4 research outputs found
Mitigating Threats in a Corporate Network with a Taintcheck-Enabled Honeypot
Conventional network security tools such as Intrusion Detection Systems (IDS),
Intrusion Prevention Systems (IPS), anti-virus, antispyware and anti-malware
integrated with firewalls generate a lot of false positives that make computer network
system administration cumbersome. This paper proposes a novel mechanism
comprising of taintcheck for dynamic analysis of buffer overflow attack using synthetic
exploit and hybrid honeypot for scanning, detecting, identifying attackers and signature
generation. In this framework, Noah’s attack detection is used as a template. Upon
testing, the practicality of the proposed framework was found to be more effective than
other conventional network security tools as it effectively and comprehensively
mitigates against threats and reported zero-day attacks with fewer false positives
Optimum parameter machine learning classification and prediction of Internet of Things (IoT) malwares using static malware analysis techniques
Application of machine learning in the field of malware analysis is not a new concept, there have been lots of researches done on the classification of malware in android and windows environments. However, when it comes to malware analysis in the internet of things (IoT), it still requires work to be done. IoT was not designed to keeping security/privacy under consideration. Therefore, this area is full of research challenges. This study seeks to evaluate important machine learning classifiers like Support Vector Machines, Neural Network, Random Forest, Decision Trees, Naive Bayes, Bayesian Network, etc. and proposes a framework to utilize static feature extraction and selection processes highlight issues like over-fitting and generalization of classifiers to get an optimized algorithm with better performance. For background study, we used systematic literature review to find out research gaps in IoT, presented malware as a big challenge for IoT and the reasons for applying malware analysis targeting IoT devices and finally perform classification on malware dataset. The classification process used was applied on three different datasets containing file header, program header and section headers as features. Preliminary results show the accuracy of over 90% on file header, program header, and section headers. The scope of this document just discusses these results as initial results and still require some issues to be addressed which may effect on the performance measures