Comparing the performance of supervised machine learning algorithms when used with a manual feature selection process to detect Zeus malware

The Zeus banking malware is one of the most prolific banking malware variants ever to be discovered and this paper compares and analyses the performance of several supervised Machine Learning (ML) algorithms when used to detect the Zeus banking malware (Zeus). The key to this paper is that the features that are used for the analysis and detection of Zeus are manually selected, providing the researcher better control over which features that can and should be selected. This also helps the researcher understand the features and the impact that the various feature combinations have on the accuracy of the algorithms when used to detect Zeus. The empirical analysis showed that the Decision Tree and Random Forest algorithms produced the best results as they detected all the Zeus samples. The empirical analysis also showed that selecting the feature combinations manually produces varying results allowing the researchers to understand how the features impact the detection accuracy.