To see the other types of publications on this topic, follow the link: Malware.
Journal articles on the topic 'Malware'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Malware.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Sehrawat, Sahil, and Dr Dinesh Singh. "Malware and Malware Detection Techniques: A Survey." International Journal for Research in Applied Science and Engineering Technology 10, no. 5 (May 31, 2022): 3947–53. http://dx.doi.org/10.22214/ijraset.2022.43287.
Full textAbstract:
Abstract: Malicious software is a kind of software or codes which took some: private data, information from the PC framework, its tasks is to do only malicious objectives to the PC framework, without authorization of the PC clients. The effect of malicious software are worsen to the client. Malicious software i.e malwares are programs that are made to mischief, hinder or harm PCs, organizations and different assets related with it. Malwares are moved in PCs without the information on its proprietor. Presently malicious program is a serious threat. It is created to harm the PC framework and some of them are spread over the associated framework in the organization or web association. Analysts are making great efforts in malware framework field with compelling malware detection techniques to safeguard PC framework. Two essential methodologies have been proposed for it for example signature-based and heuristic-based detection. These methodologies distinguish known malware precisely yet can't distinguish the new, obscure malware. Recently various analysts have proposed malware identification framework utilizing data mining and machine learning strategies to distinguish between obscure and non – obscure malwares. In this paper, an detailed examination has been led on the present status of malware infection and work done for finding it. Keywords: PC framework, malicious software, heuristic-based , signature – based , zero -day malware , obscure malware
2
Krishna, T. Shiva Rama. "Malware Detection using Deep Learning." International Journal for Research in Applied Science and Engineering Technology 9, no. VI (June 20, 2021): 1847–53. http://dx.doi.org/10.22214/ijraset.2021.35426.
Full textAbstract:
Malicious software or malware continues to pose a major security concern in this digital age as computer users, corporations, and governments witness an exponential growth in malware attacks. Current malware detection solutions adopt Static and Dynamic analysis of malware signatures and behaviour patterns that are time consuming and ineffective in identifying unknown malwares. Recent malwares use polymorphic, metamorphic and other evasive techniques to change the malware behaviour’s quickly and to generate large number of malwares. Since new malwares are predominantly variants of existing malwares, machine learning algorithms are being employed recently to conduct an effective malware analysis. This requires extensive feature engineering, feature learning and feature representation. By using the advanced MLAs such as deep learning, the feature engineering phase can be completely avoided. Though some recent research studies exist in this direction, the performance of the algorithms is biased with the training data. There is a need to mitigate bias and evaluate these methods independently in order to arrive at new enhanced methods for effective zero-day malware detection. To fill the gap in literature, this work evaluates classical MLAs and deep learning architectures for malware detection, classification and categorization with both public and private datasets. The train and test splits of public and private datasets used in the experimental analysis are disjoint to each other’s and collected in different timescales. In addition, we propose a novel image processing technique with optimal parameters for MLAs and deep learning architectures. A comprehensive experimental evaluation of these methods indicate that deep learning architectures outperform classical MLAs. Overall, this work proposes an effective visual detection of malware using a scalable and hybrid deep learning framework for real-time deployments. The visualization and deep learning architectures for static, dynamic and image processing-based hybrid approach in a big data environment is a new enhanced method for effective zero-day malware detection.
3
Joshi, Sakshi, and Santosh Mahagaonkar. "MALWARE DETECTION USING MACHINE LEARNING TECHNIQUES." International Journal of Engineering Applied Sciences and Technology 7, no. 5 (September 1, 2022): 86–91. http://dx.doi.org/10.33564/ijeast.2022.v07i05.014.
Full textAbstract:
Malware attacks have become serious and crucial issue now a days, as it can affect victim in many ways. Hence detecting malware at early stage is an essential aspect in the security of computer systems. Existing malware system contains a traditional antivirus detection method that depends on signature-based and behavioral methods. Traditional methods of malware detection are not that effective and cannot detect unknown malwares. In recent years machine learning is coming out as an emerging and challenging field in malware detection. Proposed method implements machine learning and deep learning technique for detecting malware. This is achieved using machine learning algorithm, Support Vector Machine and deep learning concept using Convolutional Neural Networks where in malwares are represented as images. The study compares the performance of conventional, machine learning-based, and deep learningbased malware detection techniques. Proposed method implemented for malware detection using Convolutional Neural Networks with malware images is more secure compare to dynamic based method as binary malware files are converted to images and images are never executed also it can reduce drawbacks of traditional signature based method at some extent.
4
Marcello, Mario. "Collecting Malware in Swiss German University with Low Energy and Cost Computer." Journal of Applied Information, Communication and Technology 5, no. 2 (October 28, 2018): 85–91. http://dx.doi.org/10.33555/ejaict.v5i2.57.
Full textAbstract:
The malware spreads massively in Indonesia. The security in Information Technology doesn’t seem to become a top priority for Indonesian. The use of pirated software is still high, although it is the biggest threat and entrance for the malwares to attacks. This paper shows how to collect a spreading malware in a system to know the malware trends that exist. So, the owner may know the malware trends inside his system and he can countermeasure the attacks. To collect the malwares, I use the Dionaea, the honeypot to collect malware and implement it to Raspberry Pi. Raspberry Pi is a small, low cost and low energy consumption computer. By using Raspberry Pi to collect malware, we can minimize budget, save the energy and space.
5
Wang, Shuo, Jian Wang, Yafei Song, and Song Li. "Malicious Code Variant Identification Based on Multiscale Feature Fusion CNNs." Computational Intelligence and Neuroscience 2021 (December 14, 2021): 1–10. http://dx.doi.org/10.1155/2021/1070586.
Full textAbstract:
The increasing volume and types of malwares bring a great threat to network security. The malware binary detection with deep convolutional neural networks (CNNs) has been proved to be an effective method. However, the existing malware classification methods based on CNNs are unsatisfactory to this day because of their poor extraction ability, insufficient accuracy of malware classification, and high cost of detection time. To solve these problems, a novel approach, namely, multiscale feature fusion convolutional neural networks (MFFCs), was proposed to achieve an effective classification of malware based on malware visualization utilizing deep learning, which can defend against malware variants and confusing malwares. The approach firstly converts malware code binaries into grayscale images, and then, these images will be normalized in size by utilizing the MFFC model to identify malware families. Comparative experiments were carried out to verify the performance of the proposed method. The results indicate that the MFFC stands out among the recent advanced methods with an accuracy of 98.72% and an average cost of 5.34 milliseconds on the Malimg dataset. Our method can effectively identify malware and detect variants of malware families, which has excellent feature extraction capability and higher accuracy with lower detection time.
6
Bavishi, Ujaliben Kalpesh, and Bhavesh Madanlal Jain. "Malware Analysis." International Journal of Advanced Research in Computer Science and Software Engineering 7, no. 12 (January 3, 2018): 27. http://dx.doi.org/10.23956/ijarcsse.v7i12.507.
Full textAbstract:
Malware, also known as malicious software affects the user’s computer system or mobile devices by exploiting the system’s vulnerabilities. It is a major threat to the security of the computer systems. Some of the types of malwares that are most commonly used are viruses, trojans, worms, etc. Nowadays, there is a widespread use of malware which allows malware author to get sensitive information like bank details, contact information which is a serious threat in the world. Most of the malwares are spread through internet because of its frequent use which can destroy large systems piercing through network. Hence, in this paper, we focus on analyzing malware using different tools which can analyze the malware in a restricted environment. Since many malware authors uses self-modifying code and obfuscation, it is very difficult for the traditional antivirus software to detect the malware which identifies that it is under scan and it can change its execution sequence. So, in order to address the shortcomings of the traditional antivirus software, we will be discussing some of the analysis tools which runs analysis on the malware in an effective manner and helps us to analyze the malware which can help us to protect our system’s information.
