respected malware repository. The use of large malware datasets improved internal validity of the research tests results by increasing both known and unknown samples while improved performance of the machine learning methodology demonstrated external validity to real-world application. |
