Background and Objective: Almost all malwares running on web-server are php codes. Then, the present paper creates a NGAV (Next Generation Antivirus) expert in auditing threats web-based, specifically from php files, in real time.Methods: In our methodology, the malicious behaviors, of the personal computer, serve as input attributes of the statistical learning machines. In all, our dynamic feature extraction monitors 11,777 behaviors that the web fileless attack can do when launched directly from a malicious web-server to a listening service in a personal computer.Results: Our NGAV achieves an average 99.95% accuracy in the distinction between benign and malware web scripts. Distinct initial conditions and kernels of neural networks classifiers are investigated in order to maximize the accuracy of our NGAV.Conclusions: Our NGAV can supply the limitations of the commercial antiviruses as for the detection of Web fileless attack. In opposition of analysis of individual events, our engine employs authorial Web-server Sandbox, machine learning, and artificial intelligence in order to identify malicious Web-sites.
Traffic identification and classification are essential tasks performed by Internet Service Provider (ISPs) administrators. Deep Packet Inspection (DPI) is currently playing a key role in traffic identification and classification due to its increased expressive power. To allow fair comparison among different DPI techniques and systems, workload generators should have the following characteristics: (i) synthetic packets with meaningful payloads; (ii) TCP and UDP traffic generation; (iii) a configurable network traffic profile, and (iv) a high-speed sending rate. This paper proposes a workload generator framework which inherits all of the above characteristics. A performance evaluation shows that our flexible workload generator system achieves very high sending rates over a 10Gbps network, using a commodity Linux machine. Additionally, we have configured and tested our workload generator following a real application traffic profile. We then analyzed its results within a DPI system, proving its accuracy and efficiency.
Java vulnerabilities correspond to 91% of all exploits observed on the worldwide web. The present work aims to create antivirus software with machine learning and artificial intelligence and master in Java malware detection. Within the proposed methodology, the suspected JAR sample is executed to intentionally infect the Windows OS monitored in a controlled environment. In all, our antivirus monitors and considers, statistically, 6824 actions that the suspected JAR file can perform when executed. Our antivirus achieved an average performance of 91.58% in the distinction between benign and malware JAR files. Different initial conditions, learning functions and architectures of our antivirus are investigated. The limitations of commercial antiviruses can be supplied by intelligent antiviruses. Instead of blacklist-based models, our antivirus allows JAR malware detection preventively and not reactively as Oracle’s Java and traditional antivirus modus operandi.
Network Management depends on precise characterization of the traffic profile of networked applications. When the identification and classification of network flows is done using machine learning, the characterization of traffic still requires an approach that is capable of providing a balance between accuracy and processing speed in real-time scenarios. This paper proposes an architecture to classify network traffic based on Stream Data Mining techniques using Graphic Processing Units (GPU), in order to meet the requirements of both classification accuracy and speed. Our proposal combines the characteristics of data mining techniques with a continuous stream of input data, and with high processing performance GPU architecture. Results show that our approach provides accuracy comparable to or better than existing related work (e.g., above 95%) while ramping up performance (e.g., up to 62x speed up), comparing the different implementations of our approach. These facts allow the deployment of the proposed technique to the realtime management of high speed backbone links. I.INTRODUCTION he diversity of applications for computer networks has increased considerably over the last decade. Additionally, the management and monitoring of networks depends on the precise characterization of the traffic profile generated by the network applications [1] [5]. To this end, there are three approaches that can be used to classify network traffic [5], namely port-based, packet payload inspection, and flow-based techniques. Port-based traffic identification has a low computational cost and is very inaccurate [11]. On the other hand, packet payload inspection presents very accurate results, but it requires high computational processing. Additionally, it cannot identify encrypted traffic and, in some countries, it cannot be deployed due to legal restrictions. Therefore, flowbased classification becomes the best alternative, since it presents both high accuracy and relatively low computational demands [20]. This type of traffic classification involves classifying the flow (the aggregation of network packets, defined by a 5-tuple [5]) according to its features.However, the use of flow-based techniques shows us other important issues in the design of a flow-based classifier. The capacity of the collector machine to store flow records and the computational performance of the flow classifier are relevant. For example, a router on a 10 Gbps link can deal with approximately 10 thousand flows simultaneously [3]. From a classification perspective, a high number of flows imply a huge computational cost. This is because the memory and performance requirements increase as the number of flows
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.