Shellcode classification analysis with binary classification-based machine learning

Abstract

The internet enables people to connect through their devices. While it offers numerous benefits, it also has adverse effects. A prime example is malware, which can damage or even destroy a device or harm its users, highlighting the importance of cyber security. Various methods can be employed to prevent or detect malware, including machine learning techniques. The experiments are based on training and testing data from the UNSW_NB15 dataset. K-nearest neighbor (KNN), decision tree, and Naïve Bayes classifiers determine whether a record in the test data represents a Shellcode attack or a non-Shellcode attack. The KNN, decision tree, and Naïve Bayes classifiers reached accuracy rates of 96.26%, 97.19%, and 57.57%, respectively. This study's findings aim to offer valuable insights into the application of machine learning to detect or classify malware and other forms of cyberattacks.