Improved Malware Detection Model with Apriori Association Rule and Particle Swarm Optimization

Adebayo, Olawale Surajudeen; Aziz, Normaziah Abdul

doi:10.1155/2019/2850932

Cited by 27 publications

(19 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The PSO applied in [ 19 ] was intended to increase malware detection performance. This study [ 56 ] used the PSO to optimise the random generation of candidate detectors and parameters because PSO enhances the ANFIS performance [ 55 ] by modifying membership functions and reducing errors. The PSO concept includes each time step, changing the velocity of a particle represented by pbest (the value of fitness) and gbest (global version).…”

Section: Methodsmentioning

confidence: 99%

A static analysis approach for Android permission-based malware detection systems

et al. 2021

View full text Add to dashboard Cite

The evolution of malware is causing mobile devices to crash with increasing frequency. Therefore, adequate security evaluations that detect Android malware are crucial. Two techniques can be used in this regard: Static analysis, which meticulously examines the full codes of applications, and dynamic analysis, which monitors malware behaviour. While both perform security evaluations successfully, there is still room for improvement. The goal of this research is to examine the effectiveness of static analysis to detect Android malware by using permission-based features. This study proposes machine learning with different sets of classifiers was used to evaluate Android malware detection. The feature selection method in this study was applied to determine which features were most capable of distinguishing malware. A total of 5,000 Drebin malware samples and 5,000 Androzoo benign samples were utilised. The performances of the different sets of classifiers were then compared. The results indicated that with a TPR value of 91.6%, the Random Forest algorithm achieved the highest level of accuracy in malware detection.

show abstract

Section: Methodsmentioning

confidence: 99%

A static analysis approach for Android permission-based malware detection systems

et al. 2021

View full text Add to dashboard Cite

show abstract

“…The result provides insights for mobile application developers to recommend other applications for their users based on their interest and usage pattern. Adebayo and Abdul Aziz presented a novel knowledge-based database discovery model that utilizes an improvised apriori algorithm with Particle Swarm Optimization (PSO) to classify and detect malicious android application [10]. The usage of several rule detectors can maximize the true positive rate of detecting malicious code, whereas the false positive rate of wrongful detection is minimized.…”

Section: A Cyber Threat Intelligence (Cti) For Threat Attributionmentioning

confidence: 99%

Formulation of Association Rule Mining (ARM) for an Effective Cyber Attack Attribution in Cyber Threat Intelligence (CTI)

Abu¹,

Selamat²,

Yusof³

et al. 2021

IJACSA

View full text Add to dashboard Cite

In recent year, an adversary has improved their Tactic, Technique and Procedure (TTPs) in launching cyberattack that make it less predictable, more persistent, resourceful and better funded. So many organisation has opted to use Cyber Threat Intelligence (CTI) in their security posture in attributing cyberattack effectively. However, to fully leverage the massive amount of data in CTI for threat attribution, an organisation needs to spend their focus more on discovering the hidden knowledge behind the voluminous data to produce an effective cyberattack attribution. Hence this paper emphasized on the research of association analysis in CTI process for cyber attack attribution. The aim of this paper is to formulate association ruleset to perform the attribution process in the CTI. The Apriori algorithm is used to formulate association ruleset in association analysis process and is known as the CTI Association Ruleset (CTI-AR). Interestingness measure indicator specially support (s), confidence (c) and lift (l) are used to measure the practicality, validity and filtering the CTI-AR. The results showed that CTI-AR effectively identify the attributes, relationship between attributes and attribution level group of cyberattack in CTI. This research has a high potential of being expanded into cyber threat hunting process in providing a more proactive cybersecurity environment.

show abstract

“…Dynamic analysis is thought to be more reliable and efficient in the long term, but it had severe limitations. For example, it could not be deployed at the end-point in real-time since it takes too long for it to produce results since it requires time to analyze the malware during which the malware can fulfill its purpose [8][9][10][11][12].…”

Section: Introductionmentioning

confidence: 99%

Image-Based Malware Classification Using VGG19 Network and Spatial Convolutional Attention

et al. 2021

View full text Add to dashboard Cite

In recent years the amount of malware spreading through the internet and infecting computers and other communication devices has tremendously increased. To date, countless techniques and methodologies have been proposed to detect and neutralize these malicious agents. However, as new and automated malware generation techniques emerge, a lot of malware continues to be produced, which can bypass some state-of-the-art malware detection methods. Therefore, there is a need for the classification and detection of these adversarial agents that can compromise the security of people, organizations, and countless other forms of digital assets. In this paper, we propose a spatial attention and convolutional neural network (SACNN) based on deep learning framework for image-based classification of 25 well-known malware families with and without class balancing. Performance was evaluated on the Malimg benchmark dataset using precision, recall, specificity, precision, and F1 score on which our proposed model with class balancing reached 97.42%, 97.95%, 97.33%, 97.11%, and 97.32%. We also conducted experiments on SACNN with class balancing on benign class, also produced above 97%. The results indicate that our proposed model can be used for image-based malware detection with high performance, despite being simpler as compared to other available solutions.

show abstract

Improved Malware Detection Model with Apriori Association Rule and Particle Swarm Optimization

Cited by 27 publications

References 30 publications

A static analysis approach for Android permission-based malware detection systems

A static analysis approach for Android permission-based malware detection systems

Formulation of Association Rule Mining (ARM) for an Effective Cyber Attack Attribution in Cyber Threat Intelligence (CTI)

Image-Based Malware Classification Using VGG19 Network and Spatial Convolutional Attention

Contact Info

Product

Resources

About