Robust Intelligent Malware Detection using Light GBM Algorithm
Mohammad A. Abbadi1, Ahmed M. Al-Bustanji2, Mouhammd Al-kasassbeh3

1Mohammad A. Abbadi*, College of Information Technology, Mutah University, Karak, Jordan.
2Ahmed M. Al-Bustanji, College of Information Technology, Mu’tah University, Karak, Jordan.
3Mouhammd Al-kasassbeh, College of Information Technology, Mutah University, Karak, Jordan.
Manuscript received on March 15, 2020. | Revised Manuscript received on March 25, 2020. | Manuscript published on April 10, 2020. | PP: 1253-1263 | Volume-9 Issue-6, April 2020. | Retrieval Number: F4043049620/2020©BEIESP | DOI: 10.35940/ijitee.F4043.049620
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Attackers take advantage of every second that the anti- vendor delays identifying the attacking malware signature and to provide notifications. In addition, the longer the detection period delayed, the greater the damage to the host device. To put it another way, the lack of ability to detect attacks early complicates the problem and rises serious harm. Consequently, this research intends to develop a knowledgeable anti-malware system capable of immediately detecting and terminating malware actions, rather than waiting for anti-malware updates. The research concentrates in its scope on the detection of malware on the Internet of Things (IoT), based on Machine Learning (ML) techniques. A latest open source ML algorithm called the Light Gradient Boosting Algorithm (Light GBM) has been used to develop our instant host and network layer antimalware approach without any human intervention. For examination reasons, the suggested approach serves the Light GBM machine learning algorithm to adopt datasets obtained from real IoT devices using the Light GBM machine learning algorithm. The results indicate a successful method to detecting and classifying high accuracy malware at both network and host levels based on the Holdout method of cross-validation. Additionally, this result is better than many prior related studies which used different algorithms of Machine Learning and Deep Learning. Though, an old study which used the same dataset was the best among the literature. However, it still slightly less than what this study achieved, besides the complexity which deep learning adds. Lastly, the results show the ability of the proposed approach to detect IoT botnet attacks fast, which is a vital feature to end botnet activity before spreading to any new network device. 
Keywords: Malware, Classification, Machine Learning, Botnet, Detection, Internet of Things, Gradient Boosting, Light GBM.
Scope of the Article: Machine Learning,