One-Class and Multi-Class Malware Classification Using Hybrid and Supervised Machine Learning Techniques
DOI:
https://doi.org/10.24996/ijs.2026.67.2.37Keywords:
Malware, Machine learning, Data preprocessing, Feature extractionAbstract
Cybercriminals or hackers design malware programs with malicious intent to steal, spy, and destroy victim's computers. Malware encompasses various forms, such as viruses, trojans, ransomware, spyware, and adware, each requiring effective classification for accurate identification and mitigation. High-quality datasets are crucial for training classification models, and the CIC-MalMem-2022 dataset, containing 58,596 records and 55 numerical features, is an essential resource in this regard. This study used artificial intelligence techniques and algorithms such as KNN, Decision Tree, Random Forest, SVM, and Naïve Bays, as well as supervised and hybrid machine learning by integrating Random Forest and K-Nearest Neighbors KNN to improve classification performance with one-class classification and multi-class. In terms of accuracy score, the best results achieved by the proposed methods were random forest with 99.98%, hybrid random forest + K-Nearest Neighbors with 99.93%, decision tree with 99.95%, k-Nearest Neighbors with 99.87%, support vector machine with 99.80%, and naïve bays with 98.90%. These metrics (accuracy, precision, and recall) reflect the models' effectiveness in classifying instances. Accuracy measures overall correctness, precision evaluates the quality of positive predictions, and recall assesses the ability to identify true positives. The consistently high scores demonstrate the reliability and robustness of these methods for malware classification.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Iraqi Journal of Science
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
How to Cite
