Print Email Facebook Twitter MalPaCA: Malware behaviour analysis using unsupervised machine learning Title MalPaCA: Malware behaviour analysis using unsupervised machine learning: Comparative analysis of various clustering algorithms on determining the best performance in terms of network behaviour discovery Author de Heer, Hugo (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Nadeem, A. (mentor) Verwer, S.E. (graduation committee) Migut, M.A. (graduation committee) Degree granting institution Delft University of Technology Programme Computer Science and Engineering Project CSE3000 Research Project Date 2021-07-01 Abstract MalPaCA makes use of unsupervised machine learning to provide malware capability assessment by clustering the temporal behaviour of malware network packet traces. A comparative analysis was performed on various clustering algorithms to determine the best clustering algorithm in terms of network behaviour discovery. The clustering algorithms included in the analysis were HDBSCAN, OPTICS, Agglomerative Hierarchical Clustering and K-medoids. Metrics that capture cluster separation, cohesion, purity and completeness were used to determine the performance of the clustering algorithms. Agglomerative Hierarchical Clustering had the lowest total error of 0.950 in the comparative analysis compared to the baseline HDBScan with an error of 1.381. Subject malpacaclusteringcomparative analysisHDBScan To reference this document use: http://resolver.tudelft.nl/uuid:254db628-839c-4f99-b9be-91469453076e Part of collection Student theses Document type bachelor thesis Rights © 2021 Hugo de Heer Files PDF CSE3000_Research_project_ ... er_38_.pdf 1.42 MB Close viewer /islandora/object/uuid:254db628-839c-4f99-b9be-91469453076e/datastream/OBJ/view