7
Ismail, Ismahani, Sulaiman Mohd Nor, and Muhammad Nadzir Marsono. "Stateless Malware Packet Detection by Incorporating Naive Bayes with Known Malware Signatures." Applied Computational Intelligence and Soft Computing 2014 (2014): 1–8. http://dx.doi.org/10.1155/2014/197961.
Full textAbstract:
Malware detection done at the network infrastructure level is still an open research problem ,considering the evolution of malwares and high detection accuracy needed to detect these threats. Content based classification techniques have been proven capable of detecting malware without matching for malware signatures. However, the performance of the classification techniques depends on observed training samples. In this paper, a new detection method that incorporates Snort malware signatures into Naive Bayes model training is proposed. Through experimental work, we prove that the proposed work results in low features search space for effective detection at the packet level. This paper also demonstrates the viability of detecting malware at the stateless level (using packets) as well as at the stateful level (using TCP byte stream). The result shows that it is feasible to detect malware at the stateless level with similar accuracy to the stateful level, thus requiring minimal resource for implementation on middleboxes. Stateless detection can give a better protection to end users by detecting malware on middleboxes without having to reconstruct stateful sessions and before malwares reach the end users.
8
Zhang, Yu, and Feng Xia. "A Self-Relocation Based Method for Malware Detection." Applied Mechanics and Materials 220-223 (November 2012): 2688–93. http://dx.doi.org/10.4028/www.scientific.net/amm.220-223.2688.
Full textAbstract:
Malware (malicious software) is software designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to a computer system. Most malwares propagate themselves throughout the Internet by self-relocation. Self-relocation is a built-in module in most malwares that gets the base address of the code to correctly infect the other programs. Since most legitimate computer programs do not need the self-relocate module, the detection of malware with self-relocation module can be viewed as a promising approach for malware detection. This paper presents a self-relocation based method for both known and previously unknown malwares. The experiments indicate that the proposed approach has better ability to detect known and unknown malwares than other methods.
9
Srivastava, Prerna, and Mohan Raj. "Feature extraction for enhanced malware detection using genetic algorithm." International Journal of Engineering & Technology 7, no. 2.8 (March 19, 2018): 444. http://dx.doi.org/10.14419/ijet.v7i2.8.10479.
Full textAbstract:
The use of internet has affected almost every field today. With the increase in use of internet, the number of malwares affecting the systems has also increased to a great deal. A number of techniques have been developed by the researchers in order to detect these malwares. The Malware Detection consists of two parts, the analysis part and the detection part. Malwares analysis can be categorized into Static analysis, Dynamic analysis and Hybrid Analysis. The Detection techniques can broadly be classified into Signature based techniques and Behaviour based techniques. A brief introduction of Malware Detection techniques is addressed here. The process of Feature Extraction plays a very important role in determining the efficiency and accuracy of the Malware Detection process. It aims at determining the subset of features that helps better differentiate between the malicious and benign files. We aim to provide a Feature Extraction process based on Genetic process that can be used for Malware Detection.
10
John Oluwafemi Ogun. "Advancements in automated malware analysis: evaluating the efficacy of open-source tools in detecting and mitigating emerging malware threats to US businesses." International Journal of Science and Research Archive 12, no. 2 (August 30, 2024): 1958–64. http://dx.doi.org/10.30574/ijsra.2024.12.2.1488.
Full textAbstract:
Malware, short for malicious software, represents a significant and evolving threat to computer systems, targeting individuals, corporations, and governments globally. This paper explores the multifaceted nature of malware, which includes viruses, worms, Trojans, and more, and delves into how they compromise systems by disrupting services, stealing sensitive data, and denying access. Modern malware is increasingly sophisticated, evading traditional detection methods and posing challenges to cybersecurity professionals. This review outlines key methodologies in malware analysis, including MARE (Malware Analysis Reverse Engineering) and SAMA (Systematic Approach to Malware Analysis), which offer systematic frameworks for understanding and mitigating malware threats. Additionally, the paper highlights the challenges of malware analysis, such as the complexity of advanced malware variants and the limitations of current detection techniques. By examining the types of malwares, from ransomware to keyloggers, and discussing the signs of an attack, the paper underscores the importance of ongoing research and the development of more robust analytical tools. The insights provided aim to enhance the preparedness of IT professionals in combating emerging threats, emphasizing the necessity of a comprehensive understanding of malware behavior for effective defense strategies.
11
Yan, Jinpei, Yong Qi, and Qifan Rao. "Detecting Malware with an Ensemble Method Based on Deep Neural Network." Security and Communication Networks 2018 (2018): 1–16. http://dx.doi.org/10.1155/2018/7247095.
Full textAbstract:
Malware detection plays a crucial role in computer security. Recent researches mainly use machine learning based methods heavily relying on domain knowledge for manually extracting malicious features. In this paper, we propose MalNet, a novel malware detection method that learns features automatically from the raw data. Concretely, we first generate a grayscale image from malware file, meanwhile extracting its opcode sequences with the decompilation tool IDA. Then MalNet uses CNN and LSTM networks to learn from grayscale image and opcode sequence, respectively, and takes a stacking ensemble for malware classification. We perform experiments on more than 40,000 samples including 20,650 benign files collected from online software providers and 21,736 malwares provided by Microsoft. The evaluation result shows that MalNet achieves 99.88% validation accuracy for malware detection. In addition, we also take malware family classification experiment on 9 malware families to compare MalNet with other related works, in which MalNet outperforms most of related works with 99.36% detection accuracy and achieves a considerable speed-up on detecting efficiency comparing with two state-of-the-art results on Microsoft malware dataset.
12
Liu, Yu, Kai Guo, Xiangdong Huang, Zhou Zhou, and Yichi Zhang. "Detecting Android Malwares with High-Efficient Hybrid Analyzing Methods." Mobile Information Systems 2018 (March 13, 2018): 1–12. http://dx.doi.org/10.1155/2018/1649703.
Full textAbstract:
In order to tackle the security issues caused by malwares of Android OS, we proposed a high-efficient hybrid-detecting scheme for Android malwares. Our scheme employed different analyzing methods (static and dynamic methods) to construct a flexible detecting scheme. In this paper, we proposed some detecting techniques such as Com+ feature based on traditional Permission and API call features to improve the performance of static detection. The collapsing issue of traditional function call graph-based malware detection was also avoided, as we adopted feature selection and clustering method to unify function call graph features of various dimensions into same dimension. In order to verify the performance of our scheme, we built an open-access malware dataset in our experiments. The experimental results showed that the suggested scheme achieved high malware-detecting accuracy, and the scheme could be used to establish Android malware-detecting cloud services, which can automatically adopt high-efficiency analyzing methods according to the properties of the Android applications.
13
Panwala, Harshitkumar R. "A Methodological Study on Malware Analysis." International Journal for Research in Applied Science and Engineering Technology 9, no. 10 (October 31, 2021): 450–52. http://dx.doi.org/10.22214/ijraset.2021.38416.
Full textAbstract:
Abstract: Malware is an executable binary that is designed to be malicious. Malware can be used by attackers to carry out a range of malicious operations, such as spying on the victim using keyloggers or remote access tools (RATs) or deleting or encrypting data for "Ransom" payments. Malware is software that is designed to carry out malicious operations, and it comes in a variety of forms. Malware's impact, according to studies, is escalating. There are several tools available for malware analysis. The present study is the analysis of the malware known as “Malware Analysis”. Malware analysis is the study or process of extracting as much information as possible from a malware sample in order to determine its operation, origin, and potential impact. The information obtained aids in determining the functioning and scope of malware, as well as how the system got infected and how to guard against future attacks.
