A Novel Method for Detecting Future Generations of Targeted and Metamorphic Malware Based on Genetic Algorithm

Javaheri, Danial; Lalbakhsh, Pooia; Hosseinzadeh, Mehdi

doi:10.1109/access.2021.3077295

Cited by 28 publications

(19 citation statements)

References 46 publications

(61 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…fMeasure values for different models Figure8. fMeasure values for different models Similar to precision and recall, this evaluation, and figure8evaluate that an improvement of 12.8% when compared with 2D CNN[8], 10.5% when compared with MMGA[11], and 9.4% when compared with RNN[19] in terms of fMeasure is obtained due to incorporation of Forensic Neural Network (FNN) with Augmented Convolutional Models (ACMs) for identification of different malware types. Results of the model in terms of localization can be observed from figure9(a), and 9 (b), wherein binary file is converted into 2D vectors, and malware affected regions are marked with brighter colour levels.…”

mentioning

confidence: 65%

“…Researchers can also integrate explainable AI to understand the source of malwares for different binary-specific use cases. Average Recall for Different Models 2D CNN [8] MMGA [11] RNN [19] ACM FNN…”

Section: Discussionmentioning

confidence: 99%

“…For instance, work in [1,2,3] proposes use of call graphs, system calls, and explainable Artificial Intelligence (AI) methods for improving classification & localization performance under real-time cyber physical systems. Similar models are discussed in [4,5,6 [10], and Metamorphic Malware detection via Genetic Algorithm (MMGA) [11] are discussed by researchers. These models utilize large-scale & high-density feature extraction techniques in order to improve accuracy of detection & localization of malwares with different signatures.…”

Section: Literature Reviewmentioning

confidence: 97%

“…RNN [19]; for comparison with the proposed model. The models proposed in 2D CNN [8], MMGA [11] & RNN [19] were trained & validated, the same set of data samples during evaluation. This assisted in estimating real-time performance of the reviewed models on similar simulation conditions.…”

Section: Comparative Analysismentioning

confidence: 99%

“…This efficiency was evaluated for Electro RAT, Pegasus, SkyGoFree, Viking Horde, Bat Skull, Yesmile, Wirenet, Jigsaw, Satana, & Tapaoux datasets in terms of accuracy, precision, recall, and fMeasure performance. These datasets were downloaded from the following sources,  Hybrid Analysis, which is available at https://www.hybrid-analysis.com/filecollections  Malware Bazaar database, which is available at https://bazaar.abuse.ch/browse/  Malware Tips database, which is available at https://malwaretips.com/forums/malwaresamples.104/  VXVault database, which is available at http://vxvault.net//ViriList.php  Malware Traffic Net database, which is available at https://www.malware-trafficanalysis.net/ Based on these datasets and comparison attributes, performance was evaluated for 2D CNN [8], MMGA [11]. RNN [19]; for comparison with the proposed model.…”

Section: Comparative Analysismentioning

confidence: 99%

See 4 more Smart Citations

ACMFNN: Design of an augmented convolutional model for intelligent cross-domain malware localization via forensic neural networks

