Optimizing features for malware-benign clustering using Windows portable executables

摘要

Cyber-attacks have been menacing many organizations for a long time. With the advancement in technical growth, cyber-attacks have also increased in volume and treacherousness. For better detection of malware, model training over significant features is of prime importance. In this study, we propose contrasting feature vectors for clustering using multiple dimensionality reduction techniques such as PCA and autoencoder. Three different models (HFVC, OEL, and BENN) are proposed comprising of different dimensionality reduction techniques and architectures. To evaluate this approach a publicly available dataset is used comprising 138,047 benign and malware samples. In models, OEL and BENN above-average clustering was observed with F1-Score above 0.9. Overall autoencod r-based models were termed optimal in terms of F1Score and accuracy.