Static Analysis of PE files Using Neural Network Techniques for a Pocket Tool

The continuous growth in the number of malware instances has posed a serious challenge to the security of computer systems; hence, malware detection is a key factor in securing various devices, from personal devices to large servers. Static analysis allows for the extraction of multiple file characteristics belonging to different categories of information without incurring the overhead of dynamic analysis and the risks associated with it. In this paper, we present a methodology to classify Portable Executable (PE) files as malware or non-malware by exploiting the technology of neural networks, adapting it to the collected data to obtain better results. The aim of our methodology is to create a pocket tool, i.e., a tool that can be used even on devices with limited available resources. Hence our tests were conducted entirely using a personal computer with only 16GB of RAM. After a careful analysis of the techniques at our disposal and a selection of the most relevant information, we reduced the amount of resources used, both in terms of time and space, while maintaining a high accuracy of 93%.