期刊文献+
共找到137篇文章
< 1 2 7 >
每页显示 20 50 100
An Attention-Based Approach to Enhance the Detection and Classification of Android Malware
1
作者 Abdallah Ghourabi 《Computers, Materials & Continua》 SCIE EI 2024年第8期2743-2760,共18页
The dominance of Android in the global mobile market and the open development characteristics of this platform have resulted in a significant increase in malware.These malicious applications have become a serious conc... The dominance of Android in the global mobile market and the open development characteristics of this platform have resulted in a significant increase in malware.These malicious applications have become a serious concern to the security of Android systems.To address this problem,researchers have proposed several machine-learning models to detect and classify Android malware based on analyzing features extracted from Android samples.However,most existing studies have focused on the classification task and overlooked the feature selection process,which is crucial to reduce the training time and maintain or improve the classification results.The current paper proposes a new Android malware detection and classification approach that identifies the most important features to improve classification performance and reduce training time.The proposed approach consists of two main steps.First,a feature selection method based on the Attention mechanism is used to select the most important features.Then,an optimized Light Gradient Boosting Machine(LightGBM)classifier is applied to classify the Android samples and identify the malware.The feature selection method proposed in this paper is to integrate an Attention layer into a multilayer perceptron neural network.The role of the Attention layer is to compute the weighted values of each feature based on its importance for the classification process.Experimental evaluation of the approach has shown that combining the Attention-based technique with an optimized classification algorithm for Android malware detection has improved the accuracy from 98.64%to 98.71%while reducing the training time from 80 to 28 s. 展开更多
关键词 Android malware malware detection feature selection attention mechanism LightGBM mobile security
下载PDF
Privacy Preservation in IoT Devices by Detecting Obfuscated Malware Using Wide Residual Network
2
作者 Deema Alsekait Mohammed Zakariah +2 位作者 Syed Umar Amin Zafar Iqbal Khan Jehad Saad Alqurni 《Computers, Materials & Continua》 SCIE EI 2024年第11期2395-2436,共42页
The widespread adoption of Internet of Things(IoT)devices has resulted in notable progress in different fields,improving operational effectiveness while also raising concerns about privacy due to their vulnerability t... The widespread adoption of Internet of Things(IoT)devices has resulted in notable progress in different fields,improving operational effectiveness while also raising concerns about privacy due to their vulnerability to virus attacks.Further,the study suggests using an advanced approach that utilizes machine learning,specifically the Wide Residual Network(WRN),to identify hidden malware in IoT systems.The research intends to improve privacy protection by accurately identifying malicious software that undermines the security of IoT devices,using the MalMemAnalysis dataset.Moreover,thorough experimentation provides evidence for the effectiveness of the WRN-based strategy,resulting in exceptional performance measures such as accuracy,precision,F1-score,and recall.The study of the test data demonstrates highly impressive results,with a multiclass accuracy surpassing 99.97%and a binary class accuracy beyond 99.98%.The results emphasize the strength and dependability of using advanced deep learning methods such as WRN for identifying hidden malware risks in IoT environments.Furthermore,a comparison examination with the current body of literature emphasizes the originality and efficacy of the suggested methodology.This research builds upon previous studies that have investigated several machine learning methods for detecting malware on IoT devices.However,it distinguishes itself by showcasing exceptional performance metrics and validating its findings through thorough experimentation with real-world datasets.Utilizing WRN offers benefits in managing the intricacies of malware detection,emphasizing its capacity to enhance the security of IoT ecosystems.To summarize,this work proposes an effective way to address privacy concerns on IoT devices by utilizing advanced machine learning methods.The research provides useful insights into the changing landscape of IoT cybersecurity by emphasizing methodological rigor and conducting comparative performance analysis.Future research could focus on enhancing the recommended approach by adding more datasets and leveraging real-time monitoring capabilities to strengthen IoT devices’defenses against new cybersecurity threats. 展开更多
关键词 Obfuscated malware detection IoT devices Wide Residual Network(WRN) malware detection machine learning
下载PDF
Detection and Prevention of Malware in Android Mobile Devices: A Literature Review
3
作者 Joseph Keteku George Owusu Dameh +3 位作者 Samuel Ameka Mante Thomas Kwashie Mensah Schneider Laryea Amartey John-Bosco Diekuu 《International Journal of Intelligence Science》 2024年第4期71-93,共23页
