Analyzing the Efficiency of Machine Learning Classifiers in Hardware-Based Malware Detectors

Kuruvila, Abraham Peedikayil; Kundu, Shamik; Basu, Kanad

doi:10.1109/isvlsi49217.2020.00-15

Cited by 19 publications

(6 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hardware Performance Counters (HPCs) have been typically used by the programmers to analyze and measure the performance of applications and to identify the execution bottlenecks of a program (Beneventi et al, 2017;Kuruvila, Kundu & Basu, 2020). Initially, HPCs have been employed for investigating the static and dynamic analysis of programs to detect any malicious amendments as mentioned in Alam et al (2020) and Malone, Zahran & Karri (2011).…”

Section: Introductionmentioning

confidence: 99%

“…Initially, HPCs have been employed for investigating the static and dynamic analysis of programs to detect any malicious amendments as mentioned in Alam et al (2020) and Malone, Zahran & Karri (2011). Several studies (Das et al, 2019;Demme et al, 2013;Singh et al, 2017;Wang et al, 2016) discuss potential implications of using HPC for application analysis, and the majority of them suggest that hardware execution profile can effectuate the detection of malware (Demme et al, 2013;Singh et al, 2017;Wang et al, 2016;Kuruvila, Kundu & Basu, 2020). Another study (Xu et al, 2017) has utilized the hardware execution profiles to detect malware using machine learning algorithms, as malware changes data structures and control flow, leaving fingerprints on accesses to program memory.…”

Section: Introductionmentioning

confidence: 99%

“…Afterward, these features are fed to some well-known machine learning classification models such as Decision Tree (Kohavi, 1996), Random Forest (Liaw & Wiener, 2002), Gradient Boosting (Friedman, 1999) and Extreme Gradient Boosting (XGBoost) (Chen & Tong, 2021). These four classifiers are generally used for classification tasks of various applications including spam detection, face recognition and financial predictions (Jordan & Mitchell, 2015;Kuruvila, Kundu & Basu, 2020), etc. We employ these four classifiers as part of the proposed methodology to analyze their performance for ransomware detection.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

On the classification of Microsoft-Windows ransomware using hardware profile

Aurangzeb

Rais

Aleem

et al. 2021

PeerJ Computer Science

View full text Add to dashboard Cite

Due to the expeditious inclination of online services usage, the incidents of ransomware proliferation being reported are on the rise. Ransomware is a more hazardous threat than other malware as the victim of ransomware cannot regain access to the hijacked device until some form of compensation is paid. In the literature, several dynamic analysis techniques have been employed for the detection of malware including ransomware; however, to the best of our knowledge, hardware execution profile for ransomware analysis has not been investigated for this purpose, as of today. In this study, we show that the true execution picture obtained via a hardware execution profile is beneficial to identify the obfuscated ransomware too. We evaluate the features obtained from hardware performance counters to classify malicious applications into ransomware and non-ransomware categories using several machine learning algorithms such as Random Forest, Decision Tree, Gradient Boosting, and Extreme Gradient Boosting. The employed data set comprises 80 ransomware and 80 non-ransomware applications, which are collected using the VirusShare platform. The results revealed that extracted hardware features play a substantial part in the identification and detection of ransomware with F-measure score of 0.97 achieved by Random Forest and Extreme Gradient Boosting.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

On the classification of Microsoft-Windows ransomware using hardware profile

Aurangzeb

Rais

Aleem

et al. 2021

PeerJ Computer Science

View full text Add to dashboard Cite

show abstract

“…The combination of these three words creates the main guidelines for protecting and securing information. Cloud/ Cluster/ Big data [100], [101], [117], [123], [134], [143], [164], [171], [197] 3 Industry [130], [52], [148], [171], [206], [ IoT devices in general Hardware [94], [95], [112], [114], [163], [168], [179], [180] Software [97], [98], [113], [122], [141], [152], [155], [157], [160], [181], [193]…”

