Recent research indicates that effective malware detection can be implemented based on analyzing portable executable (PE) file headers. Such research typically relies on prior knowledge of the header to extract relevant features. However, it is also possible to consider the entire header as a whole, and use this directly to determine whether the file is malware. In this research, we collect a large and diverse malware data set. We then analyze the effectiveness of various machine learning techniques based on PE headers to classify the malware samples. We compare the accuracy and efficiency of each technique considered.
Kim, Samuel, "PE Header Analysis for Malware Detection" (2018). Master's Projects. 624.
Available for download on Saturday, June 01, 2019