Despite only being around for a few years, mobile devices have steadily risen to become the most extensively used computer devices. Given the number of people who rely on smartphones, which can install third-party app... Despite only being around for a few years, mobile devices have steadily risen to become the most extensively used computer devices. Given the number of people who rely on smartphones, which can install third-party apps, it has become an increasingly important issue for end-users and service providers to ensure that both the devices and the underlying network are secure. People will become more reliant on applications such as SMS, MMS, Internet Access, Online Transactions, and so on due to such features and capabilities. Thousands of devices ranging from low-cost phones to high-end luxury phones are powered by the Android operating system, which has dominated the smartphone marketplace. It is about making it possible for people from all socioeconomic backgrounds to get and use mobile devices in their daily activities. In response to this growing popularity, the number of new applications introduced to the Android market has skyrocketed. The recent appearance of a wide range of mobile malware has caught the attention of security professionals and scholars alike. In light of the ongoing expansion of the mobile phone industry, the likelihood of it being used in criminal activities will only continue to rise in the future. This article reviews the literature on malware detection and prevention in Android mobile devices, analyzes the existing literature on major studies and tasks, and covers articles, journals, and digital resources such as Internet security publications, scientific studies, and conferences. 展开更多
关键词 Android malware Android Mobile Application Security malware Detection Mobile Security
下载PDF
Outsmarting Android Malware with Cutting-Edge Feature Engineering and Machine Learning Techniques 被引量:1
4
作者 Ahsan Wajahat Jingsha He +4 位作者 Nafei Zhu Tariq Mahmood Tanzila Saba Amjad Rehman Khan Faten S.A.lamri 《Computers, Materials & Continua》 SCIE EI 2024年第4期651-673,共23页
The growing usage of Android smartphones has led to a significant rise in incidents of Android malware andprivacy breaches.This escalating security concern necessitates the development of advanced technologies capable... The growing usage of Android smartphones has led to a significant rise in incidents of Android malware andprivacy breaches.This escalating security concern necessitates the development of advanced technologies capableof automatically detecting andmitigatingmalicious activities in Android applications(apps).Such technologies arecrucial for safeguarding user data and maintaining the integrity of mobile devices in an increasingly digital world.Current methods employed to detect sensitive data leaks in Android apps are hampered by two major limitationsthey require substantial computational resources and are prone to a high frequency of false positives.This meansthat while attempting to identify security breaches,these methods often consume considerable processing powerand mistakenly flag benign activities as malicious,leading to inefficiencies and reduced reliability in malwaredetection.The proposed approach includes a data preprocessing step that removes duplicate samples,managesunbalanced datasets,corrects inconsistencies,and imputes missing values to ensure data accuracy.The Minimaxmethod is then used to normalize numerical data,followed by feature vector extraction using the Gain ratio andChi-squared test to identify and extract the most significant characteristics using an appropriate prediction model.This study focuses on extracting a subset of attributes best suited for the task and recommending a predictivemodel based on domain expert opinion.The proposed method is evaluated using Drebin and TUANDROMDdatasets containing 15,036 and 4,464 benign and malicious samples,respectively.The empirical result shows thatthe RandomForest(RF)and Support VectorMachine(SVC)classifiers achieved impressive accuracy rates of 98.9%and 98.8%,respectively,in detecting unknown Androidmalware.A sensitivity analysis experiment was also carriedout on all three ML-based classifiers based on MAE,MSE,R2,and sensitivity parameters,resulting in a flawlessperformance for both datasets.This approach has substantial potential for real-world applications and can serve asa valuable tool for preventing the spread of Androidmalware and enhancing mobile device security. 展开更多
关键词 Android malware detection machine learning SVC K-Nearest Neighbors(KNN) RF
下载PDF
An Empirical Study on the Effectiveness of Adversarial Examples in Malware Detection
5
作者 Younghoon Ban Myeonghyun Kim Haehyun Cho 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第6期3535-3563,共29页