Section: Ciamentioning

confidence: 99%

A Survey of Using Machine Learning in IoT Security and the Challenges Faced by Researchers

Harahsheh,

Chen

2023

IJCAI

View full text Add to dashboard Cite

The Internet of Things (IoT) has become more popular in the last 15 years as it has significantly improved and gained control in multiple fields. We are nowadays surrounded by billions of IoT devices that directly integrate with our lives, some of them are at the center of our homes, and others control sensitive data such as military fields, healthcare, and datacenters, among others. This popularity makes factories and companies compete to produce and develop many types of those devices without caring about how secure they are. On the other hand, IoT is considered a good insecure environment for cyber thefts. Machine Learning (ML) and Deep Learning (DL) also gained more importance in the last 15 years; they achieved success in the networking security field too. IoT has some similar security requirements such as traditional networks, but with some differences according to its characteristics, some specific security features, and environmental limitations, some differences are made such as low energy resources, limited computational capability, and small memory. These limitations inspire some researchers to search for the perfect and lightweight security ways which strike a balance between performance and security. This survey provides a comprehensive discussion about using machine learning and deep learning in IoT devices within the last five years. It also lists the challenges faced by each model and algorithm. In addition, this survey shows some of the current solutions and other future directions and suggestions. It also focuses on the research that took the IoT environment limitations into consideration.Povzetek: Podan je pregled uporabe strojnega in globokega učenja v IoT napravah ter izzivov, rešitev in prihodnjih smeri raziskav.Informatica 47 (2023) 1-54 k. Harahsheh et al.

show abstract

“…However, research efforts are already in progress to address this issue, e.g., it is recommended to develop behavioral-based antimalware like Intrusion Detection/Prevention Systems (IDPS) for IoT-based systems rather than using signature-based systems where loaded signature databases can slow down the performance of IoTbased systems [29]. Some research efforts are also on the way to improve the behavior-based antimalware further by using machine learning techniques such as Hierarchical Extreme Learning Machine (H-ELM) [30] and machine learning techniques in Hardware-based Malware Detectors (HMDs) [31,32]. Furthermore, spatial firewalls equipped with state-of-the-art security and antimalware programs are also being designed to protect the IoT-based systems [24].…”

Section: Analysis and Recommendations For Iot-based Paymentmentioning

confidence: 99%

Towards Secure IoT-Based Payments by Extension of Payment Card Industry Data Security Standard (PCI DSS)

Bhutta

Bhatia

Alojail

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

IoT emergence has given rise to a new digital experience of payment transactions where physical objects like refrigerators, cars, and wearables will make payments. These physical objects will be storing the cardholder credentials and will directly make payments with the vendors over insecure public networks. For such payment transactions, government regulations and standards organizations require to implement PCI DSS for adapting similar set of security measures at the global level. The current version of PCI DSS is not suitable for IoT-based payment systems due to characteristics of IoT such as resource-constrained nature of devices and updating software/firmware of so many physical devices. Also, there arises an emergent need of implementing PCI DSS requirements and assessments for security of all stakeholders that store or process the user credentials in a payment. This paper is an initial effort to bring the researcher’s attention to make upcoming versions of PCI DSS suitable for IoT and thus securing the new ways of IoT-based payment systems. The paper has reviewed the traditional payment process along with considerations for IoT-based payment systems to make recommendations to modify the PCI DSS in a suitable way for IoT.

show abstract

Analyzing the Efficiency of Machine Learning Classifiers in Hardware-Based Malware Detectors

Cited by 19 publications

References 16 publications

On the classification of Microsoft-Windows ransomware using hardware profile

On the classification of Microsoft-Windows ransomware using hardware profile

A Survey of Using Machine Learning in IoT Security and the Challenges Faced by Researchers

Towards Secure IoT-Based Payments by Extension of Payment Card Industry Data Security Standard (PCI DSS)

Contact Info

Product

Resources

About