14
Faruki, Parvez, Rati Bhan, Vinesh Jain, Sajal Bhatia, Nour El Madhoun, and Rajendra Pamula. "A Survey and Evaluation of Android-Based Malware Evasion Techniques and Detection Frameworks." Information 14, no. 7 (June 30, 2023): 374. http://dx.doi.org/10.3390/info14070374.
Full textAbstract:
Android platform security is an active area of research where malware detection techniques continuously evolve to identify novel malware and improve the timely and accurate detection of existing malware. Adversaries are constantly in charge of employing innovative techniques to avoid or prolong malware detection effectively. Past studies have shown that malware detection systems are susceptible to evasion attacks where adversaries can successfully bypass the existing security defenses and deliver the malware to the target system without being detected. The evolution of escape-resistant systems is an open research problem. This paper presents a detailed taxonomy and evaluation of Android-based malware evasion techniques deployed to circumvent malware detection. The study characterizes such evasion techniques into two broad categories, polymorphism and metamorphism, and analyses techniques used for stealth malware detection based on the malware’s unique characteristics. Furthermore, the article also presents a qualitative and systematic comparison of evasion detection frameworks and their detection methodologies for Android-based malware. Finally, the survey discusses open-ended questions and potential future directions for continued research in mobile malware detection.
15
Suryati, One Tika, and Avon Budiono. "Impact Analysis of Malware Based on Call Network API With Heuristic Detection Method." International Journal of Advances in Data and Information Systems 1, no. 1 (April 1, 2020): 1–8. http://dx.doi.org/10.25008/ijadis.v1i1.176.
Full textAbstract:
Malware is a program that has a negative influence on computer systems that don't have user permissions. The purpose of making malware by hackers is to get profits in an illegal way. Therefore, we need a malware analysis. Malware analysis aims to determine the specifics of malware so that security can be built to protect computer devices. One method for analyzing malware is heuristic detection. Heuristic detection is an analytical method that allows finding new types of malware in a file or application. Many malwares are made to attack through the internet because of technological advancements. Based on these conditions, the malware analysis is carried out using the API call network with the heuristic detection method. This aims to identify the behavior of malware that attacks the network. The results of the analysis carried out are that most malware is spyware, which is lurking user activity and retrieving user data without the user's knowledge. In addition, there is also malware that is adware, which displays advertisements through pop-up windows on computer devices that interfaces with user activity. So that with these results, it can also be identified actions that can be taken by the user to protect his computer device, such as by installing antivirus or antimalware, not downloading unauthorized applications and not accessing unsafe websites.
16
Chintha, Prithvi, and Kakelli Anil Kumar. "EMERGING MACHINE LEARNING TECHNIQUES IN MALWARE DETECTION AND ANALYSIS: A COMPARATIVE ANALYSIS." International Journal of Advanced Research 8, no. 10 (October 31, 2020): 771–79. http://dx.doi.org/10.21474/ijar01/11900.
Full textAbstract:
New types of malware with unique characteristics are being created daily in legion. This exponential increase in malwareis creating a threat to the internet. From the past decade, various techniques of malware analysis and malware detection have been developed to prevent the efficacy of malware. However, due to the fast-growing numbers and complexities in malware, it is getting difficult to detect and analyze the malware manually. Because of the inefficiency in manual malware analysis, automated malware detection and analysis would be a better solution. Thus, malware analysis supported by machine learning became a required part of malware analysis. The automation used in learning patterns in malware can help in efficiently identifying the complexities. Malware Analysis with help the Machine learning would be more efficacious in terms of automation and memory usage. In this paper, we conducted a review of emerging various ML (Machine Learning) strategies used so far, in the field of malware analysis, to give a comprehensive view of the existing processes. We systemized them on various aspects like their objectives, machine learning algorithms used, information about the malware, etc. We also highlighted the existing problems in this particular field of study and tried to find multiple ways in which advancements can happen concerning the current trends being used.
17
Alrammal, Muath, Munir Naveed, and Georgios Tsaramirsis. "A Novel Monte-Carlo Simulation-Based Model for Malware Detection (eRBCM)." Electronics 10, no. 22 (November 22, 2021): 2881. http://dx.doi.org/10.3390/electronics10222881.
Full textAbstract:
The use of innovative and sophisticated malware definitions poses a serious threat to computer-based information systems. Such malware is adaptive to the existing security solutions and often works without detection. Once malware completes its malicious activity, it self-destructs and leaves no obvious signature for detection and forensic purposes. The detection of such sophisticated malware is very challenging and a non-trivial task because of the malware’s new patterns of exploiting vulnerabilities. Any security solutions require an equal level of sophistication to counter such attacks. In this paper, a novel reinforcement model based on Monte-Carlo simulation called eRBCM is explored to develop a security solution that can detect new and sophisticated network malware definitions. The new model is trained on several kinds of malware and can generalize the malware detection functionality. The model is evaluated using a benchmark set of malware. The results prove that eRBCM can identify a variety of malware with immense accuracy.
18
M.Sunitha Reddy, Et al. "Exploiting And Estimating Malware Using Feature Impact Derived From API Call Sequence Learning." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 10 (November 2, 2023): 1406–9. http://dx.doi.org/10.17762/ijritcc.v11i10.8684.
Full textAbstract:
Malware is a serious threat being posed and it has been a continuous process of protecting the systems from existing and new malware variants by defining new approaches for malware detection .In this process malware samples are first analyzed to understand the behavior of the vulnerable samples and accordingly statistical methods are defined for malware detection. Many approaches are defined for understanding the behavior of malware executables which are broadly classified in to static and dynamic assessments. The static analysis can only be used for identifying the existing types of malware but code obfuscation has made it complex to identify the variants of existing malware. To counter the code obfuscation the dynamic analysis of malware is prioritized over static analysis where the malwares are analyzed by running them in an emulated environment to understand the intent of the samples. As there is an acute need of developing a more precise and accurate approach for malware detection, this paper contributes in the above said direction where we proposed a novel measure to estimate malware by exploiting the malicious intent of executables. It is a machine learning approach where the knowledge is acquired from the existing malicious executable and the same knowledge is used to estimate the new variants of the existing malware. The proposed statistical approach can be used to improve the scalability, accuracy and robustness. It also defends against zero day exploits.
19
Bhaya, Wesam S., and Mustafa A. Ali. "Review on Malware and Malware Detection Using Data Mining Techniques." JOURNAL OF UNIVERSITY OF BABYLON for Pure and Applied Sciences 25, no. 5 (November 29, 2017): 1585–601. http://dx.doi.org/10.29196/jub.v25i5.104.
Full textAbstract:
Malicious software is any type of software or codes which hooks some: private information, data from the computer system, computer operations or(and) merely just to do malicious goals of the author on the computer system, without permission of the computer users. (The short abbreviation of malicious software is Malware). However, the detection of malware has become one of biggest issues in the computer security field because of the current communication infrastructures are vulnerable to penetration from many types of malware infection strategies and attacks. Moreover, malwares are variant and diverse in volume and types and that strictly explode the effectiveness of traditional defense methods like signature approach, which is unable to detect a new malware. However, this vulnerability will lead to a successful computer system penetration (and attack) as well as success of more advanced attacks like distributed denial of service (DDoS) attack. Data mining methods can be used to overcome limitation of signature-based techniques to detect the zero-day malware. This paper provides an overview of malware and malware detection system using modern techniques such as techniques of data mining approach to detect known and unknown malware samples.
