Relevant bibliographies by topics / Malware attack detection

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers

Academic literature on the topic 'Malware attack detection'

Author: Grafiati
Published: 5 June 2025
Last updated: 24 June 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Malware attack detection.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Malware attack detection"

1

Bhaya, Wesam S., and Mustafa A. Ali. "Review on Malware and Malware Detection ‎Using Data Mining Techniques." JOURNAL OF UNIVERSITY OF BABYLON for Pure and Applied Sciences 25, no. 5 (2017): 1585–601. http://dx.doi.org/10.29196/jub.v25i5.104.

Full text
Abstract:
Malicious software is any type of software or codes which hooks some: private information, data from the computer system, computer operations or(and) merely just to do malicious goals of the author on the computer system, without permission of the computer users. (The short abbreviation of malicious software is Malware). However, the detection of malware has become one of biggest issues in the computer security field because of the current communication infrastructures are vulnerable to penetration from many types of malware infection strategies and attacks. Moreover, malwares are variant and diverse in volume and types and that strictly explode the effectiveness of traditional defense methods like signature approach, which is unable to detect a new malware. However, this vulnerability will lead to a successful computer system penetration (and attack) as well as success of more advanced attacks like distributed denial of service (DDoS) attack. Data mining methods can be used to overcome limitation of signature-based techniques to detect the zero-day malware. This paper provides an overview of malware and malware detection system using modern techniques such as techniques of data mining approach to detect known and unknown malware samples.
APA, Harvard, Vancouver, ISO, and other styles
2

Jagriti, Kumari, and B. Sowmya. "Malware Detection in Applications using a Virtual Environment." Research and Applications of Web Development and Design 4, no. 2 (2021): 1–7. https://doi.org/10.5281/zenodo.5509642.

Full text
Abstract:
Malware assaults amongst diverse cyber-attack on computers are deemed harmful, as they are passive and sleathy. A malware assault is a cyber-attack that initiates the action of the perpetrator on the system of the victim. Adware, spyware, keyloggers and any other malware may be used to carry out malware attacks. Spyware captures information from companies or individuals and distributes it to harmful users. The Spyware keylogger records, logs and transmits the user's keystrokes to the virus attacker. These threats must be recognised and identified to ensure adequate data protection. Early detection helps to slow the spread of malware. This paper provides a methodology for logging and testing spyware attacks.
APA, Harvard, Vancouver, ISO, and other styles
3

Vinod Kumar, Boddupally, K. Pranaya Vardhan, Kurceti Subba Rao, and Thipparthy Navya Sree. "IDENTIFICATION OF UNSATURATED ATTACKS IN VIRTUALIZED INFRASTRUCTURES WITH BIG DATA ANALYTICS IN CLOUD COMPUTING." Journal of Nonlinear Analysis and Optimization 14, no. 02 (2023): 286–92. http://dx.doi.org/10.36893/jnao.2023.v14i2.286-292.

Full text
Abstract:
Security systems to protect virtualized cloud architecture typically include two types of malware detection and security analysis. Detecting malware typically involves two steps, monitoring the hotspots at various points in the virtualized infrastructure, and then using a regularly updated attack signature database to detect the presence of malware. 'Attack. It allows real-time detection of attacks, the use of special signature databases that are vulnerable to zero- day attacks that do not have attack signatures, and therefore traditional infrastructure. cannot detect complex attacks on virtualized infrastructure. Similarly, security analysis eliminates the need for signature databases using event correlation to detect previously undetected attacks, which are often unmanaged, and the current implementation is scalable in nature. In this article, we recommend BDSA's approach to establish a three-tier system for the continuous detection of future attacks. Initially, network logs from the visiting virtual machine and client application logsare sometimes collected from the visiting virtual machines and stored in HDFS. At this point, the strengths of the attack are removed with a connection scheme and a Map Reduce analyzer. Our BDSA approach uses HDFS distribution management and Spark's map-reduction display capability to address security and speed and volume issues.
APA, Harvard, Vancouver, ISO, and other styles
4

Alazab, Ammar, Michael Hobbs, Jemal Abawajy, and Ansam Khraisat. "Malware Detection and Prevention System Based on Multi-Stage Rules." International Journal of Information Security and Privacy 7, no. 2 (2013): 29–43. http://dx.doi.org/10.4018/jisp.2013040102.

Full text
Abstract:
The continuously rising Internet attacks pose severe challenges to develop an effective Intrusion Detection System (IDS) to detect known and unknown malicious attack. In order to address the problem of detecting known, unknown attacks and identify an attack grouped, the authors provide a new multi stage rules for detecting anomalies in multi-stage rules. The authors used the RIPPER for rule generation, which is capable to create rule sets more quickly and can determine the attack types with smaller numbers of rules. These rules would be efficient to apply for Signature Intrusion Detection System (SIDS) and Anomaly Intrusion Detection System (AIDS).
APA, Harvard, Vancouver, ISO, and other styles
5

D, Sathya. "A Report on Botnet Detection Techniques for Intrusion Detection Systems." International Journal for Research in Applied Science and Engineering Technology 10, no. 6 (2022): 2022–31. http://dx.doi.org/10.22214/ijraset.2022.44253.