Antivirus vendors and the research community employ Machine Learning(ML)or Deep Learning(DL)-based static analysis techniques for efficient identification of new threats,given the continual emergence of novel malware ... Antivirus vendors and the research community employ Machine Learning(ML)or Deep Learning(DL)-based static analysis techniques for efficient identification of new threats,given the continual emergence of novel malware variants.On the other hand,numerous researchers have reported that Adversarial Examples(AEs),generated by manipulating previously detected malware,can successfully evade ML/DL-based classifiers.Commercial antivirus systems,in particular,have been identified as vulnerable to such AEs.This paper firstly focuses on conducting black-box attacks to circumvent ML/DL-based malware classifiers.Our attack method utilizes seven different perturbations,including Overlay Append,Section Append,and Break Checksum,capitalizing on the ambiguities present in the PE format,as previously employed in evasion attack research.By directly applying the perturbation techniques to PE binaries,our attack method eliminates the need to grapple with the problem-feature space dilemma,a persistent challenge in many evasion attack studies.Being a black-box attack,our method can generate AEs that successfully evade both DL-based and ML-based classifiers.Also,AEs generated by the attack method retain their executability and malicious behavior,eliminating the need for functionality verification.Through thorogh evaluations,we confirmed that the attack method achieves an evasion rate of 65.6%against well-known ML-based malware detectors and can reach a remarkable 99%evasion rate against well-known DL-based malware detectors.Furthermore,our AEs demonstrated the capability to bypass detection by 17%of vendors out of the 64 on VirusTotal(VT).In addition,we propose a defensive approach that utilizes Trend Locality Sensitive Hashing(TLSH)to construct a similarity-based defense model.Through several experiments on the approach,we verified that our defense model can effectively counter AEs generated by the perturbation techniques.In conclusion,our defense model alleviates the limitation of the most promising defense method,adversarial training,which is only effective against the AEs that are included in the training classifiers. 展开更多
关键词 malware classification machine learning adversarial examples evasion attack CYBERSECURITY
下载PDF
Enhancing PDF Malware Detection through Logistic Model Trees
6
作者 Muhammad Binsawad 《Computers, Materials & Continua》 SCIE EI 2024年第3期3645-3663,共19页
Malware is an ever-present and dynamic threat to networks and computer systems in cybersecurity,and because of its complexity and evasiveness,it is challenging to identify using traditional signature-based detection a... Malware is an ever-present and dynamic threat to networks and computer systems in cybersecurity,and because of its complexity and evasiveness,it is challenging to identify using traditional signature-based detection approaches.The study article discusses the growing danger to cybersecurity that malware hidden in PDF files poses,highlighting the shortcomings of conventional detection techniques and the difficulties presented by adversarial methodologies.The article presents a new method that improves PDF virus detection by using document analysis and a Logistic Model Tree.Using a dataset from the Canadian Institute for Cybersecurity,a comparative analysis is carried out with well-known machine learning models,such as Credal Decision Tree,Naïve Bayes,Average One Dependency Estimator,Locally Weighted Learning,and Stochastic Gradient Descent.Beyond traditional structural and JavaScript-centric PDF analysis,the research makes a substantial contribution to the area by boosting precision and resilience in malware detection.The use of Logistic Model Tree,a thorough feature selection approach,and increased focus on PDF file attributes all contribute to the efficiency of PDF virus detection.The paper emphasizes Logistic Model Tree’s critical role in tackling increasing cybersecurity threats and proposes a viable answer to practical issues in the sector.The results reveal that the Logistic Model Tree is superior,with improved accuracy of 97.46%when compared to benchmark models,demonstrating its usefulness in addressing the ever-changing threat landscape. 展开更多
关键词 malware detection PDF files logistic model tree feature selection CYBERSECURITY
下载PDF
Covalent Bond Based Android Malware Detection Using Permission and System Call Pairs
7
作者 Rahul Gupta Kapil Sharma R.K.Garg 《Computers, Materials & Continua》 SCIE EI 2024年第3期4283-4301,共19页
The prevalence of smartphones is deeply embedded in modern society,impacting various aspects of our lives.Their versatility and functionalities have fundamentally changed how we communicate,work,seek entertainment,and... The prevalence of smartphones is deeply embedded in modern society,impacting various aspects of our lives.Their versatility and functionalities have fundamentally changed how we communicate,work,seek entertainment,and access information.Among the many smartphones available,those operating on the Android platform dominate,being the most widely used type.This widespread adoption of the Android OS has significantly contributed to increased malware attacks targeting the Android ecosystem in recent years.Therefore,there is an urgent need to develop new methods for detecting Android malware.The literature contains numerous works related to Android malware detection.As far as our understanding extends,we are the first ones to identify dangerous combinations of permissions and system calls to uncover malicious behavior in Android applications.We introduce a novel methodology that pairs permissions and system calls to distinguish between benign and malicious samples.This approach combines the advantages of static and dynamic analysis,offering a more comprehensive understanding of an application’s behavior.We establish covalent bonds between permissions and system calls to assess their combined impact.We introduce a novel technique to determine these pairs’Covalent Bond Strength Score.Each pair is assigned two scores,one for malicious behavior and another for benign behavior.These scores serve as the basis for classifying applications as benign or malicious.By correlating permissions with system calls,the study enables a detailed examination of how an app utilizes its requested permissions,aiding in differentiating legitimate and potentially harmful actions.This comprehensive analysis provides a robust framework for Android malware detection,marking a significant contribution to the field.The results of our experiments demonstrate a remarkable overall accuracy of 97.5%,surpassing various state-of-the-art detection techniques proposed in the current literature. 展开更多
