Call for Paper - July 2023 Edition
IJCA solicits original research papers for the July 2023 Edition. Last date of manuscript submission is June 20, 2023. Read More

Analysis of Machine Learning Techniques used in Malware Classification in Cloud Computing Environment

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2016
Ajeet Kumar, Naman Sharma, Abhishek Khanna, Saurav Gandhi

Ajeet Kumar, Naman Sharma, Abhishek Khanna and Saurav Gandhi. Article: Analysis of Machine Learning Techniques used in Malware Classification in Cloud Computing Environment. International Journal of Computer Applications 133(15):15-18, January 2016. Published by Foundation of Computer Science (FCS), NY, USA. BibTeX

	author = {Ajeet Kumar and Naman Sharma and Abhishek Khanna and Saurav Gandhi},
	title = {Article: Analysis of Machine Learning Techniques used in Malware Classification in Cloud Computing Environment},
	journal = {International Journal of Computer Applications},
	year = {2016},
	volume = {133},
	number = {15},
	pages = {15-18},
	month = {January},
	note = {Published by Foundation of Computer Science (FCS), NY, USA}


Study the behavior of malicious software, understand the security challenges, detect the malware behavior automatically using dynamic approach. Study various classification techniques and to group these malwares and able to cluster different malware into unknown group whose characteristics are not known. The classifiers used in this research are k-Nearest Neighbors (kNN), J48 Decision Tree, and n-grams. Based on the analysis of the tests and experimental results of all the 3 classifiers, the overall best performance was achieved by J48 decision tree with a recall of 96.3%.


  1. G. Mc Graw, G. Morrisett, “Attacking malicious code: Report to the infosec research council”, IEEE Software, 17(5) , Sept 2000, pp. 3341.
  2. Wagner M. (2004). Behavior Oriented Detection of Malicious Code at Run-time. M.Sc. Thesis, Florida Institute of Technology.
  3. C.Willems, T.Holz, and F.Freiling. Toward Automated Dynamic Malware Analysis Using CWSandbox. IEEE Security and Privacy, 2007, 5(2):32-39.
  4. U.Bayer, C.Kruegel, and E.Kirda. TTanalyze: A Tool for Analyzing Malware. In 15th Annual Conference of the European Institute for Computer Antivirus Research, Hamburg, Germany, 2006: 180–192.
  5. M.Bailey, J.Oberheide, J.Andersen, Z.M.Mao, F.Jahanian,and J.Nazario. Automated classification and analysis of internet malware. In Proceedings RAID07, pages 178–197,2007.
  6. Tony Lee & Jigar J. Mody Behavioral Classification. In Proceedings of EICAR2006, April 2006.
  7. T.Holz,C.Willems,K.Rieck,P.Duessel,andP.Laskov.Learning and Classification of Malware Behavior.In DIMVA08,June2008
  8. Yongtao Hu Unknown Malicious Executables Detection Based on Run-Time Behavior In Fuzzy Systems and Knowledge Discovery, 2008 pp. 391-395.
  9. Wikipedia, “Sandbox” [Online], Available:
  10. V. I. Levenshtein, Binary codes capable of correcting deletions, insertions, and reversals. Soviet Physics Doklady 10 (1966):707–710.
  11. Hengli Zhao, Ming Xu, Ning Zheng, Jingjing Yao, Qiang Hou Malicious executables classification based on behavioral factor analysis
  12. J. Han, M. Kamber, Data Mining: Concepts and Techniques, Morgan Kaufmann, August 2000.
  13. M. Chandrasekaran, V. Vidyaraman, and S. J. Upadhyaya, “Spycon: Emulating user activities to detect evasive spyware,” in IPCCC. IEEE Computer Society, 2007, pp. 502–509.
  14. L. Natrajan, “”, [ONLINE],2014
  15. L. Natrajan, S, Karthikayen, G. Jacob, and B. Manjunath, “Malware images: visualization symposium on visualization for cybersecurity. ACM, 2011, p.4
  16. Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop, AIS.
  17. D. Bilar. Statistical structures: Fingerprinting malware for classification and analysis. In Blackhat, 2006
  18. L. Breiman. Bagging predictors. Mach. Learn., 24(2):123–140, Aug. 1996
  19. L. I. Kuncheva. Ensemble Methods, pages 186–229. John Wiley & Sons, Inc., 2014.


Malware, Opcode n-grams, Bytecode n-grams, malware behaviors; malware classification.