20
Christopher ., L. U., and I. T. Ayorinde. "Malware Detection Using Hidden Markov Model." Advances in Multidisciplinary & Scientific Research Journal Publications 12, no. 2 (June 30, 2024): 37–46. http://dx.doi.org/10.22624/aims/digital/v11n2p4.
Full textAbstract:
Malware is a broad term for harmful software that poses significant threats by damaging computer systems and spreading across networks. Traditional detection methods include signature-based and heuristic-based techniques, which are effective against known malware but struggle with new, unknown variants, particularly sophisticated ones like metamorphic, encrypted, and polymorphic viruses. Hence, this research aims at improving malware detection, specifically targeting metamorphic malware that can evade traditional detection methods. The study shows the effectiveness of dynamic analysis over static analysis for detecting metamorphic malware due to its ability to adapt to the malware's constant changes. The dynamic analysis involves examining malware behavior during execution, using dynamic software birthmarks and the Hidden Markov Model to identify malicious activities. It therefore recommends the use of dynamic analysis in the detection of patterns of metamorphic malware. Keywords: Hidden markov models, Malware detection, Dynamic analysis and Static analysis
21
Abdel Ouahab, Ikram Ben, Lotfi Elaachak, and Mohammed Bouhorma. "Improve malware classifiers performance using cost-sensitive learning for imbalanced dataset." IAES International Journal of Artificial Intelligence (IJ-AI) 12, no. 4 (December 1, 2023): 1836. http://dx.doi.org/10.11591/ijai.v12.i4.pp1836-1844.
Full textAbstract:
<p>In recent times, malware visualization has become very popular for malware<br />classification in cybersecurity. Existing malware features can easily identify<br />known malware that have been already detected, but they cannot identify new<br />and infrequent malwares accurately. Moreover, deep learning algorithms<br />show their power in term of malware classification topic. However, we found<br />the use of imbalanced data; the Malimg database which contains 25 malware<br />families don’t have same or near number of images per class. To address these<br />issues, this paper proposes an effective malware classifier, based on costsensitive deep learning. When performing classification on imbalanced data, some classes get less accuracy than others. Cost-sensitive is meant to solve this issue, however in our case of 25 classes, classical cost-sensitive weights wasn’t effective is giving equal attention to all classes. The proposed approach improves the performance of malware classification, and we demonstrate this improvement using two Convolutional Neural Network models using functional and subclassing programming techniques, based on loss, accuracy, recall and precision.</p>
22
Fazlali, Mahmood, Peyman Khodamoradi, Farhad Mardukhi, Masoud Nosrati, and Mohammad Mahdi Dehshibi. "Metamorphic malware detection using opcode frequency rate and decision tree." International Journal of Information Security and Privacy 10, no. 3 (July 2016): 67–86. http://dx.doi.org/10.4018/ijisp.2016070105.
Full textAbstract:
Malware is defined as any type of malicious code that is the potent to harm a computer or a network. Modern malwares are accompanied with mutation characteristics, namely polymorphism and metamorphism. They let malwares to generate enormous number of variants. Rising number of metamorphic malwares entails hardship in analyzing them for signature extraction and database updates. In spite of the broad use of signature-based methods in the security products, they are not able detect the new unseen morphs of malware, and it is stemmed from changing the structure of malware as well as the signature in each infection. In this paper, a novel method is proposed in which the proportion of opcodes is used for detecting the new morphs. Decision trees are utilized for classification and detection of malware variants based on the rate of opcode frequencies. Three metrics for evaluating the proposed method are speed, efficiency and accuracy. It was observed in the course of experiments that speed and time complexity will not be challenging factors; because of the fast nature of extracting the frequencies of opcodes from source assembly file. Empirical validation reveals that the proposed method outperforms the entire commercial antivirus programs with a high level of efficiency and accuracy.
23
Naeem, Muhammad Rehan, Rashid Amin, Sultan S. Alshamrani, and Abdullah Alshehri. "Digital Forensics for Malware Classification: An Approach for Binary Code to Pixel Vector Transition." Computational Intelligence and Neuroscience 2022 (April 21, 2022): 1–12. http://dx.doi.org/10.1155/2022/6294058.
Full textAbstract:
The most often reported danger to computer security is malware. Antivirus company AV-Test Institute reports that more than 5 million malware samples are created each day. A malware classification method is frequently required to prioritize these occurrences because security teams cannot address all of that malware at once. Malware’s variety, volume, and sophistication are all growing at an alarming rate. Hackers and attackers routinely design systems that can automatically rearrange and encrypt their code to escape discovery. Traditional machine learning approaches, in which classifiers learn based on a hand-crafted feature vector, are ineffective for classifying malware. Recently, deep convolutional neural networks (CNNs) successfully identified and classified malware. To categorize malware, a smart system has been suggested in this research. A novel model of deep learning is introduced to categorize malware families and multiclassification. The malware file is converted to a grayscale picture, and the image is then classified using a convolutional neural network. To evaluate the performance of our technique, we used a Microsoft malware dataset of 10,000 samples with nine distinct classifications. The findings stood out among the deep learning models with 99.97% accuracy for nine malware types.
24
Zou, Futai, Siyu Zhang, Weixiong Rao, and Ping Yi. "Detecting Malware Based on DNS Graph Mining." International Journal of Distributed Sensor Networks 2015 (2015): 1–12. http://dx.doi.org/10.1155/2015/102687.
Full textAbstract:
Malware remains a major threat to nowadays Internet. In this paper, we propose a DNS graph mining-based malware detection approach. A DNS graph is composed of DNS nodes, which represent server IPs, client IPs, and queried domain names in the process of DNS resolution. After the graph construction, we next transform the problem of malware detection to the graph mining task of inferring graph nodes’ reputation scores using the belief propagation algorithm. The nodes with lower reputation scores are inferred as those infected by malwares with higher probability. For demonstration, we evaluate the proposed malware detection approach with real-world dataset. Our real-world dataset is collected from campus DNS servers for three months and we built a DNS graph consisting of 19,340,820 vertices and 24,277,564 edges. On the graph, we achieve a true positive rate 80.63% with a false positive rate 0.023%. With a false positive of 1.20%, the true positive rate was improved to 95.66%. We detected 88,592 hosts infected by malware or C&C servers, accounting for the percentage of 5.47% among all hosts. Meanwhile, 117,971 domains are considered to be related to malicious activities, accounting for 1.5% among all domains. The results indicate that our method is efficient and effective in detecting malwares.
25
Pachhala, Nagababu, Subbaiyan Jothilakshmi, and Bhanu Prakash Battula. "Android Malware Classification Using LSTM Model." Revue d'Intelligence Artificielle 36, no. 5 (December 23, 2022): 761–67. http://dx.doi.org/10.18280/ria.360514.
Full textAbstract:
From last two decades, smartphone use is essentially widespread around the world, and Android is the most popular open-source operating system, with the largest market share and active user population of any open-source operating system. This has resulted in malicious actors turning their attention toward the Android operating system to exploit user reliance and vulnerabilities that exist inside the system. Hackers can take advantage of consumers' sensitive data to engage in advertising, extortion, and theft. Most of the existing anti-malware software’s cannot be able to detect all the malwares because of the intelligent malwares. In this paper we use the deep learning based Long short-term memory (LSTM) network for android malware classification. The model is effective in classification of intelligent malwares. The proposed model is implemented using google colab. The model is archiving more than the 98% accuracy in classification of android malwares.
