Detection of Malware Attacks Based on Machine Learning Technologies

Abstract

Websites have become one of the most popular targets for Trojan attacks. Therefore, the Trojan Virus Intrusion Detection System (TVP) plays an important role in detecting attacks. Many researchers have already focused on cybersecurity and are developing effective systems. However, creating effective systems for detecting Trojan viruses inside websites remains a challenge due to its ability to detect new attacks. Therefore, in the framework of the current scientific research, several machine learning models are proposed: Random Forest, Random Forest Regression, Tree Ensemble, Decision Tree, Naïve Bayes, to detect Trojan virus programs inside websites. The purpose of the proposed machine learning models is to achieve high accuracy in detecting TVPs. The experimental study demonstrated the high efficiency of machine learning models in detecting Trojan virus programs. The best results were shown by the Random Forest (Regression) and Tree Ensemble algorithms, which achieved high classification accuracy due to the ensemble approach and resistance to overfitting. The Naïve Bayes model was the simplest model made and showed good results in training, but it was less effective than the other models used in the study. The Decision Tree proved to be less resistant to overfitting, but retained good interpretability. The use of cross-validation solved the problem of overfitting, which led to the conclusion that using this method is important for improving the reliability of models.