Classification and Analysis of Malicious Code Detection Techniques Based on the APT Attack

Lee, Kyungroul; Yim, Kangbin

doi:10.3390/app13052894

Cited by 9 publications

(3 citation statements)

References 90 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The principal limitation of signature-based systems lies in their inherent dependency on known threat databases. This characteristic renders them notably inadequate in detecting novel or heavily obfuscated malware variants that deviate from recognized patterns (Haidros Rahima Lee et al 2023).…”

Section: Review On Detection Approaches Of Obfuscated Malware In Memo...mentioning

confidence: 99%

Enhanced detection of obfuscated malware in memory dumps: a machine learning approach for advanced cybersecurity

Hossain,

Islam

2024

Cybersecurity

View full text Add to dashboard Cite

In the realm of cybersecurity, the detection and analysis of obfuscated malware remain a critical challenge, especially in the context of memory dumps. This research paper presents a novel machine learning-based framework designed to enhance the detection and analytical capabilities against such elusive threats for binary and multi type’s malware. Our approach leverages a comprehensive dataset comprising benign and malicious memory dumps, encompassing a wide array of obfuscated malware types including Spyware, Ransomware, and Trojan Horses with their sub-categories. We begin by employing rigorous data preprocessing methods, including the normalization of memory dumps and encoding of categorical data. To tackle the issue of class imbalance, a Synthetic Minority Over-sampling Technique is utilized, ensuring a balanced representation of various malware types. Feature selection is meticulously conducted through Chi-Square tests, mutual information, and correlation analyses, refining the model’s focus on the most indicative attributes of obfuscated malware. The heart of our framework lies in the deployment of an Ensemble-based Classifier, chosen for its robustness and effectiveness in handling complex data structures. The model’s performance is rigorously evaluated using a suite of metrics, including accuracy, precision, recall, F1-score, and the area under the ROC curve (AUC) with other evaluation metrics to assess the model’s efficiency. The proposed model demonstrates a detection accuracy exceeding 99% across all cases, surpassing the performance of all existing models in the realm of malware detection.

show abstract

Section: Review On Detection Approaches Of Obfuscated Malware In Memo...mentioning

confidence: 99%

Enhanced detection of obfuscated malware in memory dumps: a machine learning approach for advanced cybersecurity

Hossain,

Islam

2024

Cybersecurity

View full text Add to dashboard Cite

show abstract

“…Code injection attacks commonly target pre-existing data vulnerabilities, such as insecure manipulation of data from untrusted sources. (Lee et al, 2023) Insider Threats An insider threat refers to a cyberattack that is initiated by an individual who is employed by an organization or has authorized access to its networks or systems. An insider threat refers to an individual who poses a risk to an organization's security and can include current or former employees, consultants, board members, or business partners.…”

Section: Code Injection Attacksmentioning

confidence: 99%

Examining the Role of Artificial Intelligence in Cyber Security (CS): A Systematic Review for Preventing Prospective Solutions in Financial Transactions

Faraji,

Shikder,

Hasan

et al. 2024

Intl. J. Rel.

View full text Add to dashboard Cite

Artificial intelligence (AI) is a powerful technology that helps cybersecurity teams automate repetitive tasks, accelerate threat detection and response, and improve the accuracy of their actions to strengthen their security posture against various security issues and cyberattacks. This objective focuses on analysing how AI-based cyber security (CS) solutions improve performance in financial transactions and banking sectors. It also aims to identify the latest advancements in AI-driven CS) research to enhance security and operational efficiency in the financial sector. This article presents a systematic literature review and a detailed analysis of AI use cases for cybersecurity in financial transactions. The review resulted in 800 studies, of which 225 articles remain. This paper will provide readers with a comprehensive overview of the potential of AI to improve cybersecurity in financial transactions. The review also identifies future research opportunities in examining cybersecurity application areas, advanced AI methods, data representation, and the development of new infrastructures for successful adoption in financial transactions. The paper might increase cyber security systems’ performance by increasing their defence against cyberattacks. Artificial intelligence approaches improve and enhance cyber security with machine learning and deep learning, fraud and threat detection, and this makes sure a secure and safe financial transaction. This study helps identify how to make transactions safer with cyber security. This study highlights the vital role of evaluation and continuous adaptation in AI. In the near future, this topic should focus on more collaboration among AI, cyber security, and system developers for better and secured outcomes.

show abstract

“…Attackers are known to use valid websites and injecting malware into them which may include links, iFrames, JavaScript codes, cross site scripts and redirects [46]. Malicious code is injected into the browser when users visit infected pages, which then scans the system for vulnerabilities [47], [48]. This form of attack is prevented by regular scanning of the system, removing unwanted plug-ins and software, using web filters and firewalls.…”

Section: Drive By Downloadmentioning

confidence: 99%

Assessment of existing cyber-attack detection models for web-based systems

Awuor¹

2023

Global J. Eng. Technol. Adv.

View full text Add to dashboard Cite

In the current technological environment, different entities engage in intricate cyber security approaches in order to counter damages and disruptions in web-based systems. The design of the security protocols relies on the guarantee that attacks are prevented in the web-based systems. Prevention and detection using techniques such as access control tools, encryption and firewalls present limitations in the full protection of web-based systems. Furthermore, despite the sophistication of current systems, there are still shortfalls in high false positive and false negative threat detection rates, which is attributed to poor adaptation by systems and networks to the changing threats and behavior of cyber-criminals. In this perspective, this survey paper discusses the existing cyber-attack detection models, and recommends the cyber-attack detection models and techniques that are appropriate for web-based systems. It is evident that deep learning techniques offer better performance and robustness compared to traditional machine learning techniques and other non-artificial intelligence-based techniques. Deep learning techniques learn and extract features automatically without human intervention and can also handle big and multidimensional data more conventionally than the other techniques.

show abstract

Classification and Analysis of Malicious Code Detection Techniques Based on the APT Attack

Cited by 9 publications

References 90 publications

Enhanced detection of obfuscated malware in memory dumps: a machine learning approach for advanced cybersecurity

Enhanced detection of obfuscated malware in memory dumps: a machine learning approach for advanced cybersecurity

Examining the Role of Artificial Intelligence in Cyber Security (CS): A Systematic Review for Preventing Prospective Solutions in Financial Transactions

Assessment of existing cyber-attack detection models for web-based systems

Contact Info

Product

Resources

About