Providing security for information is highly critical in the current era with devices enabled with smart technology, where assuming a day without the internet is highly impossible. Fast internet at a cheaper price, not only made communication easy for legitimate users but also for cybercriminals to induce attacks in various dimensions to breach privacy and security. Cybercriminals gain illegal access and breach the privacy of users to harm them in multiple ways. Malware is one such tool used by hackers to execute their malicious intent. Development in AI technology is utilized by malware developers to cause social harm. In this work, we intend to show how Artificial Intelligence and Machine learning can be used to detect and mitigate these cyber-attacks induced by malware in specific obfuscated malware. We conducted experiments with memory feature engineering on memory analysis of malware samples. Binary classification can identify whether a given sample is malware or not, but identifying the type of malware will only guide what next step to be taken for that malware, to stop it from proceeding with its further action. Hence, we propose a multi-class classification model to detect the three types of obfuscated malware with an accuracy of 89.07% using the Classic Random Forest algorithm. To the best of our knowledge, there is very little amount of work done in classifying multiple obfuscated malware by a single model. We also compared our model with a few state-of-the-art models and found it comparatively better.

翻译：在智能技术设备普及的当今时代，保障信息安全至关重要，人们几乎无法想象没有互联网的日子。廉价的高速互联网不仅为合法用户带来了便捷的通信，也为网络犯罪分子提供了从多个维度发动攻击以破坏隐私和安全的机会。网络犯罪分子通过非法访问和侵犯用户隐私，以多种方式对用户造成伤害。恶意软件是黑客用来实施恶意意图的工具之一。恶意软件开发者利用人工智能技术的发展对社会造成危害。在本研究中，我们旨在展示如何利用人工智能和机器学习来检测和缓解由恶意软件（特别是混淆恶意软件）引发的网络攻击。我们通过对恶意软件样本进行内存分析，开展了内存特征工程的实验。二元分类可以识别给定样本是否为恶意软件，但识别恶意软件的类型才能指导后续应采取的措施，以阻止其进一步行动。因此，我们提出了一种多类分类模型，使用经典随机森林算法以89.07%的准确率检测三种类型的混淆恶意软件。据我们所知，目前通过单一模型对多种混淆恶意软件进行分类的研究非常有限。我们还将我们的模型与一些先进模型进行了比较，发现其性能相对更优。