@Article{cmc.2023.041038,
AUTHOR = {Asma A. Alhashmi, Abdulbasit A. Darem, Sultan M. Alanazi, Abdullah M. Alashjaee, Bader Aldughayfiq, Fuad A. Ghaleb, Shouki A. Ebad, Majed A. Alanazi},
TITLE = {Hybrid Malware Variant Detection Model with Extreme Gradient Boosting and Artificial Neural Network Classifiers},
JOURNAL = {Computers, Materials \& Continua},
VOLUME = {76},
YEAR = {2023},
NUMBER = {3},
PAGES = {3483--3498},
URL = {http://www.techscience.com/cmc/v76n3/54371},
ISSN = {1546-2226},
ABSTRACT = {In an era marked by escalating cybersecurity threats, our study addresses the challenge of malware variant detection, a significant concern for a multitude of sectors including petroleum and mining organizations. This paper presents an innovative Application Programmable Interface (API)-based hybrid model designed to enhance the detection performance of malware variants. This model integrates eXtreme Gradient Boosting (XGBoost) and an Artificial Neural Network (ANN) classifier, offering a potent response to the sophisticated evasion and obfuscation techniques frequently deployed by malware authors. The model’s design capitalizes on the benefits of both static and dynamic analysis to extract API-based features, providing a holistic and comprehensive view of malware behavior. From these features, we construct two XGBoost predictors, each of which contributes a valuable perspective on the malicious activities under scrutiny. The outputs of these predictors, interpreted as malicious scores, are then fed into an ANN-based classifier, which processes this data to derive a final decision. The strength of the proposed model lies in its capacity to leverage behavioral and signature-based features, and most importantly, in its ability to extract and analyze the hidden relations between these two types of features. The efficacy of our proposed API-based hybrid model is evident in its performance metrics. It outperformed other models in our tests, achieving an impressive accuracy of 95% and an F-measure of 93%. This significantly improved the detection performance of malware variants, underscoring the value and potential of our approach in the challenging field of cybersecurity.},
DOI = {10.32604/cmc.2023.041038}
}