Khaled Soliman^1,*, Mohamed Sobh², Ayman M. Bahaa-Eldin²

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 1419-1439, 2024, DOI:10.32604/cmc.2024.048883

Abstract The continuous development of cyberattacks is threatening digital transformation endeavors worldwide and leads to wide losses for various organizations. These dangers have proven that signature-based approaches are insufficient to prevent emerging and polymorphic attacks. Therefore, this paper is proposing a Robust Malicious Executable Detection (RMED) using Host-based Machine Learning Classifier to discover malicious Portable Executable (PE) files in hosts using Windows operating systems through collecting PE headers and applying machine learning mechanisms to detect unknown infected files. The authors have collected a novel reliable dataset containing 116,031 benign files and 179,071 malware samples from diverse sources to ensure the efficiency… More >

Hasan H. Al-Khshali^1,*, Muhammad Ilyas²

CMC-Computers, Materials & Continua, Vol.74, No.1, pp. 153-178, 2023, DOI:10.32604/cmc.2023.032182

Abstract One aspect of cybersecurity, incorporates the study of Portable Executables (PE) files maleficence. Artificial Intelligence (AI) can be employed in such studies, since AI has the ability to discriminate benign from malicious files. In this study, an exclusive set of 29 features was collected from trusted implementations, this set was used as a baseline to analyze the presented work in this research. A Decision Tree (DT) and Neural Network Multi-Layer Perceptron (NN-MLPC) algorithms were utilized during this work. Both algorithms were chosen after testing a few diverse procedures. This work implements a method of subgrouping features to answer questions such… More >

Zuwei Tian^1,*, Hengfu Yang¹, Zhichen Gao²

Intelligent Automation & Soft Computing, Vol.33, No.1, pp. 133-142, 2022, DOI:10.32604/iasc.2022.024494

Abstract PE (Portable executable) file is a standard format for executable file and is applied extensively. PE file has diversity, uncertainty of file size, complexity of file structure and singleness of file format, which make PE file easy to be a carrier of information hiding, especially for that of large hiding capacity. A novel software information hiding algorithm is proposed, which makes full use of display characteristics of palette icon of portable executable file. In this algorithm, the information is embedded into the transparent area of the icon by taking advantage of the redundant color items in the palette. The experimental… More >