Full text
Abstract:
Abstract— A botnet is a malware that degrades the functionality as well as access to a healthy computer system through malware programs. Botnet programs perform DDoS attack, Spam, phishing attacks. Botnet attack takes place in two ways which are peer to peer attacks and command and control attack. The peer-to-peer attack takes place to by passing botnet attacks from one system to another in a peer-to-peer network while the command-and-control attack takes place by a botmaster attack on a server which uses various transactions in exchange with systems on the network and those nodes in the networks function as slaves. The report presents a survey of various techniques of botnet detection models built using several types of machine learning techniques. The report gives the review on various methodologies involved in Botnet Detection and to identify the best methods involved to understand various dataset. We also surveyed on how classification, clustering is used in detection of Botnet to improve the accuracy of the model.
APA, Harvard, Vancouver, ISO, and other styles
6

Du, Yao, Mengtian Cui, and Xiaochun Cheng. "A Mobile Malware Detection Method Based on Malicious Subgraphs Mining." Security and Communication Networks 2021 (April 17, 2021): 1–11. http://dx.doi.org/10.1155/2021/5593178.

Full text
Abstract:
As mobile phone is widely used in social network communication, it attracts numerous malicious attacks, which seriously threaten users’ personal privacy and data security. To improve the resilience to attack technologies, structural information analysis has been widely applied in mobile malware detection. However, the rapid improvement of mobile applications has brought an impressive growth of their internal structure in scale and attack technologies. It makes the timely analysis of structural information and malicious feature generation a heavy burden. In this paper, we propose a new Android malware identification approach based on malicious subgraph mining to improve the detection performance of large-scale graph structure analysis. Firstly, function call graphs (FCGs), sensitive permissions, and application programming interfaces (APIs) are generated from the decompiled files of malware. Secondly, two kinds of malicious subgraphs are generated from malware’s decompiled files and put into the feature set. At last, test applications’ safety can be automatically identified and classified into malware families by matching their FCGs with malicious structural features. To evaluate our approach, a dataset of 11,520 malware and benign applications is established. Experimental results indicate that our approach has better performance than three previous works and Androguard.
APA, Harvard, Vancouver, ISO, and other styles
7

Ramadhani, Arsabilla, Fauzi Adi Rafrastara, Salma Rosyada, Wildanil Ghozi, and Waleed Mahgoub Osman. "IMPROVING MALWARE DETECTION USING INFORMATION GAIN AND ENSEMBLE MACHINE LEARNING." Jurnal Teknik Informatika (Jutif) 5, no. 6 (2024): 1673–86. https://doi.org/10.52436/1.jutif.2024.5.6.3903.

Full text
Abstract:
Malware attacks pose a serious threat to digital systems, potentially causing data and financial losses. The increasing complexity and diversity of malware attack techniques have made traditional detection methods ineffective, thus AI-based approaches are needed to improve the accuracy and efficiency of malware detection, especially for detecting modern malware that uses obfuscation techniques. This study addresses this issue by applying ensemble-based machine learning algorithms to enhance malware detection accuracy. The methodology used involves Random Forest, Gradient Boosting, XGBoost, and AdaBoost, with feature selection using Information Gain. Datasets from VirusTotal and VxHeaven, including both goodware and malware samples. The results show that Gradient Boosting, strengthened with Information Gain, achieved the highest accuracy of 99.1%, indicating a significant improvement in malware detection effectiveness. This study demonstrates that applying Information Gain to Gradient Boosting can improve malware detection accuracy while reducing computational requirements, contributing significantly to the optimization of digital security systems.
APA, Harvard, Vancouver, ISO, and other styles
8

Patil, Shruti, Vijayakumar Varadarajan, Devika Walimbe, et al. "Improving the Robustness of AI-Based Malware Detection Using Adversarial Machine Learning." Algorithms 14, no. 10 (2021): 297. http://dx.doi.org/10.3390/a14100297.

Full text
Abstract:
Cyber security is used to protect and safeguard computers and various networks from ill-intended digital threats and attacks. It is getting more difficult in the information age due to the explosion of data and technology. There is a drastic rise in the new types of attacks where the conventional signature-based systems cannot keep up with these attacks. Machine learning seems to be a solution to solve many problems, including problems in cyber security. It is proven to be a very useful tool in the evolution of malware detection systems. However, the security of AI-based malware detection models is fragile. With advancements in machine learning, attackers have found a way to work around such detection systems using an adversarial attack technique. Such attacks are targeted at the data level, at classifier models, and during the testing phase. These attacks tend to cause the classifier to misclassify the given input, which can be very harmful in real-time AI-based malware detection. This paper proposes a framework for generating the adversarial malware images and retraining the classification models to improve malware detection robustness. Different classification models were implemented for malware detection, and attacks were established using adversarial images to analyze the model’s behavior. The robustness of the models was improved by means of adversarial training, and better attack resistance is observed.
APA, Harvard, Vancouver, ISO, and other styles
9

Alzahrani, Mohammad Eid. "Employing Incremental Learning for the Detection of Multiclass New Malware Variants." Indian Journal Of Science And Technology 17, no. 10 (2024): 941–48. http://dx.doi.org/10.17485/ijst/v17i10.2862.

