A Comparative Analysis of Machine Learning Techniques for Classification and Detection of Malware

Aljanabi, Maryam; Altamimi, Ahmad Mousa

doi:10.1109/acit50332.2020.9300081

Cited by 11 publications

(5 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A malware detector has a data collector that collects information about the program interpreter and data matcher. Program interpreter converts the data to a useful representation, data matchers compare the interpreted data with the program behavior (Al-Janabi and Altamimi, 2020). Most of the literature classifies anomaly detection as shown below (Alabadi and Celik, 2020):…”

Section: Intrusion Detection Systems (Ids)mentioning

confidence: 99%

Cyber Security Threats and Countermeasures using Machine and Deep Learning Approaches: A Survey

Manjula¹,

Venkatesh²,

Venugopal³

2023

Journal of Computer Science

View full text Add to dashboard Cite

Recent advancements in e-business, e-healthcare, e-governance, and online digital transactions have brought valuable benefits. Unfortunately, it raises severe cyber-attacks. Cyberattacks disrupt normal operations, try to retrieve confidential information and defense secrets, and subvert the nation's defense systems and Internet-connected devices. Cyber security solutions are required to detect, analyze, defend against threats and protect sensitive data from unauthorized access. This study gives a detailed survey of different cybersecurity attacks, like Denial-of-service attacks, Botnet Evasion Attacks, Malware invasions, Spam and phishing invasion, Spoofing, Domain Generation algorithms, Probing attacks, R2L, and U2R attacks. This research review emphasizes Machine Learning and Deep Learning-based approaches to Cybersecurity problems. This study's key highlights are the research challenges, cybersecurity issues, cyber security domains, and tools for the Intrusion detection system. Data sets play a vital role in cybersecurity research; hence, Private and Publically available datasets are reviewed in this study. Various performance matrices are discussed in this survey which can be used to evaluate the effectiveness of cybersecurity solutions.

show abstract

Section: Intrusion Detection Systems (Ids)mentioning

confidence: 99%

Cyber Security Threats and Countermeasures using Machine and Deep Learning Approaches: A Survey

Manjula¹,

Venkatesh²,

Venugopal³

2023

Journal of Computer Science

View full text Add to dashboard Cite

show abstract

“…The introduction of these security mechanisms in conjunction with platform improvements of Treble [78], [79], original equipment manufacturer (OEM) agreements and Android Enterprise Recommended has significantly advanced and improved the Android ecosystem security. Despite all the security advancements, 0.11% of Android mobile devices were compromised by user-wanted (UW) PHAs called Chamois [80] in 2018. Other variants such as Snowfox, Cosiloon, BreadSMS, View SDK, Triada, CardinalFall Eager-Fonts, and Idle Coconut [81] later emerged with similar characteristics.…”

Section: Smart Malware Evasion Trends Using Technological Techniquesmentioning

confidence: 99%

Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies

Ashawa

Morris

2021

JISCR

View full text Add to dashboard Cite

The open-source and popularity of Android attracts hackers and has multiplied security concerns targeting devices. As such, malware attacks on Android are one of the security challenges facing society. This paper presents an analysis of mobile malware evolution between 2000-2020. The paper presents mobile malware types and in-depth infection strategies malware deploys to infect mobile devices. Accordingly, factors that restricted the fast spread of early malware and those that enhance the fast propagation of recent malware are identified. Moreover, the paper discusses and classifies mobile malware based on privilege escalation and attack goals. Based on the reviewed survey papers, our research presents recommendations in the form of measures to cope with emerging security threats posed by malware and thus decrease threats and malware infection rates. Finally, we identify the need for a critical analysis of mobile malware frameworks to identify their weaknesses and strengths to develop a more robust, accurate, and scalable tool from an Android detection standpoint. The survey results facilitate the understanding of mobile malware evolution and the infection trend. They also help mobile malware analysts to understand the current evasion techniques mobile malware deploys

show abstract

“…Important information like this can be stolen, modified or deleted by attackers with malware attacks. Malware can infiltrate the system by taking advantage of security vulnerabilities in the network, causing significant damage, especially to institutions and organizations [3]. Therefore, protection from malware attacks is one of the important issues in terms of providing cyber security.…”

Section: Introductionmentioning

confidence: 99%

Detection of Different Windows PE Malware Using Machine Learning Methods

et al. 2023

View full text Add to dashboard Cite

The types and application areas of cyber attacks are increasing and diversifying. Accordingly, the effects of attacks are constantly increasing or changing every moment. Among the attacks, malware attacks also have diversified and gained a wide place in the cyber world. With the use of different techniques and methods, there are problems in detecting and preventing malware attacks. These problems cause the systems' cyber security not to be fully ensured. Due to these situations, different malware attacks are discussed in the study, and the effects of attacks on Windows security are examined. A test-bed called AyEs has been prepared. Different attacks have been carried out, such as screenshots, vnc, aimed at hijacking or corrupting the victim system. The AyEs dataset was created by listening to the system network packets obtained due to the attacks. The dataset was preprocessed and made suitable for analysis. Machine learning methods such as Naive Bayes, J48, BayesNet, IBk, AdaBoost and LogitBoost were used on the dataset to detect malware attacks. J48 and IBk methods, which were found to provide high performance as a result of the analyzes, were suggested in the study. In this way, detection systems suitable for possible attack situations against Windows systems will be implemented easily and effectively. In addition to attack detection, an active role will be assumed in determining the type of attack.

show abstract

A Comparative Analysis of Machine Learning Techniques for Classification and Detection of Malware

Cited by 11 publications

References 31 publications

Cyber Security Threats and Countermeasures using Machine and Deep Learning Approaches: A Survey

Cyber Security Threats and Countermeasures using Machine and Deep Learning Approaches: A Survey

Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies

Detection of Different Windows PE Malware Using Machine Learning Methods

Contact Info

Product

Resources

About