Machine Learning-Based Malware Detection Using Behavioral Pattern Analysis for Enhanced Cybersecurity

Authors

  • Khalid Karim Bangladesh University of Engineering and Technology (BUET), Dhaka, Bangladesh

Keywords:

Malware Detection, Machine Learning, Behavioral Analysis, Cybersecurity, Zero-Day Attacks

Abstract

The rapid growth and increasing sophistication of malware pose significant challenges to traditional cybersecurity systems, particularly those relying on signature-based detection methods. These conventional approaches are often ineffective against new and evolving threats, such as polymorphic and zero-day malware. To address these limitations, this study proposes a machine learning-based malware detection framework that leverages behavioral pattern analysis to improve detection accuracy and adaptability.  A comprehensive methodology is implemented, involving dataset collection from publicly available sources, feature extraction using frequency-based, sequence-based, and graph-based techniques, and data preprocessing to ensure quality and balance. Multiple machine learning models, including Random Forest, XGBoost, and Long Short-Term Memory (LSTM), are employed to capture both statistical and temporal patterns in the data. The models are evaluated using standard performance metrics such as accuracy, precision, recall, F1-score, and ROC-AUC. The experimental results demonstrate that the proposed model achieves high classification performance and effectively distinguishes between malware and benign software. Behavioral features, particularly sequence-based representations, are found to significantly enhance detection capability. Furthermore, the model shows strong generalization when tested on unseen data, indicating its robustness against new malware variants. Compared to traditional signature-based methods, the proposed approach provides improved detection of zero-day attacks and reduces false positives. This study contributes to the advancement of cybersecurity by presenting a scalable and adaptive malware detection framework that integrates machine learning with behavioral analysis.

Downloads

Download data is not yet available.

References

Alqahtani, M. A. (2021). Machine learning techniques for malware detection with challenges and future directions. International Journal of Communication Networks and Information Security, 13(2), 258–270.

Aslan, Ö. A., & Samet, R. (2020). A comprehensive review on malware detection approaches. IEEE Access, 8, 6249–6271.

Aslan, Ö., Ozkan-Okay, M., & Gupta, D. (2021). Intelligent behavior-based malware detection system on cloud computing environment. IEEE Access, 9, 83252–83271.

Bertoli, G. D. C., Júnior, L. A. P., Saotome, O., Dos Santos, A. L., Verri, F. A. N., Marcondes, C. A. C., Barbieri, S., Rodrigues, M. S., & De Oliveira, J. M. P. (2021). An end-to-end framework for machine learning-based network intrusion detection system. IEEE Access, 9, 106790–106805.

Bowers, A. J., & Zhou, X. (2019). Receiver operating characteristic (ROC) area under the curve (AUC): A diagnostic measure for evaluating the accuracy of predictors of education outcomes. Journal of Education for Students Placed at Risk (JESPAR), 24(1), 20–46.

Cawley, G. C., & Talbot, N. L. C. (2010). On over-fitting in model selection and subsequent selection bias in performance evaluation. The Journal of Machine Learning Research, 11, 2079–2107.

Chen, Z., Liu, J., Gu, W., Su, Y., & Lyu, M. R. (2021). Experience report: Deep learning-based system log analysis for anomaly detection. ArXiv Preprint ArXiv:2107.05908.

G. Martín, A., Fernández-Isabel, A., Martín de Diego, I., & Beltrán, M. (2021). A survey for user behavior analysis based on machine learning techniques: current models and applications. Applied Intelligence, 51(8), 6029–6055.

Gaye, B., & Wulamu, A. (2019). Sentiment analysis of text classification algorithms using confusion matrix. International Conference on Cyberspace Data and Intelligence, 231–241.

Jin, Y., Sharafuddin, E., & Zhang, Z.-L. (2009). Unveiling core network-wide communication patterns through application traffic activity graph decomposition. ACM SIGMETRICS Performance Evaluation Review, 37(1), 49–60.

Khurana, U., Samulowitz, H., & Turaga, D. (2018). Feature engineering for predictive modeling using reinforcement learning. Proceedings of the AAAI Conference on Artificial Intelligence, 32(1).

Kobayashi, T., Sasaki, T., Jada, A., Asoni, D. E., & Perrig, A. (2018). Safes: Sand-boxed architecture for frequent environment self-measurement. Proceedings of the 3rd Workshop on System Software for Trusted Execution, 37–41.

Kolbitsch, C., Comparetti, P. M., Kruegel, C., Kirda, E., Zhou, X., & Wang, X. (2009). Effective and efficient malware detection at the end host. USENIX Security Symposium, 4(1), 351–366.

Nhu, V.-H., Shirzadi, A., Shahabi, H., Singh, S. K., Al-Ansari, N., Clague, J. J., Jaafari, A., Chen, W., Miraki, S., & Dou, J. (2020). Shallow landslide susceptibility mapping: A comparison between logistic model tree, logistic regression, naïve bayes tree, artificial neural network, and support vector machine algorithms. International Journal of Environmental Research and Public Health, 17(8), 2749.

Oak, R., Du, M., Yan, D., Takawale, H., & Amit, I. (2019). Malware detection on highly imbalanced data through sequence modeling. Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security, 37–48.

Pekta?, A., & Acarman, T. (2018). Malware classification based on API calls and behaviour analysis. IET Information Security, 12(2), 107–117.

Rad, B. B., Masrom, M., & Ibrahim, S. (2012). Camouflage in malware: from encryption to metamorphism. International Journal of Computer Science and Network Security, 12(8), 74–83.

Reddy, A. R. P. (2021). The role of artificial intelligence in proactive cyber threat detection in cloud environments. NeuroQuantology, 19(12), 764–773.

Rieck, K., Trinius, P., Willems, C., & Holz, T. (2011). Automatic analysis of malware behavior using machine learning. Journal of Computer Security, 19(4), 639–668.

Rokon, M. O. F., Islam, R., Darki, A., Papalexakis, E. E., & Faloutsos, M. (2020). {SourceFinder}: Finding malware {Source-Code} from publicly available repositories in {GitHub}. 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020), 149–163.

Sahin, E. K. (2020). Assessing the predictive capability of ensemble tree methods for landslide susceptibility mapping using XGBoost, gradient boosting machine, and random forest. SN Applied Sciences, 2(7), 1308.

Venugopal, D., & Hu, G. (2008). Efficient signature based malware detection on mobile devices. Mobile Information Systems, 4(1), 33–49.

Wardhani, N. W. S., Rochayani, M. Y., Iriany, A., Sulistyono, A. D., & Lestantyo, P. (2019). Cross-validation metrics for evaluating classification performance on imbalanced data. 2019 International Conference on Computer, Control, Informatics and Its Applications (IC3INA), 14–18.

Xu, J., Sun, X., Zhang, Z., Zhao, G., & Lin, J. (2019). Understanding and improving layer normalization. Advances in Neural Information Processing Systems, 32.

Downloads

Published

2026-04-11

How to Cite

Karim, K. (2026). Machine Learning-Based Malware Detection Using Behavioral Pattern Analysis for Enhanced Cybersecurity. Jurnal Teknik Informatika C.I.T Medicom, 18(1), 14–25. Retrieved from https://www.medikom.iocspublisher.org/index.php/JTI/article/view/1518

Issue

Vol. 18 No. 1 (2026): March: Intelligent Decision Support System (IDSS)

Section

OPTIMIZATION AND ARTIFICIAL INTELLIGENCE

License

Copyright (c) 2026 Khalid Karim

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.