Detection of advanced linux malware using machine learning

Abstract

The malware attacks targeting Linux are increasing recently, because the popularity of Linux has been growing by years, and many popular applications are also available for Linux. There are lots of research that has been done on detecting malicious programs for the Windows-based operating system. But identifying malicious programs for the Linux-based operating system are rarely present.Anand The methods that are present to detect malware are lacking to detect advanced malware effectively. This work shows a machine learning approach by extracting static as well as dynamic features to identify malicious Executable and Linkable Format (ELF) files that is a file format of the Linux operating system. This work uses the best features of benign executables and malware executables to build and train a classification model that can classify malicious and benign executable efficiently. And the classification results show 99.66% accuracy by using XGBoost classifier to distinguish between malicious and benign executable.