495 research outputs found
Evolution of detectors in neural network immune system for pattern recognition
Секция 9. Распознавание образов, информационные системы управленияIn this paper we present the basic principles of the evolution of detectors in intelligent system for pattern recognition, such as malicious code detection. This system based on integration of both AI methods: artificial neural networks and artificial immune systems. The goal of the evolution is adaptation of detectors to new, unknown malicious code for increasing of quality of detection
Artificial intelligence in the cyber domain: Offense and defense
Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.Web of Science123art. no. 41
AIS for Malware Detection in a Realistic IoT System: Challenges and Opportunities
With the expansion of the digital world, the number of Internet of things (IoT) devices is evolving dramatically. IoT devices have limited computational power and a small memory. Consequently, existing and complex security methods are not suitable to detect unknown malware attacks in IoT networks. This has become a major concern in the advent of increasingly unpredictable and innovative cyberattacks. In this context, artificial immune systems (AISs) have emerged as an effective malware detection mechanism with low requirements for computation and memory. In this research, we first validate the malware detection results of a recent AIS solution using multiple datasets with different types of malware attacks. Next, we examine the potential gains and limitations of promising AIS solutions under realistic implementation scenarios. We design a realistic IoT framework mimicking real-life IoT system architectures. The objective is to evaluate the AIS solutions’ performance with regard to the system constraints. We demonstrate that AIS solutions succeed in detecting unknown malware in the most challenging conditions. Furthermore, the systemic results with different system architectures reveal the AIS solutions’ ability to transfer learning between IoT devices. Transfer learning is a pivotal feature in the presence of highly constrained devices in the network. More importantly, this work highlights that previously published AIS performance results, which were obtained in a simulation environment, cannot be taken at face value. In reality, AIS’s malware detection accuracy for IoT systems is 91% in the most restricted designed system compared to the 99% accuracy rate reported in the simulation experiment
Use of Metaheuristic Algorithms in Malware Detection
Metaheuristic algorithms are the general framework for optimization problems. They are not problem dependent and are heavily deployed in different domains. Due to rise in number of malware, malware detection techniques are updated very often. In the present work different metaheuritics algorithm used in malware detection and are available in the literature are discussed. Metaheuristics algorithm like harmony search, clonal selection, genetic algorithm and Negative selection algorithms are discussed
Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection
Machine learning based solutions have been successfully employed for
automatic detection of malware in Android applications. However, machine
learning models are known to lack robustness against inputs crafted by an
adversary. So far, the adversarial examples can only deceive Android malware
detectors that rely on syntactic features, and the perturbations can only be
implemented by simply modifying Android manifest. While recent Android malware
detectors rely more on semantic features from Dalvik bytecode rather than
manifest, existing attacking/defending methods are no longer effective. In this
paper, we introduce a new highly-effective attack that generates adversarial
examples of Android malware and evades being detected by the current models. To
this end, we propose a method of applying optimal perturbations onto Android
APK using a substitute model. Based on the transferability concept, the
perturbations that successfully deceive the substitute model are likely to
deceive the original models as well. We develop an automated tool to generate
the adversarial examples without human intervention to apply the attacks. In
contrast to existing works, the adversarial examples crafted by our method can
also deceive recent machine learning based detectors that rely on semantic
features such as control-flow-graph. The perturbations can also be implemented
directly onto APK's Dalvik bytecode rather than Android manifest to evade from
recent detectors. We evaluated the proposed manipulation methods for
adversarial examples by using the same datasets that Drebin and MaMadroid (5879
malware samples) used. Our results show that, the malware detection rates
decreased from 96% to 1% in MaMaDroid, and from 97% to 1% in Drebin, with just
a small distortion generated by our adversarial examples manipulation method.Comment: 15 pages, 11 figure
Artificial Intelligence Techniques to Prevent Cyber Attacks on Smart Grids
Energy is one of the main elements that allows society to maintain its living standards and continue as usual. For this reason, the energy distribution is both one of the most important and targeted by attacks Critical Infrastructure. Many of the other Critical Infrastructures rely on energy to work reliably. Some states are particularly interested in getting stealth access to -and take control of- energy production and distribution of other Nations. This way they can create huge disruption and get a significant advantage in case of conflict. In the recent past, we could observe some real-life demonstrations of this fact. The introduction of smart grids and ICT in the management of energy infrastructures has great benefits but also introduces new attack surfaces and ways for attackers to gain control. As a benefit, we can also collect more data and metrics to better understand the state of the grid. New techniques based on Artificial Intelligence and machine learning can take advantage of the available data to help the protection of the infrastructures and detect ongoing threats. Smart Meters which are connected intelligent devices spread over the grid and the geographical distribution of the population. For this reason, they can be very useful data collection assets but also a target for attack. In this paper, the authors consider and analyze various innovative techniques that can be used to enhance the security and reliability of Smart Grids.</p
- …