Adversaries are creating new types of malicious software, or malware, at an increasing rate.
The amount and diversity of malware are making classic security defenses more and more
ineffective. Our objective is to analyze multiple dimensions of Windows executable
programs. We used machine learning techniques to build and train a classifier to identify
malicious software from benign software. We find that the best mixed features classifier we
created performs over 10% better than the average performance of 57 commercial anti-virus
programs we tested against. In analyzing the performance of the commercial anti-virus
programs, we also find bias in the design decisions that sacrifices security in favor of
This work was a final project for MIT 6.857: Computer and Network Security (Spring 2016).