{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T15:27:34Z","timestamp":1778167654092,"version":"3.51.4"},"reference-count":40,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2024,2,23]],"date-time":"2024-02-23T00:00:00Z","timestamp":1708646400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers"],"abstract":"Recent advancements in cybersecurity threats and malware have brought into question the safety of modern software and computer systems. As a direct result of this, artificial intelligence-based solutions have been on the rise. The goal of this paper is to demonstrate the efficacy of memory-optimized machine learning solutions for the task of static analysis of software metadata. The study comprises an evaluation and comparison of the performance metrics of three popular machine learning solutions: artificial neural networks (ANN), support vector machines (SVMs), and gradient boosting machines (GBMs). The study provides insights into the effectiveness of memory-optimized machine learning solutions when detecting previously unseen malware. We found that ANNs shows the best performance with 93.44% accuracy classifying programs as either malware or legitimate even with extreme memory constraints.<\/jats:p>","DOI":"10.3390\/computers13030059","type":"journal-article","created":{"date-parts":[[2024,2,23]],"date-time":"2024-02-23T06:07:39Z","timestamp":1708668459000},"page":"59","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":25,"title":["Static Malware Analysis Using Low-Parameter Machine Learning Models"],"prefix":"10.3390","volume":"13","author":[{"given":"Ryan","family":"Baker del Aguila","sequence":"first","affiliation":[{"name":"School of Engineering, Autonomous University of San Luis Potosi, Zona Universitaria, San Luis Potos\u00ed 78290, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Carlos Daniel","family":"Contreras P\u00e9rez","sequence":"additional","affiliation":[{"name":"School of Engineering, Autonomous University of San Luis Potosi, Zona Universitaria, San Luis Potos\u00ed 78290, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2419-8379","authenticated-orcid":false,"given":"Alejandra Guadalupe","family":"Silva-Trujillo","sequence":"additional","affiliation":[{"name":"School of Engineering, Autonomous University of San Luis Potosi, Zona Universitaria, San Luis Potos\u00ed 78290, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7566-0412","authenticated-orcid":false,"given":"Juan C.","family":"Cuevas-Tello","sequence":"additional","affiliation":[{"name":"School of Engineering, Autonomous University of San Luis Potosi, Zona Universitaria, San Luis Potos\u00ed 78290, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9633-3453","authenticated-orcid":false,"given":"Jose","family":"Nunez-Varela","sequence":"additional","affiliation":[{"name":"School of Engineering, Autonomous University of San Luis Potosi, Zona Universitaria, San Luis Potos\u00ed 78290, Mexico"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2024,2,23]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"15422","DOI":"10.1109\/JIOT.2021.3063840","article-title":"An evolutionary study of IoT malware","volume":"8","author":"Wang","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2822877","article-title":"Evolution and Disruption in Network Processing for the Internet of Things: The Internet of Things (Ubiquity symposium)","volume":"2015","author":"Gregorio","year":"2015","journal-title":"Ubiquity"},{"key":"ref_3","first-page":"10","article-title":"Static malware analysis to identify ransomware properties","volume":"16","author":"Vidyarthi","year":"2019","journal-title":"Int. J. Comput. Sci. Issues"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"1662","DOI":"10.18517\/ijaseit.8.4-2.6827","article-title":"A survey on malware analysis techniques: Static, dynamic, hybrid and memory analysis","volume":"8","author":"Sihwail","year":"2018","journal-title":"Int. J. Adv. Sci. Eng. Inf. Technol."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"112","DOI":"10.1016\/j.future.2019.07.070","article-title":"Static malware detection and attribution in android byte-code through an end-to-end deep system","volume":"102","author":"Amin","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Balram, N., Hsieh, G., and McFall, C. (2019, January 5\u20137). Static malware analysis using machine learning algorithms on APT1 dataset with string and PE header features. Proceedings of the 2019 International Conference on Computational Science and Computational Intelligence (CSCI), Las Vegas, NV, USA.","DOI":"10.1109\/CSCI49370.2019.00022"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"436","DOI":"10.1038\/nature14539","article-title":"Deep