Pateriya

Tomar

2022

Preprint

View full text Add to dashboard Cite

Classification of malwares from spatial & temporal data patterns requires efficient design of deep learning models. These models deploy methods for feature extraction, feature selection, classification & post-processing to perform this task. A wide variety of high-efficiency malware analysis models are proposed by researchers, and most of them are application-specific, thus cannot be scaled to multiple domains. Out of these, only a few of these models are targeted towards identification of malware locations. In order to improve malware detection scalability, and localization performance, this text proposes a novel augmented convolutional model (ACM) for intelligent cross-domain malware analysis via forensic neural networks (FNNs). The FNNs are designed as an integration of multiple augmented convolutional models, which include different optimizers & feature extraction units. In this design, each of these units are customized to improve their feature extraction & selection capabilities, which assists in improving classification performance. Results of classification are given to an ACM layer, which performs feature augmentation to localize malware positions in input data. The proposed model was evaluated on multiple malware datasets, including Electro RAT, Pegasus, SkyGoFree, Viking Horde, Bat Skull, Yesmile, Wirenet, Jigsaw, Satana, Tapaoux, etc. It was observed that the proposed model was able to classify these malwares with an average accuracy of 98.5%, which makes it useful for real-time malware analysis. The model was also able to achieve an average localization accuracy of 79.6% across these datasets, thereby assisting forensic experts to obtain an approximate estimate of malware locations in input data streams. This performance was compared with some of the recently proposed malware detection models, and it was observed that the proposed ACMFNN method has 8% better precision, 6.5% better recall, and 9.4% better classification accuracy when compared with these methods on the same dataset. Due to augmented convolutional model, it was observed that the proposed approach had 15% better localization accuracy, 19% better localization precision, and 14% better localization recall when compared with these methods. Thereby indicating that the propose model is applicable for a wide variety of malware detection & localization application deployments.

show abstract

mentioning

confidence: 65%

Section: Discussionmentioning

confidence: 99%

Section: Literature Reviewmentioning

confidence: 97%

Section: Comparative Analysismentioning

confidence: 99%

Section: Comparative Analysismentioning

confidence: 99%

See 3 more Smart Citations

ACMFNN: Design of an augmented convolutional model for intelligent cross-domain malware localization via forensic neural networks

Pateriya

Tomar

2022

Preprint

View full text Add to dashboard Cite

show abstract

IoT malware detection using static and dynamic analysis techniques: A systematic literature review

Kumar,

Ahlawat,

Sahni

2024

Security and Privacy

View full text Add to dashboard Cite

The Internet of Things (IoT) is reshaping the world with its potential to support new and evolving applications in areas, such as healthcare, automation, remote monitoring, and so on. This rapid popularity and growth of IoT‐based applications coincides with a significant surge in threats and malware attacks on IoT devices. Furthermore, the widespread usage of Linux‐based systems in IoT devices makes malware detection a challenging task. Researchers and practitioners have proposed a variety of techniques to address these threats in the IoT ecosystem. Both researchers and practitioners have proposed a range of techniques to counter these threats within the IoT ecosystem. However, despite the multitude of proposed techniques, there remains a notable absence of a comprehensive and systematic review assessing the efficacy of static and dynamic analysis methods in detecting IoT malware. This research work is a systematic literature review (SLR) that aims to offer a concise summary of the latest advancements in the field of IoT malware detection, specifically focusing on the utilization of static and dynamic analytic techniques. The SLR focuses on examining the present status of research, methodology, and trends in the area of IoT malware detection. It accomplishes this by synthesizing the findings from a wide range of scholarly works that have been published in well‐regarded academic journals and conferences. Additionally, the SLR highlights the significance of the empirical process that includes the role of selecting datasets, accurate feature selection and the utilization of machine learning algorithms in enhancing the detection accuracy. The study also evaluates the capability of different analysis techniques to detect malware and compares the performance of various models for IoT malware detection. Furthermore, the review concluded by addressing several open issues and challenges that the research community as a whole must address.

show abstract

MTV-SCA: multi-trial vector-based sine cosine algorithm

Nadimi-Shahraki,

Taghian,

Javaheri

et al. 2024

Cluster Comput

View full text Add to dashboard Cite

A Novel Method for Detecting Future Generations of Targeted and Metamorphic Malware Based on Genetic Algorithm

Cited by 28 publications

References 46 publications

ACMFNN: Design of an augmented convolutional model for intelligent cross-domain malware localization via forensic neural networks

ACMFNN: Design of an augmented convolutional model for intelligent cross-domain malware localization via forensic neural networks

IoT malware detection using static and dynamic analysis techniques: A systematic literature review

MTV-SCA: multi-trial vector-based sine cosine algorithm

Contact Info

Product

Resources

About