Malware Threat Affecting Financial Organization Analysis Using Machine Learning Approach

Abstract

Since 2014, Emotet has been using man-in-the-browsers (MITB) attacks to target companies in the finance industry and their clients. Its key aim is to steal victims' online money-lending records and vital credentials as they go to their banks' websites. Without analyzing network packet payload computing (PPC), IP address labels, port number traces, or protocol knowledge, the authors have used machine learning (ML) modeling to detect Emotet malware infections and recognize Emotet-related congestion flows in this work. To classify Emotet-associated flows and detect Emotet infections, the output outcome values are compared by four separate popular ML algorithms: RF (random forest), MLP (multi-layer perceptron), SMO (sequential minimal optimization technique), and the LRM (logistic regression model). The suggested classifier is then improved by determining the right hyperparameter and attribute set range. Using network packet (computation) identifiers, the random forest classifier detects Emotet-based flows with 99.9726% precision and a 92.3% true positive rating.