26
Jiao, Jian, Qiyuan Liu, Xin Chen, and Hongsheng Cao. "Behavior Intention Derivation of Android Malware Using Ontology Inference." Journal of Electrical and Computer Engineering 2018 (2018): 1–13. http://dx.doi.org/10.1155/2018/9250297.
Full textAbstract:
Previous researches on Android malware mainly focus on malware detection, and malware’s evolution makes the process face certain hysteresis. The information presented by these detected results (malice judgment, family classification, and behavior characterization) is limited for analysts. Therefore, a method is needed to restore the intention of malware, which reflects the relation between multiple behaviors of complex malware and its ultimate purpose. This paper proposes a novel description and derivation model of Android malware intention based on the theory of intention and malware reverse engineering. This approach creates ontology for malware intention to model the semantic relation between behaviors and its objects and automates the process of intention derivation by using SWRL rules transformed from intention model and Jess inference engine. Experiments on 75 typical samples show that the inference system can perform derivation of malware intention effectively, and 89.3% of the inference results are consistent with artificial analysis, which proves the feasibility and effectiveness of our theory and inference system.
27
Yildiz, Oktay, and Ibrahim Alper Doğru. "Permission-based Android Malware Detection System Using Feature Selection with Genetic Algorithm." International Journal of Software Engineering and Knowledge Engineering 29, no. 02 (February 2019): 245–62. http://dx.doi.org/10.1142/s0218194019500116.
Full textAbstract:
As the use of smartphones increases, Android, as a Linux-based open source mobile operating system (OS), has become the most popular mobile OS in time. Due to the widespread use of Android, malware developers mostly target Android devices and users. Malware detection systems to be developed for Android devices are important for this reason. Machine learning methods are being increasingly used for detection and analysis of Android malware. This study presents a method for detecting Android malware using feature selection with genetic algorithm (GA). Three different classifier methods with different feature subsets that were selected using GA were implemented for detecting and analyzing Android malware comparatively. A combination of Support Vector Machines and a GA yielded the best accuracy result of 98.45% with the 16 selected permissions using the dataset of 1740 samples consisting of 1119 malwares and 621 benign samples.
28
Garg, Umang, Santosh Kumar, and Manoj Kumar. "IHBOT: An Intelligent and Hybrid Model for Investigation and Classification of IoT Botnet." International Journal of Computer Network and Information Security 16, no. 5 (October 8, 2024): 98–112. http://dx.doi.org/10.5815/ijcnis.2024.05.08.
Full textAbstract:
The Internet of Things (IoT) is revolutionizing the technological market with exponential growth year wise. This revolution of IoT applications has also brought hackers and malware to gain remote access to IoT devices. The security of IoT systems has become more critical for consumers and businesses because of their inherent heterogenous design and open interfaces. Since the release of Mirai in 2016, IoT malware has gained an exponential growth rate. As IoT system and their infrastructure have become critical resources that triggers IoT malware injected by various shareholders in different settings. The enormous applications cause flooding of insecure packets and commands that fueled threats for IoT applications. IoT botnet is one of the most critical malwares that keeps evolving with the network traffic and may harm the privacy of IoT devices. In this work, we presented several sets of malware analysis mechanisms to understand the behavior of IoT malware. We devise an intelligent and hybrid model (IHBOT) that integrates the malware analysis and distinct machine learning algorithms for the identification and classification of the different IoT malware family based on network traffic. The clustering mechanism is also integrated with the proposed model for the identification of malware families based on similarity index. We have also applied YARA rules for the mitigation of IoT botnet traffic.
29
Fairbanks, Jeffrey, Andres Orbe, Christine Patterson, Edoardo Serra, and Marion Scheepers. "Identifying ATT&CK Tactics in Android Malware Control Flow Graph through Graph Representation Learning and Interpretability (Student Abstract)." Proceedings of the AAAI Conference on Artificial Intelligence 36, no. 11 (June 28, 2022): 12941–42. http://dx.doi.org/10.1609/aaai.v36i11.21607.
Full textAbstract:
To mitigate a malware threat it is important to understand the malware’s behavior. The MITRE ATT&ACK ontology specifies an enumeration of tactics, techniques, and procedures (TTP) that characterize malware. However, absent are automated procedures that would characterize, given the malware executable, which part of the execution flow is connected with a specific TTP. This paper provides an automation methodology to locate TTP in a sub-part of the control flow graph that describes the execution flow of a malware executable. This methodology merges graph representation learning and tools for machine learning explanation.
30
Farooq, Muhammad Shoaib, Zeeshan Akram, Atif Alvi, and Uzma Omer. "Role of Logistic Regression in Malware Detection: A Systematic Literature Review." VFAST Transactions on Software Engineering 10, no. 2 (May 15, 2022): 36–46. http://dx.doi.org/10.21015/vtse.v10i2.963.
Full textAbstract:
When brain, the first virus known introduced in computer systems, requirement of security was raised. Malware Detection turn out to be more vital when network is used for transferring Secret Information. Nowadays our central attributes i.e., Banking, Agriculture, Robotics, Virtual Social Life, Online Multiplayer Gaming, Private Conversations etc. is practicing internet and Malware will abolish everything if we discount it. Lots of new malwares are located by the passage of time, so we need a reliable, fast and trustworthy machine learning technique to handle them. Logistic Regression Classifier is useable for handling such a huge data, majorly counted in this paper. This is a complete SLR that delivers progressive approach in the field of malware detection. It legally reduces time and the cost of researchers. Limitations and future directions of machine learning classifiers to detect malwares are discussed in this paper.
31
Joshi, Ankit, Komesh Borkar, Rohit Dhote, Saurabh Raut, Swapnil Thomare, Raghavendra Kulkarni, and Sharda Chhabria. "A Machine Learning Technique to Detect Malware." International Journal for Research in Applied Science and Engineering Technology 10, no. 12 (December 31, 2022): 188–93. http://dx.doi.org/10.22214/ijraset.2022.47841.
Full textAbstract:
Abstract: Organizations have been threatened by malware for a long time, but timely detection of the virus remains a challenge. Malware may quickly damage the system by doing pointless tasks that burden it and prevent it from operating efficiently. There are two ways to detect malware: the traditional method that relies on the malware's signature and the behavior-based approach. The malware's behavior is characterized by the action it conducts when active in the machine, such as executing the operating system functions and downloading infected files from the internet. Based on how it behaves, the suggested algorithm finds the virus. The suggested model in this study is a hybrid of Support Vector Machine and Principle Component Analysis. For real Malware, our suggested model obtained an accuracy of 92.70% during validation, with 96% precision, 96.32% recall, and an f1- score of .96
32
Sharma, Divya. "Mobile Malware Detection using Machine Learning Classifiers." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 04 (April 28, 2024): 1–5. http://dx.doi.org/10.55041/ijsrem32180.
Full textAbstract:
In today world the mobile malware shows the significant threat to the security and privacy of the society using smartphones. These malware aims to access the sensitive data and harm the devices of users. This paper conducts a comprehensive comparison between the various machine learning and traditional methods for mobile malware detection based on the research papers published by the authors. Signature-based detection depends upon the predefined and common patterns, while the anomaly based techniques analyse the deviation from the regular normal behaviour. This study discusses the strengths and limitations of different approaches and highlights the need for adopting the malware detection methods to fight the growing threats. It also examines the role of machine learning algorithms, like Decision Trees, Random Forests, Convolutional Neural Networks, Support Vector Machines, and Naïve Bayes, for better malware detection. Latest findings and research highlights the importance of the continuing innovation to fight the emerging threat to the user privacy, data and security due to malwares. Keywords: Mobile Malware, Artificial Intelligence, Virus, Signature-based Detection, Machine Learning
33
Aiyeniko, Olukayode, Aishat Oladayo Jimoh-Mahmud, Temitope Ayanladun Oyelakun, Stella Kehinde Ogunkan, and Oluwaseyi Inubiwon Oluwabukola. "Prediction of Malwares in Microsoft Windows Operating Systems." International Journal of Research and Innovation in Applied Science IX, no. VII (2024): 202–13. http://dx.doi.org/10.51584/ijrias.2024.907020.