learning","volume":"521","author":"LeCun","year":"2015","journal-title":"Nature"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Murray, A.F. (1995). Applications of Neural Networks, Springer.","DOI":"10.1007\/978-1-4757-2379-3"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Ijaz, M., Durad, M.H., and Ismail, M. (2019, January 8\u201312). Static and dynamic malware analysis using machine learning. Proceedings of the 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST), Islamabad, Pakistan.","DOI":"10.1109\/IBCAST.2019.8667136"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"386","DOI":"10.1037\/h0042519","article-title":"The perceptron: A probabilistic model for information storage and organization in the brain","volume":"65","author":"Rosenblatt","year":"1958","journal-title":"Psychol. Rev."},{"key":"ref_11","unstructured":"(2022, November 30). Virus Share. Available online: https:\/\/virusshare.com\/."},{"key":"ref_12","unstructured":"Mithal, T., Shah, K., and Singh, D.K. (2015, January 11\u201313). Case studies on intelligent approaches for static malware analysis. Proceedings of the Emerging Research in Computing, Information, Communication and Applications, Bangalore, India."},{"key":"ref_13","first-page":"4183","article-title":"Static Malware Detection Furthermore, Analysis Using Machine Learning Methods","volume":"21","author":"Malik","year":"2022","journal-title":"Adv. Appl. Math. Sci."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1016\/j.icte.2018.10.006","article-title":"DeepMalNet: Evaluating shallow and deep networks for static PE malware detection","volume":"4","author":"Vinayakumar","year":"2018","journal-title":"ICT Express"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Baldangombo, U., Jambaljav, N., and Horng, S.J. (2013). A static malware detection system using data mining methods. arXiv.","DOI":"10.5121\/ijaia.2013.4411"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"266","DOI":"10.1016\/j.compeleceng.2017.02.013","article-title":"Machine learning aided Android malware classification","volume":"61","author":"Milosevic","year":"2017","journal-title":"Comput. Electr. Eng."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"311","DOI":"10.1007\/978-981-15-5616-6_22","article-title":"Machine learning classifiers for Android malware detection","volume":"Volume 1174","author":"Agrawal","year":"2021","journal-title":"Data Management, Analytics and Innovation"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Santos, I., Devesa, J., Brezo, F., Nieves, J., and Bringas, P.G. (2013, January 5\u20137). Opem: A static-dynamic approach for machine-learning-based malware detection. Proceedings of the International Joint Conference CISIS\u201912-ICEUTE\u201912-SOCO\u201912 Special Sessions, Ostrava, Czech Republic.","DOI":"10.1007\/978-3-642-33018-6_28"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Rathore, H., Agarwal, S., Sahay, S.K., and Sewak, M. (2018, January 18\u201321). Malware detection using machine learning and deep learning. Proceedings of the Big Data Analytics: 6th International Conference, BDA 2018, Warangal, India.","DOI":"10.1007\/978-3-030-04780-1_28"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Fleshman, W., Raff, E., Zak, R., McLean, M., and Nicholas, C. (2018, January 22\u201324). Static malware detection & subterfuge: Quantifying the robustness of machine learning and current anti-virus. Proceedings of the 2018 13th International Conference on Malicious and Unwanted Software (MALWARE), Nantucket, MA, USA.","DOI":"10.1109\/MALWARE.2018.8659360"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"46717","DOI":"10.1109\/ACCESS.2019.2906934","article-title":"Robust intelligent malware detection using deep learning","volume":"7","author":"Vinayakumar","year":"2019","journal-title":"IEEE Access"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"125786","DOI":"10.1109\/ACCESS.2020.3008081","article-title":"A two-layer deep learning method for android malware detection using network traffic","volume":"8","author":"Feng","year":"2020","journal-title":"IEEE Access"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"116363","DOI":"10.1109\/ACCESS.2020.3002842","article-title":"A systematic literature review of android malware detection using static analysis","volume":"8","author":"Pan","year":"2020","journal-title":"IEEE Access"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"3080","DOI":"10.1109\/TLA.2015.7350062","article-title":"Integrating static and dynamic malware analysis using machine learning","volume":"13","author":"Mangialardo","year":"2015","journal-title":"IEEE Lat. Am. Trans."