A Comparative Study on Malware Detection Using Supervised Machine Learning Models

Conference paper

Muhammad, I., Memon, S. and Ismail, U. 2025. A Comparative Study on Malware Detection Using Supervised Machine Learning Models. The International Conference on Cybersecurity and AI-Based Systems (Cyber-AI 2025). Bulgaria 04 Jul - 01 Sep 2025 IEEE.
AuthorsMuhammad, I., Memon, S. and Ismail, U.
TypeConference paper
Abstract

Traditional signature-based systems struggle to detect novel and variably structures threats such as polymorphic and metamorphic malware. These systems rely on predefined rules, which limit their ability to identify newly developed, obfuscated, or zero-day attacks. Given the constantly evolving nature of cyber threats, it is crucial to develop detection systems capable of identifying malicious behavior without relying solely on static signatures. This study investigates the effectiveness of supervised machine learning (ML) techniques in detecting malware using the CICIDS2017 dataset which includes both attacks and benign traffic. Four widely used supervised models, Random Forest, Support Vector Machine (SVM), K-Nearest Neighbors(KNN) and XGBoost, are evaluated and compared. Each model undergoes the same data preparation process, including features selection and data balancing, to ensure fair performance assessment. Model Performance is evaluated using standard metrics such as accuracy, precision, recall and F1-score. Among the models, Random Forest achieved the highest accuracy of approximately 99.8%, demonstrating strong robustness and generalizability. XGBoost followed with a commendable accuracy of around 92%, offering a balance between computational efficiency and interpretability. In contrast, SVM and KNN exhibited limitations in detecting minority attack classes. Overall, the Random Forest model outperformed other established
methods. methods. Feature importance analysis revealed that
attributes such as Avg Bwd Segment Size and Flow IAT Max
significantly contribute to the detection of malicious traffic.

Year2025
ConferenceThe International Conference on Cybersecurity and AI-Based Systems (Cyber-AI 2025)
PublisherIEEE
Accepted author manuscript
License
File Access Level
Anyone
Publication process dates
Accepted03 Jul 2025
Deposited09 Jul 2025
Journal citationp. In press
Copyright holder© 2025 IEEE
Copyright informationPersonal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Permalink -

https://repository.uel.ac.uk/item/8zx32

Log in to edit

Download files

Accepted author manuscript
Irfan Muhammad-A Comparative Study on Malware Detection-AAM.pdf
License: All rights reserved
File access level: Anyone

  • 8
    total views
  • 1
    total downloads
  • 8
    views this month
  • 1
    downloads this month

Export as

Related outputs

Sentiment Analysis in Roman Urdu at the Sentence Level through Advanced Deep Learning Technique
Soomro, M. A., Memon, R. N., Chandio, A. A., Memon, I., Leghari, M. and Memon, S. 2025. Sentiment Analysis in Roman Urdu at the Sentence Level through Advanced Deep Learning Technique. Applied Computational Intelligence and Soft Computing. p. In press.
Enhancing Cybersecurity with AI-Based Threat Classification
Ali, M. S., Adhikar, B., Memon, S. and Al-Nemrat, A. 2025. Enhancing Cybersecurity with AI-Based Threat Classification. The 3rd International Conference on Emerging Trends & Innovation (ICETI) . Online 30 - 31 Jul 2025 Springer.
reconCTI A Proactive Approach to Cyber Threat Intelligence
Rahman, M. M., Memon, S., Ahmed, T. and Al-Nemrat, A. 2025. reconCTI A Proactive Approach to Cyber Threat Intelligence. 1st Future International Conference on AI and Cybersecurity (FICAC25). Cairo, Egypt 05 - 06 Nov 2025 IEEE.
Enhanced Bone Fracture Diagnosis in X-rays Using Fine-Tuned DenseNet169 Deep Learning Model
Panhwar, A. O., Memon, S., Dhomeja, L. D., Prasad, M. and Chandio, A. A. 2025. Enhanced Bone Fracture Diagnosis in X-rays Using Fine-Tuned DenseNet169 Deep Learning Model. 2024 26th International Multi-Topic Conference (INMIC). IEEE. https://doi.org/10.1109/INMIC64792.2024.11004340
URL Spam Detection Using Machine Learning Classifiers
Almomani, O., Alsaaidah, O., Abualhaj, M. M., Almaiah, M. A., Almomani, A. and Memon, S. 2025. URL Spam Detection Using Machine Learning Classifiers. 1st International Conference on Computational Intelligence Approaches and Applications (ICCIAA). Jordan Apr - May 2025 IEEE. https://doi.org/10.1109/ICCIAA65327.2025.11013448
Building a Human-Centric SOC: A New Framework for Success
Mwangi, J., Wall, J., Ismail, U. and Al-Nemrat, A. 2025. Building a Human-Centric SOC: A New Framework for Success. 16th International Conference on Global Security, Safety & Sustainability, ICGS3-24. Online 25 - 27 Nov 2024 Springer.
Modelling language for cyber security incident handling for critical infrastructures
Mouratidis, H., Islam, S., Santos-Olmo, A., Sanchez, L. E. and Ismail, U. M. 2023. Modelling language for cyber security incident handling for critical infrastructures. Computers & Security. 128 (Art. 103139). https://doi.org/10.1016/j.cose.2023.103139
Vulnerability prediction for secure healthcare supply chain service delivery
Islam, S., Abba, A., Ismail, U., Mouratidis, H. and Papastergiou, S. 2022. Vulnerability prediction for secure healthcare supply chain service delivery. Integrated Computer-Aided Engineering. 29 (4), pp. 389-409. https://doi.org/10.3233/ICA-220689