Malware Traffic Analysis using Machine Learning

Jie Ji; Gabriela Mogos

doi:10.1145/3718391.3718417

Malware Traffic Analysis using Machine Learning

Jie Ji, Gabriela Mogos^*

^*Corresponding author for this work

Department of Computing

Xi'an Jiaotong-Liverpool University

Research output: Chapter in Book or Report/Conference proceeding › Conference Proceeding › peer-review

Abstract

Malware refers to computer code or software that is installed and operated on a user's computer or other terminal without explicit notification or permission, engaging in activities such as stealing, encrypting, modifying, and deleting data, and monitoring the legitimate rights and interests of users. The types of malwares include viruses, worms, Trojans, ransomware, spyware, and so on. Different types of malwares have different attack methods and can cause different damages, resulting in potential financial losses for users. Five machine learning algorithms were used to conduct comparative analysis and find the best performing model to predict potential malware traffic issues in networks. We used the CIC-IDS-2017 dataset, Pearson correlation coefficient to select features and 5-fold cross validation to evaluate the model's generalization ability.

Original language	English
Title of host publication	Proceedings of 2024 the 12th International Conference on Information Technology
Subtitle of host publication	IoT and Smart City, ICIT 2024
Publisher	Association for Computing Machinery
Pages	62-67
Number of pages	6
ISBN (Electronic)	9798400717376
DOIs	https://doi.org/10.1145/3718391.3718417
Publication status	Published - 28 Jun 2025
Event	12th International Conference on Information Technology: IoT and Smart City, ICIT 2024 - Kuala Lumpur, Malaysia Duration: 13 Dec 2024 → 15 Dec 2024

Publication series

Name	ACM International Conference Proceeding Series

Conference

Conference	12th International Conference on Information Technology: IoT and Smart City, ICIT 2024
Country/Territory	Malaysia
City	Kuala Lumpur
Period	13/12/24 → 15/12/24

Keywords

Machine learning
malware
security

Access to Document

10.1145/3718391.3718417

Cite this

@inproceedings{2d5fdbaaccab40b0b35911096addda0f,

title = "Malware Traffic Analysis using Machine Learning",

abstract = "Malware refers to computer code or software that is installed and operated on a user's computer or other terminal without explicit notification or permission, engaging in activities such as stealing, encrypting, modifying, and deleting data, and monitoring the legitimate rights and interests of users. The types of malwares include viruses, worms, Trojans, ransomware, spyware, and so on. Different types of malwares have different attack methods and can cause different damages, resulting in potential financial losses for users. Five machine learning algorithms were used to conduct comparative analysis and find the best performing model to predict potential malware traffic issues in networks. We used the CIC-IDS-2017 dataset, Pearson correlation coefficient to select features and 5-fold cross validation to evaluate the model's generalization ability.",

keywords = "Machine learning, malware, security",

author = "Jie Ji and Gabriela Mogos",

note = "Publisher Copyright: {\textcopyright} 2024 Copyright held by the owner/author(s).; 12th International Conference on Information Technology: IoT and Smart City, ICIT 2024 ; Conference date: 13-12-2024 Through 15-12-2024",

year = "2025",

month = jun,

day = "28",

doi = "10.1145/3718391.3718417",

language = "English",

series = "ACM International Conference Proceeding Series",

publisher = "Association for Computing Machinery",

pages = "62--67",

booktitle = "Proceedings of 2024 the 12th International Conference on Information Technology",

}

Ji, J & Mogos, G 2025, Malware Traffic Analysis using Machine Learning. in Proceedings of 2024 the 12th International Conference on Information Technology: IoT and Smart City, ICIT 2024. ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 62-67, 12th International Conference on Information Technology: IoT and Smart City, ICIT 2024, Kuala Lumpur, Malaysia, 13/12/24. https://doi.org/10.1145/3718391.3718417

Malware Traffic Analysis using Machine Learning. / Ji, Jie; Mogos, Gabriela.
Proceedings of 2024 the 12th International Conference on Information Technology: IoT and Smart City, ICIT 2024. Association for Computing Machinery, 2025. p. 62-67 (ACM International Conference Proceeding Series).

Research output: Chapter in Book or Report/Conference proceeding › Conference Proceeding › peer-review

TY - GEN

T1 - Malware Traffic Analysis using Machine Learning

AU - Ji, Jie

AU - Mogos, Gabriela

PY - 2025/6/28

Y1 - 2025/6/28

N2 - Malware refers to computer code or software that is installed and operated on a user's computer or other terminal without explicit notification or permission, engaging in activities such as stealing, encrypting, modifying, and deleting data, and monitoring the legitimate rights and interests of users. The types of malwares include viruses, worms, Trojans, ransomware, spyware, and so on. Different types of malwares have different attack methods and can cause different damages, resulting in potential financial losses for users. Five machine learning algorithms were used to conduct comparative analysis and find the best performing model to predict potential malware traffic issues in networks. We used the CIC-IDS-2017 dataset, Pearson correlation coefficient to select features and 5-fold cross validation to evaluate the model's generalization ability.

AB - Malware refers to computer code or software that is installed and operated on a user's computer or other terminal without explicit notification or permission, engaging in activities such as stealing, encrypting, modifying, and deleting data, and monitoring the legitimate rights and interests of users. The types of malwares include viruses, worms, Trojans, ransomware, spyware, and so on. Different types of malwares have different attack methods and can cause different damages, resulting in potential financial losses for users. Five machine learning algorithms were used to conduct comparative analysis and find the best performing model to predict potential malware traffic issues in networks. We used the CIC-IDS-2017 dataset, Pearson correlation coefficient to select features and 5-fold cross validation to evaluate the model's generalization ability.

KW - Machine learning

KW - malware

KW - security

UR - https://www.scopus.com/pages/publications/105010486442

U2 - 10.1145/3718391.3718417

DO - 10.1145/3718391.3718417

M3 - Conference Proceeding

AN - SCOPUS:105010486442

T3 - ACM International Conference Proceeding Series

SP - 62

EP - 67

BT - Proceedings of 2024 the 12th International Conference on Information Technology

PB - Association for Computing Machinery

T2 - 12th International Conference on Information Technology: IoT and Smart City, ICIT 2024

Y2 - 13 December 2024 through 15 December 2024

ER -

Malware Traffic Analysis using Machine Learning

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this