Full text
Abstract:
Background/Objectives: The study aims to achieve two main objectives. The first is to reliably identify and categorize malware variations to maintain the security of computer systems. Malware poses a continuous threat to digital information and system integrity, hence the need for effective detection tools. The second objective is to propose a new incremental learning method. This method is designed to adapt over time, continually incorporating new data, which is crucial for identifying and managing multiclass malware variants. Methods: This study utilised an incremental learning technique as the basis of the approach, a type of machine learning whereby a system retains previous knowledge and builds upon the information from the newly acquired data. Particularly, this method is suitable for tackling mutating character of malware dangers. The researchers used various sets of actual world malwares for evaluating the applicability of these ideas which serves as an accurate test environment. Findings: The findings of the research are significant. We utilizing 6 different datasets, which included 158,101 benign and malicious instances, the method demonstrated a high attack detection accuracy of 99.34%. Moreover, the study was successful in identifying a new category of malware variants and distinguishing between 15 different attack categories. These results underscore the effectiveness of the proposed incremental learning method in a real-world scenario. Novelty: This research is unique because of the novel use of a tailored incremental learning technique for dealing with dynamic threat environment of malwares. However, with a new threat they cannot be so well adapted using traditional machine learning methods. On the other hand, the technique put forward in this paper facilitates continuous learning that can be modified to match different types of malicious software as they develop. The ability to evolve and adapt is an important addition to current cybersecurity practices that include malware identification and classification. Keywords: Cybersecurity, Malware Detection, Incremental learning
APA, Harvard, Vancouver, ISO, and other styles
10

Suryati, One Tika, and Avon Budiono. "Impact Analysis of Malware Based on Call Network API With Heuristic Detection Method." International Journal of Advances in Data and Information Systems 1, no. 1 (2020): 1–8. http://dx.doi.org/10.25008/ijadis.v1i1.176.

Full text
Abstract:
Malware is a program that has a negative influence on computer systems that don't have user permissions. The purpose of making malware by hackers is to get profits in an illegal way. Therefore, we need a malware analysis. Malware analysis aims to determine the specifics of malware so that security can be built to protect computer devices. One method for analyzing malware is heuristic detection. Heuristic detection is an analytical method that allows finding new types of malware in a file or application. Many malwares are made to attack through the internet because of technological advancements. Based on these conditions, the malware analysis is carried out using the API call network with the heuristic detection method. This aims to identify the behavior of malware that attacks the network. The results of the analysis carried out are that most malware is spyware, which is lurking user activity and retrieving user data without the user's knowledge. In addition, there is also malware that is adware, which displays advertisements through pop-up windows on computer devices that interfaces with user activity. So that with these results, it can also be identified actions that can be taken by the user to protect his computer device, such as by installing antivirus or antimalware, not downloading unauthorized applications and not accessing unsafe websites.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Malware attack detection"

1

Yu, Yue. "Resilience Strategies for Network Challenge Detection, Identification and Remediation." Thesis, The University of Sydney, 2013. http://hdl.handle.net/2123/10277.

Full text
Abstract:
The enormous growth of the Internet and its use in everyday life make it an attractive target for malicious users. As the network becomes more complex and sophisticated it becomes more vulnerable to attack. There is a pressing need for the future internet to be resilient, manageable and secure. Our research is on distributed challenge detection and is part of the EU Resumenet Project (Resilience and Survivability for Future Networking: Framework, Mechanisms and Experimental Evaluation). It aims to make networks more resilient to a wide range of challenges including malicious attacks, misconfiguration, faults, and operational overloads. Resilience means the ability of the network to provide an acceptable level of service in the face of significant challenges; it is a superset of commonly used definitions for survivability, dependability, and fault tolerance. Our proposed resilience strategy could detect a challenge situation by identifying an occurrence and impact in real time, then initiating appropriate remedial action. Action is autonomously taken to continue operations as much as possible and to mitigate the damage, and allowing an acceptable level of service to be maintained. The contribution of our work is the ability to mitigate a challenge as early as possible and rapidly detect its root cause. Also our proposed multi-stage policy based challenge detection system identifies both the existing and unforeseen challenges. This has been studied and demonstrated with an unknown worm attack. Our multi stage approach reduces the computation complexity compared to the traditional single stage, where one particular managed object is responsible for all the functions. The approach we propose in this thesis has the flexibility, scalability, adaptability, reproducibility and extensibility needed to assist in the identification and remediation of many future network challenges.
APA, Harvard, Vancouver, ISO, and other styles
2

Bláha, Lukáš. "Analýza automatizovaného generování signatur s využitím Honeypotu." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2012. http://www.nusl.cz/ntk/nusl-236430.