关键词 ANDROID malware android security hybrid analysis permission and system call pairs
下载PDF
DCEL:classifier fusion model for Android malware detection
8
作者 XU Xiaolong JIANG Shuai +1 位作者 ZHAO Jinbo WANG Xinheng 《Journal of Systems Engineering and Electronics》 SCIE EI CSCD 2024年第1期163-177,共15页
The rapid growth of mobile applications,the popularity of the Android system and its openness have attracted many hackers and even criminals,who are creating lots of Android malware.However,the current methods of Andr... The rapid growth of mobile applications,the popularity of the Android system and its openness have attracted many hackers and even criminals,who are creating lots of Android malware.However,the current methods of Android malware detection need a lot of time in the feature engineering phase.Furthermore,these models have the defects of low detection rate,high complexity,and poor practicability,etc.We analyze the Android malware samples,and the distribution of malware and benign software in application programming interface(API)calls,permissions,and other attributes.We classify the software’s threat levels based on the correlation of features.Then,we propose deep neural networks and convolutional neural networks with ensemble learning(DCEL),a new classifier fusion model for Android malware detection.First,DCEL preprocesses the malware data to remove redundant data,and converts the one-dimensional data into a two-dimensional gray image.Then,the ensemble learning approach is used to combine the deep neural network with the convolutional neural network,and the final classification results are obtained by voting on the prediction of each single classifier.Experiments based on the Drebin and Malgenome datasets show that compared with current state-of-art models,the proposed DCEL has a higher detection rate,higher recall rate,and lower computational cost. 展开更多
关键词 Android malware detection deep learning ensemble learning model fusion
下载PDF
A Low Complexity ML-Based Methods for Malware Classification
9
作者 Mahmoud E.Farfoura Ahmad Alkhatib +4 位作者 Deema Mohammed Alsekait Mohammad Alshinwan Sahar A.El-Rahman Didi Rosiyadi Diaa Salama Abd Elminaam 《Computers, Materials & Continua》 SCIE EI 2024年第9期4833-4857,共25页
The article describes a new method for malware classification,based on a Machine Learning(ML)model architecture specifically designed for malware detection,enabling real-time and accurate malware identification.Using ... The article describes a new method for malware classification,based on a Machine Learning(ML)model architecture specifically designed for malware detection,enabling real-time and accurate malware identification.Using an innovative feature dimensionality reduction technique called the Interpolation-based Feature Dimensionality Reduction Technique(IFDRT),the authors have significantly reduced the feature space while retaining critical information necessary for malware classification.This technique optimizes the model’s performance and reduces computational requirements.The proposed method is demonstrated by applying it to the BODMAS malware dataset,which contains 57,293 malware samples and 77,142 benign samples,each with a 2381-feature vector.Through the IFDRT method,the dataset is transformed,reducing the number of features while maintaining essential data for accurate classification.The evaluation results show outstanding performance,with an F1 score of 0.984 and a high accuracy of 98.5%using only two reduced features.This demonstrates the method’s ability to classify malware samples accurately while minimizing processing time.The method allows for improving computational efficiency by reducing the feature space,which decreases the memory and time requirements for training and prediction.The new method’s effectiveness is confirmed by the calculations,which indicate significant improvements in malware classification accuracy and efficiency.The research results enhance existing malware detection techniques and can be applied in various cybersecurity applications,including real-timemalware detection on resource-constrained devices.Novelty and scientific contribution lie in the development of the IFDRT method,which provides a robust and efficient solution for feature reduction in ML-based malware classification,paving the way for more effective and scalable cybersecurity measures. 展开更多
关键词 malware detection ML-based models dimensionality reduction feature engineering
下载PDF
Modern Mobile Malware Detection Framework Using Machine Learning and Random Forest Algorithm
10
作者 Mohammad Ababneh Ayat Al-Droos Ammar El-Hassan 《Computer Systems Science & Engineering》 2024年第5期1171-1191,共21页