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Jain, A., and Singh, A.K. (2017, January 10\u201311). Integrated Malware analysis using machine learning. Proceedings of the 2017 2nd International Conference on Telecommunication and Networks (TEL-NET), Noida, India.","DOI":"10.1109\/TEL-NET.2017.8343554"},{"key":"ref_26","first-page":"88","article-title":"Dynamic malware analysis in the modern era\u2014A state of the art survey","volume":"52","author":"Nissim","year":"2019","journal-title":"ACM Comput. Surv."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"578","DOI":"10.1016\/j.cose.2018.05.010","article-title":"Early-stage malware prediction using recurrent neural networks","volume":"77","author":"Rhode","year":"2018","journal-title":"Comput. Secur."},{"key":"ref_28","first-page":"10-22967","article-title":"Two-stage hybrid malware detection using deep learning","volume":"11","author":"Baek","year":"2021","journal-title":"Hum.-Centric Comput. Inf. Sci."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Fang, Y., Zeng, Y., Li, B., Liu, L., and Zhang, L. (2020). DeepDetectNet vs. RLAttackNet: An adversarial method to improve deep learning-based static malware detection model. PLoS ONE, 15.","DOI":"10.1371\/journal.pone.0231626"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"800","DOI":"10.3390\/jcp2040041","article-title":"A Survey of the Recent Trends in Deep Learning Based Malware Detection","volume":"2","author":"Tayyab","year":"2022","journal-title":"J. Cybersecur. Priv."},{"key":"ref_31","first-page":"11","article-title":"Implementation of malware analysis using static and dynamic analysis method","volume":"117","author":"Prayudi","year":"2015","journal-title":"Int. J. Comput. Appl."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Chikapa, M., and Namanya, A.P. (2018, January 6\u20138). Towards a fast off-line static malware analysis framework. Proceedings of the 2018 6th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Barcelona, Spain.","DOI":"10.1109\/W-FiCloud.2018.00035"},{"key":"ref_33","unstructured":"Aslan, \u00d6. (2017, January 25\u201326). Performance comparison of static malware analysis tools versus antivirus scanners to detect malware. Proceedings of the International Multidisciplinary Studies Congress (IMSC), Antalya, Turkey."},{"key":"ref_34","unstructured":"Mart\u00edn, A., Lara-Cabrera, R., and Camacho, D. (2018). Data Science and Knowledge Engineering for Sensing Decision Support, Proceedings of the 13th International FLINS Conference (FLINS 2018), Belfast, UK, 21\u201324 August 2018, World Scientific."},{"key":"ref_35","unstructured":"Contreras, C., Baker, R., Guti\u00e9rrez, A., and Cerda, J. (2023, December 18). Machine Learning Malware Detection. Available online: https:\/\/github.com\/CarlosConpe\/Machine-Learning-Malware-Detection\/."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"533","DOI":"10.1038\/323533a0","article-title":"Learning representations by back-propagating errors","volume":"323","author":"Rumelhart","year":"1986","journal-title":"Nature"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"1481","DOI":"10.1007\/s00521-016-2510-6","article-title":"A genetic approach to automatic neural network architecture optimization","volume":"29","author":"Kapanova","year":"2018","journal-title":"Neural Comput. Appl."},{"key":"ref_38","first-page":"14","article-title":"A comprehensive evolutionary approach for neural network ensembles automatic design","volume":"11","author":"Bukhtoyarov","year":"2010","journal-title":"Sib. Aerosp. J."},{"key":"ref_39","unstructured":"Miller, G.F., Todd, P.M., and Hegde, S.U. (1989, January 4\u20137). Designing Neural Networks Using Genetic Algorithms. Proceedings of the ICGA, Fairfax, VA, USA."},{"key":"ref_40","unstructured":"Schaffer, J.D., Whitley, D., and Eshelman, L.J. (1992, January 6). Combinations of genetic algorithms and neural networks: A survey of the state of the art. Proceedings of the International Workshop on Combinations of Genetic Algorithms and Neural Networks, Baltimore, MD, USA."}],"container-title":["Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-431X\/13\/3\/59\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T14:03:32Z","timestamp":1760105012000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-431X\/13\/3\/59"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,2,23]]},"references-count":40,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2024,3]]}},"alternative-id":["computers13030059"],"URL":"https:\/\/doi.org\/10.3390\/computers13030059","relation":{},"ISSN":["2073-431X"],"issn-type":[{"value":"2073-431X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,2,23]]}}}