Improving Memory Malware Detection in Machine Learning With Random Forest-Based Feature Selection

Abstract

Memory analysis is important in malware detection because it may capture a wide range of traits and behaviors. As aspects of technology evolve, so do the strategies used by malicious who aim to compromise the security and integrity of digital systems. This study investigates the classification of cyberattacks into malicious and benign. A specific malware memory dataset, MalMemAnalogy-2022, was created to test and evaluate this framework. In this chapter, a set of machine learning algorithms was used, including support vector machine (SVM), K nearest neighbor (KNN), and random forest (RF). To ensure promising performance, especially in identifying important features, the random forest method was used to select the most important features, which achieves the best results and avoids features of little importance. The random forest algorithm achieved 99.9% accuracy, precision, recall, and f1-score. The present approach can detect and mitigate malicious cyber-attacks significantly improving the security framework for end-users by detecting memory malware using machine learning.