Detecting the Zeus Banking Malware Using the Random Forest Binary Classification Algorithm and a Manual Feature Selection Process

The Zeus malware is one of the most prolific banking malware variants ever to be discovered and this paper examines how the Zeus malware network traffic can be detected using the Random Forest machine learning algorithm. The key to this paper is that the features used for the experimentation and detection of Zeus are manually selected, providing the researcher more control over which features that can and should be selected. This also helps the researcher understand the features and the impact they have on the accuracy of the Random Forest binary classification algorithm when used to detect the Zeus banking malware.