A Hybrid Machine Learning Approach and Genetic Algorithm for Malware Detection

Detecting and preventing malware infections in systems is become a critical necessity. This paper presents a hybrid method for malware detection, utilizing data mining algorithms such as simulated annealing (SA), support vector machine (SVM), genetic algorithm (GA), and K-means. The proposed method combines these algorithms to achieve effective malware detection. Initially, the SA-SVM method is employed for feature selection, where the SVM algorithm identifies the best features, and the SA algorithm calculates the SVM parameters. Subsequently, the GA-K-means method is utilized to identify attacks. The GA algorithm selects the best chromosome for cluster centers, and the K-means algorithm has applied to identify malware. To evaluate the performance of the proposed method, two datasets, Andro-Autopsy and CICMalDroid 2020, have been utilized. The evaluation results demonstrate that the proposed method achieves high true positive rates (0.964, 0.985), true negative rates (0.985, 0.989), low false negative rates (0.036, 0.015), and false positive rates (0.022, 0.043). This indicates that the method effectively detects malware while reasonably minimizing false identifications.