Adaptive machine learning: A framework for active malware detection

Applications of Machine Learning (ML) algorithms in cybersecurity provide significant performance enhancement over traditional rule-based algorithms. These intelligent cyber-security solutions demand careful integration of the learning algorithms to develop a significant cyber incident detection system to formulate security analysts' industrial level. The development of advanced malware programs poses a critical threat to cybersecurity systems. Hence, an efficient, robust, and scalable malware recognition module is essential for every cybersecurity product. Conventional Signature-based methods struggle in terms of robustness and effectiveness during malware detection, specifically in the case of zero-day and polymorphic viruses attacks. In this paper, we design an adaptive Machine Learning based active malware detection framework which provides a cybersecurity solution against phishing attacks. The proposed framework utilize ML algorithms in a multilayered feed-forwarding approach to successfully detect the malware by examining the static features of the web pages. The proposed framework successfully extracts the features from the web pages and performs a successful detection process for the phishing attack. In the multilayered feed-forwarding framework, the first layer utilizes Random Forest (RF), Support Vector Machine (SVN), and K-Nearest Neighbor (K-NN) classifiers to build a model for detecting malware from the real-time input. The output of the first layer passes to the Ensemble Voting (EV) algorithm, which accumulates earlier classifiers' performance. At the third layer, adaptive frameworks investigate second layer input data and formulate the phishing detection model. We analyze the proposed framework's performance on three different phishing datasets and validate the higher accuracy rate