Mitigating Threats in a Corporate Network with a Taintcheck-Enabled Honeypot

Conventional network security tools such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), anti-virus, antispyware and anti-malware integrated with firewalls generate a lot of false positives that make computer network system administration cumbersome. This paper proposes a novel mechanism comprising of taintcheck for dynamic analysis of buffer overflow attack using synthetic exploit and hybrid honeypot for scanning, detecting, identifying attackers and signature generation. In this framework, Noah’s attack detection is used as a template. Upon testing, the practicality of the proposed framework was found to be more effective than other conventional network security tools as it effectively and comprehensively mitigates against threats and reported zero-day attacks with fewer false positives

Optimum parameter machine learning classification and prediction of Internet of Things (IoT) malwares using static malware analysis techniques

Application of machine learning in the field of malware analysis is not a new concept, there have been lots of researches done on the classification of malware in android and windows environments. However, when it comes to malware analysis in the internet of things (IoT), it still requires work to be done. IoT was not designed to keeping security/privacy under consideration. Therefore, this area is full of research challenges. This study seeks to evaluate important machine learning classifiers like Support Vector Machines, Neural Network, Random Forest, Decision Trees, Naive Bayes, Bayesian Network, etc. and proposes a framework to utilize static feature extraction and selection processes highlight issues like over-fitting and generalization of classifiers to get an optimized algorithm with better performance. For background study, we used systematic literature review to find out research gaps in IoT, presented malware as a big challenge for IoT and the reasons for applying malware analysis targeting IoT devices and finally perform classification on malware dataset. The classification process used was applied on three different datasets containing file header, program header and section headers as features. Preliminary results show the accuracy of over 90% on file header, program header, and section headers. The scope of this document just discusses these results as initial results and still require some issues to be addressed which may effect on the performance measures