Full text
Abstract:
In this paper, system of automatic processing of attacks using honeypots is discussed. The first goal of the thesis is to become familiar with the issue of signatures to detect malware on the network, especially the analysis and description of existing methods for automatic generation of signatures using honeypots. The main goal is to use the acquired knowledge to the design and implementation of tool which will perform the detection of new malicious software on the network or end user's workstation.
APA, Harvard, Vancouver, ISO, and other styles
3

Wood, Adrian Michael. "A defensive strategy for detecting targeted adversarial poisoning attacks in machine learning trained malware detection models." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2021. https://ro.ecu.edu.au/theses/2483.

Full text
Abstract:
Machine learning is a subset of Artificial Intelligence which is utilised in a variety of different fields to increase productivity, reduce overheads, and simplify the work process through training machines to automatically perform a task. Machine learning has been implemented in many different fields such as medical science, information technology, finance, and cyber security. Machine learning algorithms build models which identify patterns within data, which when applied to new data, can map the input to an output with a high degree of accuracy. To build the machine learning model, a dataset comprised of appropriate examples is divided into training and testing sets. The training set is used by the machine learning algorithm to identify patterns within the data, which are used to make predictions on new data. The test set is used to evaluate the performance of the machine learning model. These models are popular because they significantly improve the performance of technology through automation of feature detection which previously required human input. However, machine learning algorithms are susceptible to a variety of adversarial attacks, which allow an attacker to manipulate the machine learning model into performing an unwanted action, such as misclassifying data into the attackers desired class, or reducing the overall efficacy of the ML model. One current research area is that of malware detection. Malware detection relies on machine learning to detect previously unknown malware variants, without the need to manually reverse-engineer every suspicious file. Detection of Zero-day malware plays an important role in protecting systems generally but is particularly important in systems which manage critical infrastructure, as such systems often cannot be shut down to apply patches and thus must rely on network defence. In this research, a targeted adversarial poisoning attack was developed to allow Zero-day malware files, which were originally classified as malicious, to bypass detection by being misclassified as benign files. An adversarial poisoning attack occurs when an attacker can inject specifically-crafted samples into the training dataset which alters the training process to the desired outcome of the attacker. The targeted adversarial poisoning attack was performed by taking a random selection of the Zero-day file’s import functions and injecting them into the benign training dataset. The targeted adversarial poisoning attack succeeded for both Multi-Layer Perceptron (MLP) and Decision Tree models without reducing the overall efficacy of the target model. A defensive strategy was developed for the targeted adversarial poisoning attack for the MLP models by examining the activation weights of the penultimate layer at test time. If the activation weights were outside the norm for the target (benign) class, the file is quarantined for further examination. It was found to be possible to identify on average 80% of the target Zero-day files from the combined targeted poisoning attacks by examining the activation weights of the neurons from the penultimate layer.
APA, Harvard, Vancouver, ISO, and other styles
4

Theerthagiri, Dinesh. "Reversing Malware : A detection intelligence with in-depth security analysis." Thesis, Linköping University, Department of Electrical Engineering, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-52058.

Full text
Abstract:
<p>More money nowadays moves online and it is very understandable that criminals want to make more money online aswell, because these days’ banks don’t have large sums of money in their cash box. Since there are many other internalrisks involved in robbing a bank, criminals have found many other ways to commit crimes and much lower risMore money nowadays moves online and it is very understandable that criminals want to make more money online as well, because these days’ banks don’t have large sums of money in their cash box. Since there are many other internal risks involved in robbing a bank, criminals have found many other ways to commit crimes and much lower risk in online crime. The first level of change involved was email-based phishing, but later circumstances changed again.</p><p>Authentication methods and security of online bank has been improved over the period. This will drastically reduce effects of phishing based on emails and fraudulent website. The next level of online bank fraud is called banking Trojans. These Trojans infect the online customers of banks. These Trojans monitors customer’s activities and uses their authenticated session to steal customers’ money.</p><p>A lot of money is made by these kinds of attacks. Comparatively few perpetrators have been caught, and the problem is getting worse day by day. To have a better understanding of this problem, I have selected a recent malware sample named as SilentBanker. It had the capability of attacking more than 400 banks. This thesis presents the problem in general and includes my results in studying the behaviour of the SilentBanker Trojan.</p>
APA, Harvard, Vancouver, ISO, and other styles
5

Harshe, Omkar Anand. "Preemptive Detection of Cyber Attacks on Industrial Control Systems." Thesis, Virginia Tech, 2015. http://hdl.handle.net/10919/54005.

