Ensemble-based Malware Detection with Different Voting Schemes

Now a day’s computer security is the field which attempts to keep information on the computer safe and secure. Security means permitting things you do want, while preventing things you don't want from happening. Malware represents a serious threat to security of computer system. Traditional anti-malware products use the signature-based, heuristic-based detection techniques to detect the malware. These techniques detect the known malware accurately but can't detect the new, unknown malware. This paper presents a malware detection system based on the data mining and machine learning technique. The proposed method consists of disassemble process, feature extraction process and feature selection process. Three classification algorithms are employed on dataset to generate and train the classifiers named as Ripper, C4.5, IBk. The ensemble method Voting is used to improve the accuracy of results. Here majority voting and veto voting are implemented; the expected output is decided on the basis of majority and veto voting. The decision strategy of veto is improved by introducing the trustbased veto voting. The results of majority voting, veto voting and trust-based veto voting are compared. The experimental results show that the trust-based veto voting can accurately detect known and unknown malware instances better than majority voting and can identify the benign files better than veto voting.