Amplified System-Level Malware Classification: Leveraging Process Monitoring of Healthy and Malicious Files

This research focuses on an investigation for the effective systemic optimization of malware detection and classification. Previously used recognizable attacks to eliminate, undesirable programs which do not protect against new and polymorphic viruses, that can lead to heightened suspectability. The investigation intends to propose solutions that use specific method related to feature extraction resulting in reduced dimensions and during detection of anomalies to ease identification of system-level events i.e. file/process events. The objectives were framed as a part of research work, these approaches use various technologies defining workflow that contains two operations, namely whitelisting and blacklisting processes. Additionally, a GUI that shows processes in the state of running, asleep and idle. These processes probabilistically are identified as malicious and harmful viruses. Work is to achieve precision on the current literature and applies to prior work done on the constraints of zero-day threats, false alarms, memory/resource consuming processes that are tackled with conventional antivirus software. The downside of inaccurate detection and limited insight into the system architecture posed heuristic challenges that were experimented during this research critically impinging on the operating system services and potentially aims to address these issues by integrating a system-level monitoring interface that improved malware classification rate and optimized accuracy within stipulated time-frame.