Full text
Abstract:
Industrial Control Systems (ICSes), networked through conventional IT infrastructures, are vulnerable to attacks originating from network channels. Perimeter security techniques such as access control and firewalls have had limited success in mitigating such attacks due to the frequent updates required by standard computing platforms, third-party hardware and embedded process controllers. The high level of human-machine interaction also aids in circumventing perimeter defenses, making an ICS susceptible to attacks such as reprogramming of embedded controllers. The Stuxnet and Aurora attacks have demonstrated the vulnerabilities of ICS security and proved that these systems can be stealthily compromised. We present several run-time methods for preemptive intrusion detection in industrial control systems to enhance ICS security against reconfiguration and network attacks. A run-time prediction using a linear model of the physical plant and a neural-network based classifier trigger mechanism are proposed for preemptive detection of an attack. A standalone, safety preserving, optimal backup controller is implemented to ensure plant safety in case of an attack. The intrusion detection mechanism and the backup controller are instantiated in configurable hardware, making them invisible to operating software and ensuring their integrity in the presence of malicious software. Hardware implementation of our approach on an inverted pendulum system illustrates the performance of both techniques in the presence of reconfiguration and network attacks.<br>Master of Science
APA, Harvard, Vancouver, ISO, and other styles
6

Darwaish, Asim. "Adversary-aware machine learning models for malware detection systems." Electronic Thesis or Diss., Université Paris Cité, 2022. http://www.theses.fr/2022UNIP7283.

Full text
Abstract:
La popularisation des smartphones et leur caractère indispensable les rendent aujourd'hui indéniables. Leur croissance exponentielle est également à l'origine de l'apparition de nombreux logiciels malveillants et fait trembler le prospère écosystème mobile. Parmi tous les systèmes d'exploitation des smartphones, Android est le plus ciblé par les auteurs de logiciels malveillants en raison de sa popularité, de sa disponibilité en tant que logiciel libre, et de sa capacité intrinsèque à accéder aux ressources internes. Les approches basées sur l'apprentissage automatique ont été déployées avec succès pour combattre les logiciels malveillants polymorphes et évolutifs. Au fur et à mesure que le classificateur devient populaire et largement adopté, l'intérêt d'échapper au classificateur augmente également. Les chercheurs et les adversaires se livrent à une course sans fin pour renforcer le système de détection des logiciels malveillants androïd et y échapper. Afin de lutter contre ces logiciels malveillants et de contrer les attaques adverses, nous proposons dans cette thèse un système de détection de logiciels malveillants android basé sur le codage d'images, un système qui a prouvé sa robustesse contre diverses attaques adverses. La plateforme proposée construit d'abord le système de détection des logiciels malveillants android en transformant intelligemment le fichier Android Application Packaging (APK) en une image RGB légère et en entraînant un réseau neuronal convolutif (CNN) pour la détection des logiciels malveillants et la classification des familles. Notre nouvelle méthode de transformation génère des modèles pour les APK bénins et malveillants plus faciles à classifier en images de couleur. Le système de détection ainsi conçu donne une excellente précision de 99,37% avec un Taux de Faux Négatifs (FNR) de 0,8% et un Taux de Faux Positifs (FPR) de 0,39% pour les anciennes et les nouvelles variantes de logiciels malveillants. Dans la deuxième phase, nous avons évalué la robustesse de notre système de détection de logiciels malveillants android basé sur l'image. Pour valider son efficacité contre les attaques adverses, nous avons créé trois nouveaux modèles d'attaques. Notre évaluation révèle que les systèmes de détection de logiciels malveillants basés sur l'apprentissage les plus récents sont faciles à contourner, avec un taux d'évasion de plus de 50 %. Cependant, le système que nous avons proposé construit un mécanisme robuste contre les perturbations adverses en utilisant son espace continu intrinsèque obtenu après la transformation intelligente des fichiers Dex et Manifest, ce qui rend le système de détection difficile à contourner<br>The exhilarating proliferation of smartphones and their indispensability to human life is inevitable. The exponential growth is also triggering widespread malware and stumbling the prosperous mobile ecosystem. Among all handheld devices, Android is the most targeted hive for malware authors due to its popularity, open-source availability, and intrinsic infirmity to access internal resources. Machine learning-based approaches have been successfully deployed to combat evolving and polymorphic malware campaigns. As the classifier becomes popular and widely adopted, the incentive to evade the classifier also increases. Researchers and adversaries are in a never-ending race to strengthen and evade the android malware detection system. To combat malware campaigns and counter adversarial attacks, we propose a robust image-based android malware detection system that has proven its robustness against various adversarial attacks. The proposed platform first constructs the android malware detection system by intelligently transforming the Android Application Packaging (APK) file into a lightweight RGB image and training a convolutional neural network (CNN) for malware detection and family classification. Our novel transformation method generates evident patterns for benign and malware APKs in color images, making the classification easier. The detection system yielded an excellent accuracy of 99.37% with a False Negative Rate (FNR) of 0.8% and a False Positive Rate (FPR) of 0.39% for legacy and new malware variants. In the second phase, we evaluate the robustness of our secured image-based android malware detection system. To validate its hardness and effectiveness against evasion, we have crafted three novel adversarial attack models. Our thorough evaluation reveals that state-of-the-art learning-based malware detection systems are easy to evade, with more than a 50% evasion rate. However, our proposed system builds a secure mechanism against adversarial perturbations using its intrinsic continuous space obtained after the intelligent transformation of Dex and Manifest files which makes the detection system strenuous to bypass
APA, Harvard, Vancouver, ISO, and other styles
7

Gitzinger, Louison. "Surviving the massive proliferation of mobile malware." Thesis, Rennes 1, 2020. http://www.theses.fr/2020REN1S058.

