Developing a novel methodology for virtual machine introspection to classify unknown malware functions

Vaza, Rahul N.; Prajapati, Ramesh; Rathod, Dushyantsinh; Vaghela, Dineshkumar B.

doi:10.1007/s12083-021-01281-5

Cited by 5 publications

(1 citation statement)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As the number of new malware continues to rise, security threats rapidly expand into the automation of industrial processes. Recently, there has been a growing interest in technology that detects files suspected of being malware by executing them directly in a virtual machine [3]. This interest is fueled by the development of IoT technology and virtualization technology, which has led to the emergence of the concept of a digital twin.…”

Section: Introductionmentioning

confidence: 99%

Intelligent Anomaly Detection System through Malware Image Augmentation in IIoT Environment Based on Digital Twin

Cha,

Yang,

Song

et al. 2023

Applied Sciences

View full text Add to dashboard Cite

Due to the recent rapid development of the ICT (Information and Communications Technology) field, the industrial sector is also experiencing rapid informatization. As a result, malware targeting information leakage and financial gain are increasingly found within IIoT (the Industrial Internet of Things). Moreover, the number of malware variants is rapidly increasing. Therefore, there is a pressing need for a safe and preemptive malware detection method capable of responding to these rapid changes. The existing malware detection method relies on specific byte sequence inclusion in a binary file. However, this method faces challenges in impacting the system or detecting variant malware. In this paper, we propose a data augmentation method based on an adversarial generative neural network to maintain a secure system and acquire necessary learning data. Specifically, we introduce a digital twin environment to safeguard systems and data. The proposed system creates fixed-size images from malware binaries in the virtual environment of the digital twin. Additionally, it generates new malware through an adversarial generative neural network. The image information produced in this manner is then employed for malware detection through deep learning. As a result, the detection performance, in preparation for the emergence of new malware, demonstrated high accuracy, exceeding 97%.

show abstract

Section: Introductionmentioning

confidence: 99%