With the high level of proliferation of connected mobile devices,the risk of intrusion becomes higher.Artificial Intelligence(AI)and Machine Learning(ML)algorithms started to feature in protection software and showed ... With the high level of proliferation of connected mobile devices,the risk of intrusion becomes higher.Artificial Intelligence(AI)and Machine Learning(ML)algorithms started to feature in protection software and showed effective results.These algorithms are nonetheless hindered by the lack of rich datasets and compounded by the appearance of new categories of malware such that the race between attackers’malware,especially with the assistance of Artificial Intelligence tools and protection solutions makes these systems and frameworks lose effectiveness quickly.In this article,we present a framework for mobile malware detection based on a new dataset containing new categories of mobile malware.We focus on categories of malware that were not tested before by Machine Learning algorithms proven effective in malware detection.We carefully select an optimal number of features,do necessary preprocessing,and then apply Machine Learning algorithms to discover malicious code effectively.From our experiments,we have found that the Random Forest algorithm is the best-performing algorithm with such mobile malware with detection rates of around 99%.We compared our results from this work and found that they are aligned well with our previous work.We also compared our work with State-of-the-Art works of others and found that the results are very close and competitive. 展开更多
关键词 Android malware DETECT PREVENT artificial intelligence machine learning MOBILE CICMalDroid2020 CCCSCIC-AndMal-2020
下载PDF
Fine-Tuning Cyber Security Defenses: Evaluating Supervised Machine Learning Classifiers for Windows Malware Detection
11
作者 Islam Zada Mohammed Naif Alatawi +4 位作者 Syed Muhammad Saqlain Abdullah Alshahrani Adel Alshamran Kanwal Imran Hessa Alfraihi 《Computers, Materials & Continua》 SCIE EI 2024年第8期2917-2939,共23页
Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malwar... Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats. 展开更多
关键词 Security and privacy challenges in the context of requirements engineering supervisedmachine learning malware detection windows systems comparative analysis Gaussian Naive Bayes K Nearest Neighbors Stochastic Gradient Descent Classifier Decision Tree
下载PDF
Malware Detection Using Dual Siamese Network Model
12
作者 ByeongYeol An JeaHyuk Yang +1 位作者 Seoyeon Kim Taeguen Kim 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第10期563-584,共22页
This paper proposes a new approach to counter cyberattacks using the increasingly diverse malware in cyber security.Traditional signature detection methods that utilize static and dynamic features face limitations due... This paper proposes a new approach to counter cyberattacks using the increasingly diverse malware in cyber security.Traditional signature detection methods that utilize static and dynamic features face limitations due to the continuous evolution and diversity of new malware.Recently,machine learning-based malware detection techniques,such as Convolutional Neural Networks(CNN)and Recurrent Neural Networks(RNN),have gained attention.While these methods demonstrate high performance by leveraging static and dynamic features,they are limited in detecting new malware or variants because they learn based on the characteristics of existing malware.To overcome these limitations,malware detection techniques employing One-Shot Learning and Few-Shot Learning have been introduced.Based on this,the Siamese Network,which can effectively learn from a small number of samples and perform predictions based on similarity rather than learning the characteristics of the input data,enables the detection of new malware or variants.We propose a dual Siamese network-based detection framework that utilizes byte images converted frommalware binary data to grayscale,and opcode frequency-based images generated after extracting opcodes and converting them into 2-gramfrequencies.The proposed framework integrates two independent Siamese network models,one learning from byte images and the other from opcode frequency-based images.The detection models trained on the different kinds of images generated separately apply the L1 distancemeasure to the output vectors themodels generate,calculate the similarity,and then apply different weights to each model.Our proposed framework achieved a malware detection accuracy of 95.9%and 99.83%in the experimentsusingdifferentmalware datasets.The experimental resultsdemonstrate that ourmalware detection model can effectively detect malware by utilizing two different types of features and employing the dual Siamese network-based model. 展开更多
关键词 Siamese network malware detection few-shot learning
下载PDF
MaliFuzz:Adversarial Malware Detection Model for Defending Against Fuzzing Attack
13
作者 Xianwei Gao Chun Shan Changzhen Hu 《Journal of Beijing Institute of Technology》 EI CAS 2024年第5期436-449,共14页