Full textAbstract:
Malware has been identified as one of the predominant cyber threats with the fast growth of the internet. Anti-malware vendors nowadays receive a huge amount of speculated malware files daily. To keep up with the flow of these malware-ridden files, machine-learning techniques are used to abstract similar malwares. This paper presents a prediction model for the prediction of malware attacks based on certain features of the machine and the Light Gradient Boost Algorithm was employed for this purpose. A dataset that came in two splits (the train and test splits) with entries of Windows machines with different specifications was acquired and preprocessed to remove irrelevant features. The train split of the dataset was then used to train the Light Gradient Boost Algorithm to derive a model which was then used for the prediction on the test split. The accuracy of the model was found to be 98% while the precision and recall of the model were also found to be 98%. This study would help Windows users know what kind of specifications of machines are more prone to malware attacks.
34
Alzahrani, Mohammad Eid. "Employing Incremental Learning for the Detection of Multiclass New Malware Variants." Indian Journal Of Science And Technology 17, no. 10 (March 1, 2024): 941–48. http://dx.doi.org/10.17485/ijst/v17i10.2862.
Full textAbstract:
Background/Objectives: The study aims to achieve two main objectives. The first is to reliably identify and categorize malware variations to maintain the security of computer systems. Malware poses a continuous threat to digital information and system integrity, hence the need for effective detection tools. The second objective is to propose a new incremental learning method. This method is designed to adapt over time, continually incorporating new data, which is crucial for identifying and managing multiclass malware variants. Methods: This study utilised an incremental learning technique as the basis of the approach, a type of machine learning whereby a system retains previous knowledge and builds upon the information from the newly acquired data. Particularly, this method is suitable for tackling mutating character of malware dangers. The researchers used various sets of actual world malwares for evaluating the applicability of these ideas which serves as an accurate test environment. Findings: The findings of the research are significant. We utilizing 6 different datasets, which included 158,101 benign and malicious instances, the method demonstrated a high attack detection accuracy of 99.34%. Moreover, the study was successful in identifying a new category of malware variants and distinguishing between 15 different attack categories. These results underscore the effectiveness of the proposed incremental learning method in a real-world scenario. Novelty: This research is unique because of the novel use of a tailored incremental learning technique for dealing with dynamic threat environment of malwares. However, with a new threat they cannot be so well adapted using traditional machine learning methods. On the other hand, the technique put forward in this paper facilitates continuous learning that can be modified to match different types of malicious software as they develop. The ability to evolve and adapt is an important addition to current cybersecurity practices that include malware identification and classification. Keywords: Cybersecurity, Malware Detection, Incremental learning
35
Amer, Eslam, Shaker El-Sappagh, and Jong Wan Hu. "Contextual Identification of Windows Malware through Semantic Interpretation of API Call Sequence." Applied Sciences 10, no. 21 (October 30, 2020): 7673. http://dx.doi.org/10.3390/app10217673.
Full textAbstract:
The proper interpretation of the malware API call sequence plays a crucial role in identifying its malicious intent. Moreover, there is a necessity to characterize smart malware mimicry activities that resemble goodware programs. Those types of malware imply further challenges in recognizing their malicious activities. In this paper, we propose a standard and straightforward contextual behavioral models that characterize Windows malware and goodware. We relied on the word embedding to realize the contextual association that may occur between API functions in malware sequences. Our empirical results proved that there is a considerable distinction between malware and goodware call sequences. Based on that distinction, we propose a new method to detect malware that relies on the Markov chain. We also propose a heuristic method that identifies malware’s mimicry activities by tracking the likelihood behavior of a given API call sequence. Experimental results showed that our proposed model outperforms other peer models that rely on API call sequences. Our model returns an average malware detection accuracy of 0.990, with a false positive rate of 0.010. Regarding malware mimicry, our model shows an average noteworthy accuracy of 0.993 in detecting false positives.
36
Tran, Kien, Hiroshi Sato, and Masao Kubo. "MANNWARE: A Malware Classification Approach with a Few Samples Using a Memory Augmented Neural Network." Information 11, no. 1 (January 17, 2020): 51. http://dx.doi.org/10.3390/info11010051.
Full textAbstract:
The ability to stop malware as soon as they start spreading will always play an important role in defending computer systems. It must be a huge benefit for organizations as well as society if intelligent defense systems could themselves detect and prevent new types of malware as soon as they reveal only a tiny amount of samples. An approach introduced in this paper takes advantage of One-shot/Few-shot learning algorithms to solve the malware classification problems using a Memory Augmented Neural Network in combination with the Natural Language Processing techniques such as word2vec, n-gram. We embed the malware’s API calls, which are very valuable sources of information for identifying malware’s behaviors, in the different feature spaces, and then feed them to the one-shot/few-shot learning models. Evaluating the model on the two datasets (FFRI 2017 and APIMDS) shows that the models with different parameters could yield high accuracy on malware classification with only a few samples. For example, on the APIMDS dataset, it was able to guess 78.85% correctly after seeing only nine malware samples and 89.59% after fine-tuning with a few other samples. The results confirmed very good accuracies compared to the other traditional methods, and point to a new area of malware research.
37
Hindarto, Djarot, and Arko Djajadi. "Android-manifest extraction and labeling method for malware compilation and dataset creation." International Journal of Electrical and Computer Engineering (IJECE) 13, no. 6 (December 1, 2023): 6568. http://dx.doi.org/10.11591/ijece.v13i6.pp6568-6577.
Full textAbstract:
<div align="center"><span lang="EN-US">Malware is a nuisance for smartphone users. The impact is detrimental to smartphone users if the smartphone is infected by malware. Malware identification is not an easy process for ordinary users due to its deeply concealed dangers in application package kit (APK) files available in the Android Play Store. In this paper, the challenges of creating malware datasets are discussed. Long before a malware classification process and model can be built, the need for datasets with representative features for most types of <span>malwares has to be addressed systematically. Only after a quality data set is available can a quality classification model be obtained using machine learning (ML) or deep learning (DL) algorithms. The entire malware classification process is</span> a full pipeline process and sub processes. The authors purposefully focus on the process of building quality malware datasets, not on ML itself, because implementing ML requires another effort after the reliable dataset is fully built. The overall step in creating the malware dataset starts with the extraction of the Android Manifest from the APK file set and ends with the labeling method for all the extracted APK files. The key contribution of this paper is on how to generate datasets systematically from any APK file.</span></div>
38
Dener, Murat, Gökçe Ok, and Abdullah Orman. "Malware Detection Using Memory Analysis Data in Big Data Environment." Applied Sciences 12, no. 17 (August 27, 2022): 8604. http://dx.doi.org/10.3390/app12178604.
