Track: Undergraduate Student Paper Competition

Abstract

The ever-increasing development of technology has created many loopholes for software attackers to commit harmful crimes. Computer system users are vulnerable to malware attacks, the spread of malware (malicious software) is one of the most common computer security problems because it causes various kinds of losses. The technique used to detect the type of malware is malware classification. The method used in malware detection is the gradient boosting classification algorithm. The increasing development of malware makes technology users have to be careful in doing something. In this case, computer system security is very important. With the creation of malware detection, system security and information security can be better maintained. The Gradient-Boosting Classification algorithm is an algorithm for classification that is effective and efficient in performing malware detection. Several other studies have proven this. The Gradient-Boosting Classification algorithm can classify malicious software quickly and accurately. This research also uses the Portable Executable Header which contains metadata from the executable file. This research uses data taken from Kaggle with data sources from certain sites such as total virus and taken from the extraction of executable folders in windows. The results of the data set are divided into test data and training data with 20% testing of the total data and then sorting some important features from the portable executable, resulting accuracy of the gradient boosting classification algorithm of 99.20%. Further research can be suggested to show more details of the detected malware in the malware detection system.