With the prevalence of machine learning in malware defense,hackers have tried to attack machine learning models to evade detection.It is generally difficult to explore the details of malware detection models,hackers c... With the prevalence of machine learning in malware defense,hackers have tried to attack machine learning models to evade detection.It is generally difficult to explore the details of malware detection models,hackers can adopt fuzzing attack to manipulate the features of the malware closer to benign programs on the premise of retaining their functions.In this paper,attack and defense methods on malware detection models based on machine learning algorithms were studied.Firstly,we designed a fuzzing attack method by randomly modifying features to evade detection.The fuzzing attack can effectively descend the accuracy of machine learning model with single feature.Then an adversarial malware detection model MaliFuzz is proposed to defend fuzzing attack.Different from the ordinary single feature detection model,the combined features by static and dynamic analysis to improve the defense ability are used.The experiment results show that the adversarial malware detection model with combined features can deal with the attack.The methods designed in this paper have great significance in improving the security of malware detection models and have good application prospects. 展开更多
关键词 adversarial machine learning fuzzing attack malware detection
下载PDF
Malware Attacks Detection in IoT Using Recurrent Neural Network(RNN)
14
作者 Abeer Abdullah Alsadhan Abdullah A.Al-Atawi +3 位作者 Hanen karamti Abid Jameel Islam Zada Tan N.Nguyen 《Intelligent Automation & Soft Computing》 2024年第2期135-155,共21页
IoT(Internet of Things)devices are being used more and more in a variety of businesses and for a variety of tasks,such as environmental data collection in both civilian and military situations.They are a desirable att... IoT(Internet of Things)devices are being used more and more in a variety of businesses and for a variety of tasks,such as environmental data collection in both civilian and military situations.They are a desirable attack target for malware intended to infect specific IoT devices due to their growing use in a variety of applications and their increasing computational and processing power.In this study,we investigate the possibility of detecting IoT malware using recurrent neural networks(RNNs).RNNis used in the proposed method to investigate the execution operation codes of ARM-based Internet of Things apps(OpCodes).To train our algorithms,we employ a dataset of IoT applications that includes 281 malicious and 270 benign pieces of software.The trained model is then put to the test using 100 brand-new IoT malware samples across three separate LSTM settings.Model exposure was not previously conducted on these samples.Detecting newly crafted malware samples with 2-layer neurons had the highest accuracy(98.18%)in the 10-fold cross validation experiment.A comparison of the LSTMtechnique to other machine learning classifiers shows that it yields the best results. 展开更多
关键词 malware malicious code code obfuscation IOT machine learning deep learning
下载PDF
Android Malware Detection Using ResNet-50 Stacking
15
作者 Lojain Nahhas Marwan Albahar +1 位作者 Abdullah Alammari Anca Jurcut 《Computers, Materials & Continua》 SCIE EI 2023年第2期3997-4014,共18页
There has been an increase in attacks on mobile devices,such as smartphones and tablets,due to their growing popularity.Mobile malware is one of the most dangerous threats,causing both security breaches and financial ... There has been an increase in attacks on mobile devices,such as smartphones and tablets,due to their growing popularity.Mobile malware is one of the most dangerous threats,causing both security breaches and financial losses.Mobile malware is likely to continue to evolve and proliferate to carry out a variety of cybercrimes on mobile devices.Mobile malware specifically targets Android operating system as it has grown in popularity.The rapid proliferation of Android malware apps poses a significant security risk to users,making static and manual analysis of malicious files difficult.Therefore,efficient identification and classification of Androidmalicious files is crucial.Several ConvolutionalNeuralNetwork(CNN)basedmethods have been proposed in this regard;however,there is still room for performance improvement.In this work,we propose a transfer learning and stacking approach to efficiently detect the Android malware files by utilizing two wellknown machine learning models,ResNet-50 and Support Vector Machine(SVM).The proposed model is trained on the DREBIN dataset by transforming malicious APK files into grayscale images.Our model yields higher performance measures than state-of-the-art works on the DREBIN dataset,where the reported measures are accuracy,recall,precision,and F1 measures of 97.8%,95.8%,95.7%,and 95.7%,respectively. 展开更多
关键词 Androidmalware convolutional neural network malware analysis malware classification image classification support vector machine
下载PDF
Explainable Classification Model for Android Malware Analysis Using API and Permission-Based Features
16
作者 Nida Aslam Irfan Ullah Khan +5 位作者 Salma Abdulrahman Bader Aisha Alansari Lama Abdullah Alaqeel Razan Mohammed Khormy Zahra Abdultawab AlKubaish Tariq Hussain 《Computers, Materials & Continua》 SCIE EI 2023年第9期3167-3188,共22页