Full textAbstract:
Malware is a significant threat that has grown with the spread of technology. This makes detecting malware a critical issue. Static and dynamic methods are widely used in the detection of malware. However, traditional static and dynamic malware detection methods may fall short in advanced malware detection. Data obtained through memory analysis can provide important insights into the behavior and patterns of malware. This is because malwares leave various traces on memories. For this reason, the memory analysis method is one of the issues that should be studied in malware detection. In this study, the use of memory data in malware detection is suggested. Malware detection was carried out by using various deep learning and machine learning approaches in a big data environment with memory data. This study was carried out with Pyspark on Apache Spark big data platform in Google Colaboratory. Experiments were performed on the balanced CIC-MalMem-2022 dataset. Binary classification was made using Random Forest, Decision Tree, Gradient Boosted Tree, Logistic Regression, Naive Bayes, Linear Vector Support Machine, Multilayer Perceptron, Deep Feed Forward Neural Network, and Long Short-Term Memory algorithms. The performances of the algorithms used have been compared. The results were evaluated using the Accuracy, F1-score, Precision, Recall, and AUC performance metrics. As a result, the most successful malware detection was obtained with the Logistic Regression algorithm, with an accuracy level of 99.97% in malware detection by memory analysis. Gradient Boosted Tree follows the Logistic Regression algorithm with 99.94% accuracy. The Naive Bayes algorithm showed the lowest performance in malware analysis with memory data, with an accuracy of 98.41%. In addition, many of the algorithms used have achieved very successful results. According to the results obtained, the data obtained from memory analysis is very useful in detecting malware. In addition, deep learning and machine learning approaches were trained with memory datasets and achieved very successful results in malware detection.
39
Jang, Jae-wook, and Huy Kang Kim. "Function-Oriented Mobile Malware Analysis as First Aid." Mobile Information Systems 2016 (2016): 1–11. http://dx.doi.org/10.1155/2016/6707524.
Full textAbstract:
Recently, highly well-crafted mobile malware has arisen as mobile devices manage highly valuable and sensitive information. Currently, it is impossible to detect and prevent all malware because the amount of new malware continues to increase exponentially; malware detection methods need to improve in order to respond quickly and effectively to malware. For the quick response, revealing the main purpose or functions of captured malware is important; however, only few recent works have attempted to find malware’s main purpose. Our approach is designed to help with efficient and effective incident responses or countermeasure development by analyzing the main functions of malicious behavior. In this paper, we propose a novel method for function-oriented malware analysis approach based on analysis of suspicious API call patterns. Instead of extracting API call patterns for malware in each family, we focus on extracting such patterns for certain malicious functionalities. Our proposed method dumps memory sections where an application is allocated and extracts suspicious API sequences from bytecode by comparing with predefined suspicious API lists. By matching API call patterns with our functionality database, our method determines whether they are malicious. The experiment results demonstrate that our method performs well in detecting malware with high accuracy.
40
M, Geetha, Ramkumar R, Sarankumar C, Velmurugan K, and Boopathi N. "Online Network Protection Firmware for Malware Identification Utilizing Transformer Learning." International Journal for Research in Applied Science and Engineering Technology 12, no. 2 (February 29, 2024): 110–13. http://dx.doi.org/10.22214/ijraset.2024.58280.
Full textAbstract:
Abstract: Malware ID expects a critical part in network security with the expansion in malware improvement. What more, kinds of progress in cutting edge assaults. Noxious programming applications, or malware, are the principal wellspring of different security issues. For different reasons, including the taking of state of the art developments and insightful properties, regulative exhibitions of retaliation, and the modification of sensitive information, to give some examples, these pernicious applications plan to perform unapproved exercises on the host machines to assist their makers. More valuable assistance systems are required because of the quick expansion of noxious programming on the web and their self changing skills, as in polymorphic and remarkable malware. This task proposes to support the MalFree Sandbox with stacked bidirectional long transient memory (Stacked BiLSTM) and generative prepared transformer based (GPT2) critical learning language models for recognizing pernicious code isolated. The proposed computations, specifically the bidirectional long transient memory (BiLSTM) model and the generative prepared transformer 2 (GPT-2) method, employ gathering rules derived from Minimal Executable (PE) Records static examination results to identify harmful code pieces. To comprehend malwares through MalFree Sandbox, care should be taken to sandbox the malwares in a climate that considers an encapsulation and exhaustive evaluation while in addition keeping on propelling spread from being gifted.
41
Prima, B., and M. Bouhorma. "USING TRANSFER LEARNING FOR MALWARE CLASSIFICATION." ISPRS - International Archives of the Photogrammetry, Remote Sensing and Spatial Information Sciences XLIV-4/W3-2020 (November 23, 2020): 343–49. http://dx.doi.org/10.5194/isprs-archives-xliv-4-w3-2020-343-2020.
Full textAbstract:
Abstract. In this paper, we propose a malware classification framework using transfer learning based on existing Deep Learning models that have been pre-trained on massive image datasets. In recent years there has been a significant increase in the number and variety of malwares, which amplifies the need to improve automatic detection and classification of the malwares. Nowadays, neural network methodology has reached a level that may exceed the limits of previous machine learning methods, such as Hidden Markov Models and Support Vector Machines (SVM). As a result, convolutional neural networks (CNNs) have shown superior performance compared to traditional learning techniques, specifically in tasks such as image classification. Motivated by this success, we propose a CNN-based architecture for malware classification. The malicious binary files are represented as grayscale images and a deep neural network is trained by freezing the pre-trained VGG16 layers on the ImageNet dataset and adapting the last fully connected layer to the malware family classification. Our evaluation results show that our approach is able to achieve an average of 98% accuracy for the MALIMG dataset.
42
Kumar, Rajeev, Mamdouh Alenezi, Md Ansari, Bineet Gupta, Alka Agrawal, and Raees Khan. "Evaluating the Impact of Malware Analysis Techniques for Securing Web Applications through a Decision-Making Framework under Fuzzy Environment." International Journal of Intelligent Engineering and Systems 13, no. 6 (December 31, 2020): 94–109. http://dx.doi.org/10.22266/ijies2020.1231.09.
Full textAbstract:
Nowadays, most of the cyber-attacks are initiated by extremely malicious programs known as Malware. Malwares are very vigorous and can penetrate the security of information and communication systems. While there are different techniques available for malware analysis, it becomes challenging to select the most effective approach. In this context, the decision-making process may be an efficient means of empirically assessing the impact of different methods for securing the web applications. In this research study, we have used a methodology that includes the integration of Fuzzy AHP and Fuzzy TOPSIS technique for evaluating the impact of different malware analysis techniques in web application perspective. This study uses different versions of a university’s web application for evaluating the impact of several existing malware analysis techniques. The findings of the study show that the Reverse Engineering approach is the most efficient technique for analyzing complex malware. The outcome of this study would definitely aid the future researchers and developers in selecting the appropriate techniques for scanning the web application code and enhancing the security.
43
Chamorro Palacios, Freddy Neptali, Edison Javier Guaña Moya, and Wilson Iván Sánchez Paredes. "Análisis de Memoria de Malware Ofuscado en el Conjunto de Datos CIC- MALMEM-2022." REVISTA MULTIDISCIPLINARIA DE DESARROLLO AGROPECUARIO, TECNOLÓGICO, EMPRESARIAL Y HUMANISTA. 6, no. 1 (February 24, 2024): 5. https://doi.org/10.61236/dateh.v6i1.870.
Full textAbstract:
El malware de ofuscación de memoria es una técnica sofisticada utilizada por los ciberdelincuentes para evitar la detección por parte de los programas antivirus y dificultar el análisis de la misma por parte de los investigadores de seguridad. El presente trabajo de investigación está basado en un conjunto de datos creado para representar escenarios en un ambiente real. Está compuesto por ransomware, troyanos y spyware, proporcionando un conjunto de datos con el fin de probar sistemas de detección de malware ofuscado. Un análisis inteligente de los datos utilizados para el presente estudio permite encontrar patrones comunes para identificar un malware ofuscado. La investigación planteada propone realizar un exhaustivo análisis para localizar tipos de malwares, relaciones y diferencias significativas que permitan extraer indicadores que puedan revelar la presencia de malware ofuscado en memoria. Existe un equilibrio de los datos entre el volcado de memoria benigno y su contraparte, el malware. Así mismo, el grupo compuesto por ransomware, troyanos y spyware en sus diferentes categorías tiene un alto equilibrio según el análisis realizado.
