Detecting malicious software using machine learning

Today, most malware detection tools (Trojans): trojans, spyware, adware, worms, viruses, and ransomware are based on a signature approach that is ineffective for detecting polymorphs and malware whose signatures have not been recorded in antivirus database. This article explores methods for detecting opcodes in malware using machine learning algorithms. The study is carried on a Microsoft dataset containing 21653 examples of malicious code. The 20 most informative parameters based on the Fisher criterion are distinguished, methods for selecting parameters and various classifiers (logistic decision tree, random forest, naive Bayesian classifier, random tree) are compared, as a result of which an accuracy close to 100% is achieved.