One of the most widely used smartphone operating systems,Android,is vulnerable to cutting-edge malware that employs sophisticated logic.Such malware attacks could lead to the execution of unauthorized acts on the vict... One of the most widely used smartphone operating systems,Android,is vulnerable to cutting-edge malware that employs sophisticated logic.Such malware attacks could lead to the execution of unauthorized acts on the victims’devices,stealing personal information and causing hardware damage.In previous studies,machine learning(ML)has shown its efficacy in detecting malware events and classifying their types.However,attackers are continuously developing more sophisticated methods to bypass detection.Therefore,up-to-date datasets must be utilized to implement proactive models for detecting malware events in Android mobile devices.Therefore,this study employed ML algorithms to classify Android applications into malware or goodware using permission and application programming interface(API)-based features from a recent dataset.To overcome the dataset imbalance issue,RandomOverSampler,synthetic minority oversampling with tomek links(SMOTETomek),and RandomUnderSampler were applied to the Dataset in different experiments.The results indicated that the extra tree(ET)classifier achieved the highest accuracy of 99.53%within an elapsed time of 0.0198 s in the experiment that utilized the RandomOverSampler technique.Furthermore,the explainable Artificial Intelligence(EAI)technique has been applied to add transparency to the high-performance ET classifier.The global explanation using the Shapely values indicated that the top three features contributing to the goodware class are:Ljava/net/URL;->openConnection,Landroid/location/LocationManager;->getLastKgoodwarewnLocation,and Vibrate.On the other hand,the top three features contributing to themalware class are Receive_Boot_Completed,Get_Tasks,and Kill_Background_Processes.It is believed that the proposedmodel can contribute to proactively detectingmalware events in Android devices to reduce the number of victims and increase users’trust. 展开更多
关键词 Android malware machine learning malware detection explainable artificial intelligence cyber security
下载PDF
Hybrid Malware Variant Detection Model with Extreme Gradient Boosting and Artificial Neural Network Classifiers
17
作者 Asma A.Alhashmi Abdulbasit A.Darem +5 位作者 Sultan M.Alanazi Abdullah M.Alashjaee Bader Aldughayfiq Fuad A.Ghaleb Shouki A.Ebad Majed A.Alanazi 《Computers, Materials & Continua》 SCIE EI 2023年第9期3483-3498,共16页
In an era marked by escalating cybersecurity threats,our study addresses the challenge of malware variant detection,a significant concern for amultitude of sectors including petroleum and mining organizations.This pap... In an era marked by escalating cybersecurity threats,our study addresses the challenge of malware variant detection,a significant concern for amultitude of sectors including petroleum and mining organizations.This paper presents an innovative Application Programmable Interface(API)-based hybrid model designed to enhance the detection performance of malware variants.This model integrates eXtreme Gradient Boosting(XGBoost)and an Artificial Neural Network(ANN)classifier,offering a potent response to the sophisticated evasion and obfuscation techniques frequently deployed by malware authors.The model’s design capitalizes on the benefits of both static and dynamic analysis to extract API-based features,providing a holistic and comprehensive view of malware behavior.From these features,we construct two XGBoost predictors,each of which contributes a valuable perspective on the malicious activities under scrutiny.The outputs of these predictors,interpreted as malicious scores,are then fed into an ANN-based classifier,which processes this data to derive a final decision.The strength of the proposed model lies in its capacity to leverage behavioral and signature-based features,and most importantly,in its ability to extract and analyze the hidden relations between these two types of features.The efficacy of our proposed APIbased hybrid model is evident in its performance metrics.It outperformed other models in our tests,achieving an impressive accuracy of 95%and an F-measure of 93%.This significantly improved the detection performance of malware variants,underscoring the value and potential of our approach in the challenging field of cybersecurity. 展开更多
关键词 API-based hybrid malware detection model static and dynamic analysis malware detection
下载PDF
Graph Convolutional Neural Network Based Malware Detection in IoT-Cloud Environment 被引量:1
18
作者 Faisal SAlsubaei Haya Mesfer Alshahrani +1 位作者 Khaled Tarmissi Abdelwahed Motwakel 《Intelligent Automation & Soft Computing》 SCIE 2023年第6期2897-2914,共18页
Cybersecurity has become the most significant research area in the domain of the Internet of Things(IoT)owing to the ever-increasing number of cyberattacks.The rapid penetration of Android platforms in mobile devices ... Cybersecurity has become the most significant research area in the domain of the Internet of Things(IoT)owing to the ever-increasing number of cyberattacks.The rapid penetration of Android platforms in mobile devices has made the detection of malware attacks a challenging process.Furthermore,Android malware is increasing on a daily basis.So,precise malware detection analytical techniques need a large number of hardware resources that are signifi-cantly resource-limited for mobile devices.In this research article,an optimal Graph Convolutional Neural Network-based Malware Detection and classification(OGCNN-MDC)model is introduced for an IoT-cloud environment.The pro-posed OGCNN-MDC model aims to recognize and categorize malware occur-rences in IoT-enabled cloud platforms.The presented OGCNN-MDC model has three stages in total,such as data pre-processing,malware detection and para-meter tuning.To detect and classify the malware,the GCNN model is exploited in this work.In order to enhance the overall efficiency of the GCNN model,the Group Mean-based Optimizer(GMBO)algorithm is utilized to appropriately adjust the GCNN parameters,and this phenomenon shows the novelty of the cur-rent study.A widespread experimental analysis was conducted to establish the superiority of the proposed OGCNN-MDC model.A comprehensive comparison study was conducted,and the outcomes highlighted the supreme performance of the proposed OGCNN-MDC model over other recent approaches. 展开更多