44
Naeem, Hamad, Bandar M. Alshammari, and Farhan Ullah. "Explainable Artificial Intelligence-Based IoT Device Malware Detection Mechanism Using Image Visualization and Fine-Tuned CNN-Based Transfer Learning Model." Computational Intelligence and Neuroscience 2022 (July 15, 2022): 1–17. http://dx.doi.org/10.1155/2022/7671967.
Full textAbstract:
Automated malware detection is a prominent issue in the world of network security because of the rising number and complexity of malware threats. It is time-consuming and resource intensive to manually analyze all malware files in an application using traditional malware detection methods. Polymorphism and code obfuscation were created by malware authors to bypass the standard signature-based detection methods used by antivirus vendors. Malware detection using deep learning (DL) approaches has recently been implemented in an effort to address this problem. This study compares the detection of IoT device malware using three current state-of-the-art CNN models that have been pretrained. Large-scale learning performance using GNB, SVM, DT, LR, K-NN, and ensemble classifiers with CNN models is also included in the results. In light of the findings, a pretrained Inception-v3 CNN-based transfer learned model with fine-tuned strategy is proposed to identify IoT device malware by utilizing color image malware display of android Dalvik Executable File (DEX). Inception-v3 retrieves the malware’s most important features. After that, a global max-pooling layer is applied, and a SoftMax classifier is used to classify the features. Finally, gradient-weighted class activation mapping (Grad-CAM) along the t-distributed stochastic neighbor embedding (t-SNE) is used to understand the overall performance of the proposed method. The proposed method achieved an accuracy of 98.5% and 91%, respectively, in the binary and multiclass prediction of malware images from IoT devices, exceeding the comparison methods in different evaluation parameters.
45
Nikhila, P. "Malwise-Malware Classification and Variant Extraction." IOSR Journal of Computer Engineering 13, no. 1 (2013): 61–66. http://dx.doi.org/10.9790/0661-1316166.
Full text
46
Behera, Chandan Kumar, and D. Lalitha Bhaskari. "Malware Methodologies and Its Future." International Journal of Information Security and Privacy 11, no. 4 (October 2017): 47–64. http://dx.doi.org/10.4018/ijisp.2017100104.
Full textAbstract:
Malware means any unwanted software that performs harmful actions or executes some tasks unauthorized. This includes all harmful programs like virus, worms, Trojan, rootkits, Botnets etc. The numbers of malwares rise exponentially with the increase of the use of digital media. With the enormous usage of internet world wide, the rate of cybercrimes has increased and giving life to many malwares in the cyber space. New technologies and skills should be developed and formulated to fight against malwares with the goals of automatic identification of malwares as well as their families. A lot of research is going on to combat the malwares, but still in vain. In order to design tools to fight against it, a systematic understanding is needed on its various types, behaviors along with different detection and analysis techniques. With all above, this paper summarizes a thorough information regarding malwares, their classification techniques, different obfuscation methods, packing and unpacking concepts along with particular tools.
47
Parajuli, Srijana, and Subarna Shakya. "Malware Detection and Classification Using Latent Semantic Indexing." Journal of Advanced College of Engineering and Management 4 (December 31, 2018): 153–61. http://dx.doi.org/10.3126/jacem.v4i0.23205.
Full textAbstract:
The increasing popularity of smart phones has led to the dramatic growth in mobile malware especially in Android platform. Many aspects of android permission has been studied for malware detection but sufficient attention has not been given to intent. This research work proposes using Latent Semantic Indexing for malware detection and classification with permissions and intents based features. This method analyses the Manifest file of an android application by understanding the risk level of permission and intents and assigning weight score based on their sensitivity. In an experiment conducted using a dataset containing 400 malware samples and 400 normal/benign samples, the results show accuracy of 83.5% using Android Intent against 79.1 % using Android permission. Additionally, experiment on combination of both features results in accuracy of 89.7%. It can be concluded from this research work that dataset with intent based features is able to detect malwares more when compared to permissions based features.
48
Muath Alrammal, Muath Alrammal, Munir Naveed Muath Alrammal, Suzan Sallam Munir Naveed, and Georgios Tsaramirsis Suzan Sallam. "A Critical Analysis on Android Vulnerabilities, Malware, Anti-malware and Anti-malware Bypassing." 網際網路技術學刊 23, no. 7 (December 2022): 1651–61. http://dx.doi.org/10.53106/160792642022122307019.
Full textAbstract:
<p>Android has become the dominant operating system for portable devices, making it a valuable asset that needs protection. Though Android is very popular; it has several vulnerabilities which attackers use for malicious intents. In this paper, we present a comprehensive study on the threats in Android OS that various malware developers exploit and the different malware functionality based on Android’s threats. Furthermore, we analyze and evaluate the anti-malware approaches implemented to face the malware functionalities. Finally, we analyze and categorize malware developers’ most common anti-analysis techniques to evade anti-malware approaches. It comes to our attention that many papers covered each topic separately; however, we could not find one comprehensive study that covers Android with such details that it could be used as a research handbook on Android malware. This is the main novelty and contribution of this work.</p> <p> </p>
49
Rahul Y. Pawar, Mr, and Dr C.Mahesh. "A Survey on Malware Detection Techniques on Linux Powered Smart Phones using Machine Learning Approaches." International Journal of Engineering & Technology 7, no. 3.34 (September 1, 2018): 8. http://dx.doi.org/10.14419/ijet.v7i3.34.18706.
Full textAbstract:
Mobile Phone manufacturers are continuously working to take move on with rapid pace on their new models and to match with the need of customer, they need to customize their system. However the security scenarios of such practice are not that known, due to this various malware and viruses are increasing day by day and causing harm to the devices. Due to the substantial damage caused by malware in last few years certain significant efforts on developing detection and defense mechanism against malwares. For detecting such malicious applications and malwares a security system should be developed which will target such anomaly or outliers in system. In data mining anomaly detection system plays a major role by monitoring the behavior of an application and categorizing them in to normal and abnormal to detect malwares present in the system.
50
Lee, Jaehyeong, Hyuk Jang, Sungmin Ha, and Yourim Yoon. "Android Malware Detection Using Machine Learning with Feature Selection Based on the Genetic Algorithm." Mathematics 9, no. 21 (November 5, 2021): 2813. http://dx.doi.org/10.3390/math9212813.
Full textAbstract:
Since the discovery that machine learning can be used to effectively detect Android malware, many studies on machine learning-based malware detection techniques have been conducted. Several methods based on feature selection, particularly genetic algorithms, have been proposed to increase the performance and reduce costs. However, because they have yet to be compared with other methods and their many features have not been sufficiently verified, such methods have certain limitations. This study investigates whether genetic algorithm-based feature selection helps Android malware detection. We applied nine machine learning algorithms with genetic algorithm-based feature selection for 1104 static features through 5000 benign applications and 2500 malwares included in the Andro-AutoPsy dataset. Comparative experimental results show that the genetic algorithm performed better than the information gain-based method, which is generally used as a feature selection method. Moreover, machine learning using the proposed genetic algorithm-based feature selection has an absolute advantage in terms of time compared to machine learning without feature selection. The results indicate that incorporating genetic algorithms into Android malware detection is a valuable approach. Furthermore, to improve malware detection performance, it is useful to apply genetic algorithm-based feature selection to machine learning.