DRLDO A Novel DRL based De obfuscation System for Defence Against Metamorphic Malware

In this paper, we propose a novel mechanism to normalise metamorphic and obfuscated malware down at the opcode level and hence create an advanced metamorphic malware de-obfuscation and defence system. We name this system as DRLDO, for deep reinforcement learning based de-obfuscator. With the inclusion of the DRLDO as a sub-component, an existing Intrusion Detection System could be augmented with defensive capabilities against ‘zero-day’ attack from obfuscated and metamorphic variants of existing malware. This gains importance, not only because there exists no system till date that use advance DRL to intelligently and automatically normalise obfuscation down even to the opcode level, but also because the DRLDO system does not mandate any changes to the existing IDS. The DRLDO system does not even mandate the IDS’ classifier to be retrained with any new dataset containing obfuscated samples. Hence DRLDO could be easily retrofitted into any existing IDS deployment. We designed, developed, and conducted experiments on the system to evaluate the same against multiple-simultaneous attacks from obfuscations generated from malware samples from a standardised dataset that contain multiple generations of malware. Experimental results prove that DRLDO was able to successfully make the otherwise undetectable obfuscated variants of the malware detectable by an existing pre-trained malware classifier. The detection probability was raised well above the cut-off mark to 0.6 for the classifier to detect the obfuscated malware unambiguously. Further, the de-obfuscated variants generated by DRLDO achieved a very high correlation (of ≈ 0.99) with the base malware. This observation validates that the DRLDO system is actually learning to de-obfuscate and not exploiting a trivial trick

Novel Survey on Email Spam Filtering Methods

Spam emails are causing major resource wastage by unnecessarily flooding the network links.The cost of spam is borne mostly by the recipient, so it is a form of postage due advertising. This paper describes how different methods can be used for spam filtering.To protect against unsolicited e-mails there are number of techniques presented with goal of efficient, accurate spam filtering. Few previous spam filters can meet the requirements of being user-friendly, attack-resilient, and personalized. This paper presents a literature survey into the state of research on spam filtering methods and how it is useful for user’s lives

Review on Effective Email Classification for Spam and Non Spam Detection on Various Machine Learning Techniques

Some time email receiver or user receives a email which he does not intended to receive or accept, these kind of emails are nothing but spam emails. In other words the unsolicited bulk email is nothing but the spam. Numbers of emails users are increasing day by day, email users communicate around the world using email and internet. Now days a large volumes of spam emails are causing serious problem for Internet service and Internet users. This affects or degrades user search experience, which assists propagation of virus in network or grid, this will increases load on traffic in the network. It also wastes valuable time of user, user’s energy for appropriate emails among the spam emails. To avoiding such spam there are so many traditional anti spam techniques includes, rule based system, White list and DNS black holes, IP blacklist, Heuristic based filter, Bayesian based filters. All these techniques are based on links of the mail or content of the email. In this paper, we conferred our study on various existing techniques on spam detection and finding the effective, accurate, and reliable spam detection technique. DOI: 10.17762/ijritcc2321-8169.150315

Pattern Discovery in DNS Query Traffic

AbstractDNS provides a critical function in directing Internet traffic. Traditional rule-based anomaly or intrusion detection methods are not able to update the rules dynamically. Data mining based approaches can find various patterns in massive dynamic query traffic data. In this paper, a novel periodic trend mining method is proposed, as well as a periodic trend pattern based traffic prediction method. Clustering is adopted to partition numerous domain names into separate groups by the characteristics of their query traffic time series. Experimental results on a real-word DNS log indicate data mining based approaches are promising in the domain of DNS service

A Survey of Email Spam Filtering Methods

E-mail is one of the most secure medium for online communication and transferring data or messages through the web. An overgrowing increase in popularity, the number of unsolicited data has also increased rapidly. To filtering data, different approaches exist which automatically detect and remove these untenable messages. There are several numbers of email spam filtering technique such as Knowledge-based technique, Clustering techniques, Learning based technique, Heuristic processes and so on. This paper illustrates a survey of different existing email spam filtering system regarding Machine Learning Technique (MLT) such as Naive Bayes, SVM, K-Nearest Neighbor, Bayes Additive Regression, KNN Tree, and rules. However, here we present the classification, evaluation and comparison of different email spam filtering system Keywords: e-mail spam, spam filtering methods, machine learning technique, classification, SVM, AN