loading page

Situation-Aware Malware Detection on Windows OS Based on Environmental Information
  • Wojtek Tomaszewski,
  • Aneta Brzeźniak
Wojtek Tomaszewski

Corresponding Author:[email protected]

Author Profile
Aneta Brzeźniak
Author Profile

Abstract

Malware detection has become increasingly challenging due to the sophisticated evasion techniques employed by modern threats. A novel situation-aware malware detection framework is introduced, integrating machine learning models with environmental information to enhance detection capabilities. By leveraging contextual data, including network activity, file system changes, user interactions, and system state variables, the framework provides a holistic understanding of system behavior. The detection system achieves significant improvements in accuracy, precision, and recall, outperforming traditional methods. Comparative analyses reveal that incorporating environmental information enhances detection accuracy by 6.4%, while significantly reducing false positives and false negatives. The proposed framework continuously adapts to new threats, ensuring robust defense against a wide range of malware variants. Experimental results highlight the effectiveness of the approach, validated through rigorous testing and comparisons with baseline methods. The study advances the field of cybersecurity by offering an adaptive, context-aware solution that addresses the limitations of existing detection techniques. Future research directions include extending the framework to other operating systems, integrating advanced machine learning techniques, and exploring privacypreserving data collection methods.
16 May 2024Submitted to TechRxiv
21 May 2024Published in TechRxiv