A Zero-Day Resistant Malware Detection Method for Securing Cloud Using SVM and Sandboxing Techniques

Kumar, Saket; Singh, Chandra Bhim Bhan

doi:10.1109/icicct.2018.8473321

Cited by 10 publications

(6 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There is no such thing as a 0-day detector It is usual for many ML-based detector proposals to state that their approach are resistant to 0-day attacks (i.e., attacks leveraging so-far unknown threats and/or payloads) because they rely on a ML model [1,95]. This is also somehow a pitfall, and we credit this as the poor understanding that ML models are a type of signature, as previously presented.…”

Section: 2mentioning

confidence: 92%

Machine Learning (In) Security: A Stream of Problems

Ceschin,

Gomes,

Botacin

et al. 2020

Preprint

View full text Add to dashboard Cite

Machine Learning (ML) has been widely applied to cybersecurity, and is currently considered state-of-the-art for solving many of the field´s open issues. However, it is very difficult to evaluate how good the produced solutions are, since the challenges faced in security may not appear in other areas (at least not in the same way). One of these challenges is the concept drift, that actually creates an arms race between attackers and defenders, given that any attacker may create novel, different threats as time goes by (to overcome defense solutions) and this "evolution´´is not always considered in many works. Due to this type of issue, it is fundamental to know how to correctly build and evaluate a ML-based security solution. In this work, we list, detail, and discuss some of the challenges of applying ML to cybersecurity, including concept drift, concept evolution, delayed labels, and adversarial machine learning. We also show how existing solutions fail and, in some cases, we propose possible solutions to fix them.

show abstract

Section: 2mentioning

confidence: 92%

Machine Learning (In) Security: A Stream of Problems

Ceschin,

Gomes,

Botacin

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

“…They applied six different classifiers and observed that RF achieved the best accuracy for both static and dynamic analyses, 98.21% and 98.92%, respectively. Similarly, the studies ( Patidar & Khandelwal, 2019 ; Gupta & Rani, 2018 ; Kumar & Singh, 2018 ; Venkatraman & Alazab, 2018 ) claim zero-day malware detection using machine learning techniques. The study ( Zhang, Kuo & Yang, 2019 ) focuses on malware type detection or classification of malware family instead of binary classification.…”

Section: Literature Reviewmentioning

confidence: 97%

Windows malware detection based on static analysis with multiple features

Yousuf

Anwer

Riasat

et al. 2023

PeerJ Computer Science

View full text Add to dashboard Cite

Malware or malicious software is an intrusive software that infects or performs harmful activities on a computer under attack. Malware has been a threat to individuals and organizations since the dawn of computers and the research community has been struggling to develop efficient methods to detect malware. In this work, we present a static malware detection system to detect Portable Executable (PE) malware in Windows environment and classify them as benign or malware with high accuracy. First, we collect a total of 27,920 Windows PE malware samples divided into six categories and create a new dataset by extracting four types of information including the list of imported DLLs and API functions called by these samples, values of 52 attributes from PE Header and 100 attributes of PE Section. We also amalgamate this information to create two integrated feature sets. Second, we apply seven machine learning models; gradient boosting, decision tree, random forest, support vector machine, K-nearest neighbor, naive Bayes, and nearest centroid, and three ensemble learning techniques including Majority Voting, Stack Generalization, and AdaBoost to classify the malware. Third, to further improve the performance of our malware detection system, we also deploy two dimensionality reduction techniques: Information Gain and Principal Component Analysis. We perform a number of experiments to test the performance and robustness of our system on both raw and selected features and show its supremacy over previous studies. By combining machine learning, ensemble learning and dimensionality reduction techniques, we construct a static malware detection system which achieves a detection rate of 99.5% and error rate of only 0.47%.

show abstract

“…This method is essentially a manual comparison of some systems' typical actions. Lowering the , [55], [58], [59], [62], [63], [65], [68], [72], [73], [74], [75], [78], [79], [80], [82], [86], [91], [92], [93], [95], [97], [103], [104], [106], [107], [108], [110], [111], [112], [114], [115], [116], [117], [118], [120], [122], [123], [126] Behaviorbased…”

Section: D: Specification-basedmentioning

confidence: 99%

“…Furthermore, the outdated dataset used in the experiment, which offers little or no utility as a benchmark for the performance of malware detection systems on a modern network [119], also contributed to this issue. [53], [58], [59], [65], [68], [78], [79], [82], [86], [91], [95], [97], [103], [104], [106], [108], [111], [112], [115], [118], [120], [122], [123] Dynamic 2 6 5 9 2 2 1 1 2 0 2 [55], [62], [63], [72], [74], [75], [92], [93], [107], [110], [113], [114], [116], [117], [126] Hybrid 2 4 3 4 1 0 0 3 1 1 3 [54], [56], [57], [60], [61], [64], [66], [67], [69], [70]...…”

Section: A Dataset Usedmentioning

confidence: 99%

Machine Learning Algorithm for Malware Detection: Taxonomy, Current Challenges, and Future Directions

et al. 2023

View full text Add to dashboard Cite

Malware has emerged as a cyber security threat that continuously changes to target computer systems, smart devices, and extensive networks with the development of information technologies. As a result, malware detection has always been a major worry and a difficult issue, owing to shortcomings in performance accuracy, analysis type, and malware detection approaches that fail to identify unexpected malware attacks. This paper seeks to conduct a thorough literature review and offer a taxonomy of machine learning methods for malware detection that considers these problems by analyzing 77 chosen research works. The research investigates malware and machine learning in the context of cybersecurity, including malware detection taxonomy and machine learning algorithm classification into numerous categories. Furthermore, the taxonomy was used to evaluate the most recent machine learning algorithm and analysis. The paper also examines the obstacles and associated concerns encountered in malware detection and potential remedies. Finally, to address the related issues that would motivate researchers in their future work, an empirical study was utilized to assess the performance of several machine learning algorithms.INDEX TERMS Malware detection, machine learning algorithms, state-of-the-art.

show abstract

A Zero-Day Resistant Malware Detection Method for Securing Cloud Using SVM and Sandboxing Techniques

Cited by 10 publications

References 4 publications

Machine Learning (In) Security: A Stream of Problems

Machine Learning (In) Security: A Stream of Problems

Windows malware detection based on static analysis with multiple features

Machine Learning Algorithm for Malware Detection: Taxonomy, Current Challenges, and Future Directions

Contact Info

Product

Resources

About