关键词 CYBERSECURITY IoT CLOUD malware detection graph convolution network
下载PDF
Comparative Analysis of Machine Learning Models for PDF Malware Detection:Evaluating Different Training and Testing Criteria 被引量:2
19
作者 Bilal Khan Muhammad Arshad Sarwar Shah Khan 《Journal of Cyber Security》 2023年第1期1-11,共11页
The proliferation of maliciously coded documents as file transfers increase has led to a rise in sophisticated attacks.Portable Document Format(PDF)files have emerged as a major attack vector for malware due to their ... The proliferation of maliciously coded documents as file transfers increase has led to a rise in sophisticated attacks.Portable Document Format(PDF)files have emerged as a major attack vector for malware due to their adaptability and wide usage.Detecting malware in PDF files is challenging due to its ability to include various harmful elements such as embedded scripts,exploits,and malicious URLs.This paper presents a comparative analysis of machine learning(ML)techniques,including Naive Bayes(NB),K-Nearest Neighbor(KNN),Average One Dependency Estimator(A1DE),RandomForest(RF),and SupportVectorMachine(SVM)forPDFmalware detection.The study utilizes a dataset obtained from the Canadian Institute for Cyber-security and employs different testing criteria,namely percentage splitting and 10-fold cross-validation.The performance of the techniques is evaluated using F1-score,precision,recall,and accuracy measures.The results indicate that KNNoutperforms other models,achieving an accuracy of 99.8599%using 10-fold cross-validation.The findings highlight the effectiveness of ML models in accurately detecting PDF malware and provide insights for developing robust systems to protect against malicious activities. 展开更多
关键词 Cyber-security PDF malware model training testing
下载PDF
Clustering-Aided Supervised Malware Detection with Specialized Classifiers and Early Consensus
20
作者 Murat Dener Sercan Gulburun 《Computers, Materials & Continua》 SCIE EI 2023年第4期1235-1251,共17页
One of the most common types of threats to the digital world is malicious software.It is of great importance to detect and prevent existing and new malware before it damages information assets.Machine learning approac... One of the most common types of threats to the digital world is malicious software.It is of great importance to detect and prevent existing and new malware before it damages information assets.Machine learning approaches are used effectively for this purpose.In this study,we present a model in which supervised and unsupervised learning algorithms are used together.Clustering is used to enhance the prediction performance of the supervised classifiers.The aim of the proposed model is to make predictions in the shortest possible time with high accuracy and f1 score.In the first stage of the model,the data are clustered with the k-means algorithm.In the second stage,the prediction is made with the combination of the classifier with the best prediction performance for the related cluster.While choosing the best classifiers for the given clusters,triple combinations of ten machine learning algorithms(kernel support vector machine,k-nearest neighbor,naive Bayes,decision tree,random forest,extra gradient boosting,categorical boosting,adaptive boosting,extra trees,and gradient boosting)are used.The selected triple classifier combination is positioned in two stages.The prediction time of the model is improved by positioning the classifier with the slowest prediction time in the second stage.The selected triple classifier combination is positioned in two tiers.The prediction time of the model is improved by positioning the classifier with the highest prediction time in the second tier.It is seen that clustering before classification improves prediction performance,which is presented using Blue Hexagon Open Dataset for Malware Analysis(BODMAS),Elastic Malware Benchmark for Empowering Researchers(EMBER)2018 and Kaggle malware detection datasets.The model has 99.74%accuracy and 99.77%f1 score for the BODMAS dataset,99.04%accuracy and 98.63%f1 score for the Kaggle malware detection dataset,and 96.77%accuracy and 96.77%f1 score for the EMBER 2018 dataset.In addition,the tiered positioning of classifiers shortened the average prediction time by 76.13%for the BODMAS dataset and 95.95%for the EMBER 2018 dataset.The proposed method’s prediction performance is better than the rest of the studies in the literature in which BODMAS and EMBER 2018 datasets are used. 展开更多
关键词 malware detection ensemble learning CLASSIFICATION CLUSTERING specialized classifier early consensus
下载PDF
上一页 1 2 7 下一页 到第
使用帮助 返回顶部