A Malware Detection Framework Based on Forensic and Unsupervised Machine Learning Methodologies
作者: Ahmad Naim Irfan , Aswami Ariffin , Mohd Naz'ri Mahrin , Syahid Anuar
关键词:
摘要: The detection of malware intrusion requires the identification its signature. However, it is a complex task due to sophisticated ability evade security mechanisms deployed by cybersecurity practitioners. Evasion possible authors changing signature using metamorphism or polymorphism tactics. Currently, necessary formulate method focusing on dynamic and automated analysis. Malware Indicator Compromise (IOC) data analysis with machine learning can be used as technique obtain signatures. This technical approach practical cyber-attacks new changed are pandemic remain undetected, therefore, framework needed overcome this situation. Thus, research proposed based forensic unsupervised methodologies. experimented proven in detecting referring derived from Furthermore, provide guidelines for practitioners conduct threat hunting within their IT systems.
acm.org
sci-hub.st 参考文章(14)
Aziz Mohaisen, Omar Alrawi, Manar Mohaisen, None, AMAL: High-fidelity, behavior-based automated malware analysis and classification Computers & Security. ,vol. 52, pp. 251- 266 ,(2015) , 10.1016/J.COSE.2015.04.001
Shamsul Huda, Jemal Abawajy, Mamoun Alazab, Mali Abdollalihian, Rafiqul Islam, John Yearwood, None, Hybrids of support vector machine wrapper and filter based framework for malware detection Future Generation Computer Systems. ,vol. 55, pp. 376- 390 ,(2016) , 10.1016/J.FUTURE.2014.06.001
Jithu Raphel, P. Vinod, Information theoretic method for classification of packed and encoded files security of information and networks. pp. 296- 303 ,(2015) , 10.1145/2799979.2800015
Ahmad Karim, Rosli Bin Salleh, Muhammad Shiraz, Syed Adeel Ali Shah, Irfan Awan, Nor Badrul Anuar, Botnet detection techniques: review, future trends, and issues Journal of Zhejiang University Science C. ,vol. 15, pp. 943- 983 ,(2014) , 10.1631/JZUS.C1300242
Nir Nissim, Robert Moskovitch, Lior Rokach, Yuval Elovici, Novel active learning methods for enhanced PC malware detection in windows OS Expert Systems With Applications. ,vol. 41, pp. 5843- 5857 ,(2014) , 10.1016/J.ESWA.2014.02.053
Aswami Ariffin, Christian DOorazio, Kim-Kwang Raymond Choo, Jill Slay, iOS Forensics: How Can We Recover Deleted Image Files with Timestamp in a Forensically Sound Manner? availability, reliability and security. pp. 375- 382 ,(2013) , 10.1109/ARES.2013.50
Munkhbayar Bat-Erdene, Hyundo Park, Hongzhe Li, Heejo Lee, Mahn-Soo Choi, Entropy analysis to classify unknown packing algorithms for malware detection International Journal of Information Security. ,vol. 16, pp. 227- 248 ,(2017) , 10.1007/S10207-016-0330-4
Mohd Faizal Ab Razak, Nor Badrul Anuar, Rosli Salleh, Ahmad Firdaus, The rise of malware Journal of Network and Computer Applications. ,vol. 75, pp. 58- 76 ,(2016) , 10.1016/J.JNCA.2016.08.022
Leonardo Aniello, Roberto Baldoni, Daniele Ucci, Survey on the Usage of Machine Learning Techniques for Malware Analysis. ,(2017)
Pete Burnap, Richard French, Frederick Turner, Kevin Jones, None, Malware classification using self organising feature maps and machine activity data Computers & Security. ,vol. 73, pp. 399- 410 ,(2018) , 10.1016/J.COSE.2017.11.016