Full text
Abstract:
De nos jours, nous sommes entourés de périphériques intelligents autonomes qui interagissent avec de nombreux services dans le but d'améliorer notre niveau de vie. Ces périphériques font partie d'écosystèmes plus larges, dans lesquels de nombreuses entreprises collaborent pour faciliter la distribution d'applications entre les développeurs et les utilisateurs. Cependant, des personnes malveillantes en profitent illégalement pour infecter les appareils des utilisateurs avec des application malveillantes. Malgré tous les efforts mis en œuvre pour défendre ces écosystèmes, le taux de périphériques infectés par des malware est toujours en augmentation en 2020.Dans cette thèse, nous explorons trois axes de recherche dans le but d'améliorer globalement la détection de malwares dans l'écosystème Android. Nous démontrons d'abord que la précision des systèmes de détection basés sur le machine learning peuvent être améliorés en automatisant leur évaluation et en ré-utilisant le concept d'AutoML pour affiner les paramètres des algorithmes d'apprentissage. Nous proposons une approche pour créer automatiquement des variantes de malwares à partir de combinaisons de techniques d'évasion complexes pour diversifier les datasets de malwares expérimentaux dans le but de mettre à l'épreuve les systèmes de détection. Enfin, nous proposons des méthodes pour améliorer la qualité des datasets expérimentaux utilisés pour entrainer et tester les systèmes de détection<br>Nowadays, many of us are surrounded by smart devices that seamlessly operate interactively and autonomously together with multiple services to make our lives more comfortable. These smart devices are part of larger ecosystems, in which various companies collaborate to ease the distribution of applications between developers and users. However malicious attackers take advantage of them illegitimately to infect users' smart devices with malicious applications. Despite all the efforts made to defend these ecosystems, the rate of devices infected with malware is still increasing in 2020. In this thesis, we explore three research axes with the aim of globally improving malware detection in the Android ecosystem. We demonstrate that the accuracy of machine learning-based detection systems can be improved by automating their evaluation and by reusing the concept of AutoML to fine-tune learning algorithms parameters. We propose an approach to automatically create malware variants from combinations of complex evasion techniques to diversify experimental malware datasets in order to challenge existing detection systems. Finally, we propose methods to globally increase the quality of experimental datasets used to train and test detection systems
APA, Harvard, Vancouver, ISO, and other styles
8

Griffin, Mark. "Assessment of run-time malware detection through critical function hooking and process introspection against real-world attacks." Thesis, The University of Texas at San Antonio, 2013. http://pqdtopen.proquest.com/#viewpdf?dispub=1538324.

Full text
Abstract:
<p> Malware attacks have become a global threat to which no person or organization seems immune. Drive-by attacks and spear-phishing are two of the most prevalent and potentially damaging types of malware attacks, and traditionally both of these rely on exploiting a client application such as a browser or document viewer. This thesis focuses on the detection of a malware attack after a target application has been exploited, and while the malware is still executing in the context of the exploited process. This research presents an implementation of an application monitoring system that hooks critical functions and inspects characteristics of the process state in order to detect malware. The testing of the application monitoring system utilizes a corpus of exploits taken from a variety of real-world malware attacks, including several well-publicized examples. The resulting evaluation demonstrates the utility of function hooking and process state inspection techniques as a platform for detecting and stopping sophisticated malware attacks.</p>
APA, Harvard, Vancouver, ISO, and other styles
9

Barabosch, Thomas Felix [Verfasser]. "Formalization and Detection of Host-Based Code Injection Attacks in the Context of Malware / Thomas Felix Barabosch." Bonn : Universitäts- und Landesbibliothek Bonn, 2018. http://d-nb.info/1173789804/34.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Barabosch, Thomas [Verfasser]. "Formalization and Detection of Host-Based Code Injection Attacks in the Context of Malware / Thomas Felix Barabosch." Bonn : Universitäts- und Landesbibliothek Bonn, 2018. http://d-nb.info/1173789804/34.

Full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Malware attack detection"

1

Saxe, Joshua, and Hillary Sanders. Malware Data Science: Attack Detection and Attribution. No Starch Press, 2018.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Malware attack detection"

1

Lucas, Keane, Mahmood Sharif, Lujo Bauer, Michael K. Reiter, and Saurabh Shintre. "Deceiving ML-Based Friend-or-Foe Identification for Executables." In Advances in Information Security. Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-16613-6_10.

Full text
Abstract:
AbstractDeceiving an adversary who may, e.g., attempt to reconnoiter a system before launching an attack, typically involves changing the system’s behavior such that it deceives the attacker while still permitting the system to perform its intended function. We develop techniques to achieve such deception by studying a proxy problem: malware detection.Researchers and anti-virus vendors have proposed DNNs for malware detection from raw bytes that do not require manual feature engineering. In this work, we propose an attack that interweaves binary-diversification techniques and optimization frameworks to mislead such DNNs while preserving the functionality of binaries. Unlike prior attacks, ours manipulates instructions that are a functional part of the binary, which makes it particularly challenging to defend against. We evaluated our attack against three DNNs in white- and black-box settings and found that it often achieved success rates near 100%. Moreover, we found that our attack can fool some commercial anti-viruses, in certain cases with a success rate of 85%. We explored several defenses, both new and old, and identified some that can foil over 80% of our evasion attempts. However, these defenses may still be susceptible to evasion by attacks, and so we advocate for augmenting malware-detection systems with methods that do not rely on machine learning.
APA, Harvard, Vancouver, ISO, and other styles
2

Fritsch, Lothar, Aws Jaber, and Anis Yazidi. "An Overview of Artificial Intelligence Used in Malware." In Communications in Computer and Information Science. Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-17030-0_4.

Full text
Abstract:
AbstractArtificial intelligence (AI) and machine learning (ML) methods are increasingly adopted in cyberattacks. AI supports the establishment of covert channels, as well as the obfuscation of malware. Additionally, AI results in new forms of phishing attacks and enables hard-to-detect cyber-physical sabotage. Malware creators increasingly deploy AI and ML methods to improve their attack’s capabilities. Defenders must therefore expect unconventional malware with new, sophisticated and changing features and functions. AI’s potential for automation of complex tasks serves as a challenge in the face of defensive deployment of anti-malware AI techniques. This article summarizes the state of the art in AI-enhanced malware and the evasion and attack techniques it uses against AI-supported defensive systems. Our findings include articles describing targeted attacks against AI detection functions, advanced payload obfuscation techniques, evasion of networked communication with AI methods, malware for unsupervised-learning-based cyber-physical sabotage, decentralized botnet control using swarm intelligence and the concealment of malware payloads within neural networks that fulfill other purposes.
APA, Harvard, Vancouver, ISO, and other styles
3

Kurmus, Anil, Sergej Dechand, and Rüdiger Kapitza. "Quantifiable Run-Time Kernel Attack Surface Reduction." In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-08509-8_12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Wang, An, Aziz Mohaisen, Wentao Chang, and Songqing Chen. "Capturing DDoS Attack Dynamics Behind the Scenes." In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer International Publishing, 2015. http://dx.doi.org/10.1007/978-3-319-20550-2_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Larson, Ulf, Emilie Lundin-Barse, and Erland Jonsson. "METAL – A Tool for Extracting Attack Manifestations." In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11506881_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Wang, Wubing, Guoxing Chen, Yueqiang Cheng, Yinqian Zhang, and Zhiqiang Lin. "Specularizer : Detecting Speculative Execution Attacks via Performance Tracing." In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-80825-9_8.

Full text
Abstract:
AbstractThis paper presents Specularizer, a framework for uncovering speculative execution attacks using performance tracing features available in commodity processors. It is motivated by the practical difficulty of eradicating such vulnerabilities in the design of CPU hardware and operating systems and the principle of defense-in-depth. The key idea of Specularizer is the use of Hardware Performance Counters and Processor Trace to perform lightweight monitoring of production applications and the use of machine learning techniques for identifying the occurrence of the attacks during offline forensics analysis. Different from prior works that use performance counters to detect side-channel attacks, Specularizer monitors triggers of the critical paths of the speculative execution attacks, thus making the detection mechanisms robust to different choices of side channels used in the attacks. To evaluate Specularizer, we model all known types of exception-based and misprediction-based speculative execution attacks and automatically generate thousands of attack variants. Experimental results show that Specularizer yields superior detection accuracy and the online tracing of Specularizer incur reasonable overhead.
APA, Harvard, Vancouver, ISO, and other styles
7

Ben Salem, Malek, and Salvatore J. Stolfo. "Decoy Document Deployment for Effective Masquerade Attack Detection." In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer Berlin Heidelberg, 2011. http://dx.doi.org/10.1007/978-3-642-22424-9_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Gruss, Daniel, Clémentine Maurice, Klaus Wagner, and Stefan Mangard. "Flush+Flush: A Fast and Stealthy Cache Attack." In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-40667-1_14.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Rietz, René, Michael Vogel, Franka Schuster, and Hartmut König. "Parallelization of Network Intrusion Detection Systems under Attack Conditions." In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-08509-8_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Gruss, Daniel, Clémentine Maurice, and Stefan Mangard. "Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript." In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-40667-1_15.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Malware attack detection"

1

Kumar, Kaushal, Aasia Parveen, Faisal Hasan, Ajay Kumar, Aditya Jain, and Vinay Kumar. "Malware Attack Detection Using Machine Learning Techniques." In 2024 4th Asian Conference on Innovation in Technology (ASIANCON). IEEE, 2024. https://doi.org/10.1109/asiancon62057.2024.10838032.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Ige, Tosin, Christopher Kiekintveld, Aritran Piplai, Amy Wagler, Olukunle Kolade, and Bolanle Hafiz Matti. "An in-Depth Investigation Into the Performance of State-of-the-Art Zero-Shot, Single-Shot, and Few-Shot Learning Approaches on an Out-of-Distribution Zero-Day Malware Attack Detection." In 2024 International Symposium on Networks, Computers and Communications (ISNCC). IEEE, 2024. http://dx.doi.org/10.1109/isncc62547.2024.10758952.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Ouazza, Hajra, Fadoua Khennou, and Abderrahim Abdellaoui. "Adversarial Retraining and White-Box Attacks for Robust Malware Detection." In 2025 13th International Symposium on Digital Forensics and Security (ISDFS). IEEE, 2025. https://doi.org/10.1109/isdfs65363.2025.11012053.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Kulkarni, Siddhant, and Hemant Rathore. "DNN-GRAD: Exploiting Membership Inference for Adversarial Attacks on Malware Detection Models." In 2025 IEEE 22nd Consumer Communications & Networking Conference (CCNC). IEEE, 2025. https://doi.org/10.1109/ccnc54725.2025.10975992.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Chen, Yi-Ming, Yu-Cheng Yan, and Qing-Min Yang. "Using Explainability Techniques to Assist Android Malware Detection Models in Resisting Adversarial Attacks." In 2024 11th International Conference on Soft Computing & Machine Intelligence (ISCMI). IEEE, 2024. https://doi.org/10.1109/iscmi63661.2024.10851553.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Mittal, Saksham, Mohammad Wazid, D. P. Singh, and Mukesh Singh. "An Ensemble Learning Based Approach for Detection of Malware Attacks in IoT Network." In 2024 OPJU International Technology Conference (OTCON) on Smart Computing for Innovation and Advancement in Industry 4.0. IEEE, 2024. http://dx.doi.org/10.1109/otcon60325.2024.10687748.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Balakrishnan, S., S. Leelavathy, Sunil Kumar RM, and S. Simonthomas. "Machine Learning based Portable Executable Malware and DDoS Attacks Detection in IoT Networks." In 2025 International Conference on Intelligent Computing and Control Systems (ICICCS). IEEE, 2025. https://doi.org/10.1109/iciccs65191.2025.10984796.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Chenet, Cristiano Pegoraro, Alessandro Savino, and Stefano Di Carlo. "Zero-Day Hardware-Supported Malware Detection of Stack Buffer Overflow Attacks: An Application Exploiting the CV32e40p RISC-V Core." In 2025 IEEE 26th Latin American Test Symposium (LATS). IEEE, 2025. https://doi.org/10.1109/lats65346.2025.10963939.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Mihai, Ioan cosmin, and Laurentiu Giurea. "MANAGEMENT OF ELEARNING PLATFORMS SECURITY." In eLSE 2016. Carol I National Defence University Publishing House, 2016. http://dx.doi.org/10.12753/2066-026x-16-061.

Full text
Abstract:
The existence of many cyber-attacks targeted to online environment, make eLearning platforms security a major concern. To secure an eLearning platform there are three interconnected strategies: prevention (the actions taken before an attack), detection (the action taken during an attack) and response (the action taken after an attack). This paper focuses on detection, providing different strategies to detect if eLearning platform security was compromised: intrusion detection, malware detection and suspicious activities detection. An attack tree is developed to simulate and to observe the impact of cyber-attacks on eLearning platforms. The attack tree lists and develops methods by which an attacker can cause a security incident on platforms. The attack tree is useful to explore certain attack paths in depth and to generate intrusion scenarios on a website. To conduct a cyber-attack to an eLearning platform, each edge to the internal node structure of the attack tree must be traversed. The internal nodes of the attack tree represent the seven stages of the intrusion model Kill Chain, which was defined by researchers from Lockheed Martin. This model consists of seven stages: reconnaissance, weaponization, delivery, exploitation, installation, command and control and action on objectives. The external edges of the tree that connect the leaf nodes, represent optional attack vectors. The results from the simulation attacks are used to presents the management of eLearning platforms security against cyber-attacks. An eLearning platform security is affected when the integrity or availability of the platform's files are compromised or additional malicious activity has been detected; for example malware infections, redirections to malicious websites or other suspicious activities like phishing or spamming. While there are no solutions to guarantee the security of eLearning platforms, this paper describes the attack vectors and presents various solutions to detect indicators of compromise.
APA, Harvard, Vancouver, ISO, and other styles
10

Zhao, Kaifa, Hao Zhou, Yulin Zhu, et al. "Structural Attack against Graph Based Android Malware Detection." In CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2021. http://dx.doi.org/10.1145/3460120.3485387.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Malware attack detection' for particular source types:
Journal articles Dissertations / Theses
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography