3 research outputs found
Recommended from our members
A Cloud-Based Intelligent and Energy Efficient Malware Detection Framework. A Framework for Cloud-Based, Energy Efficient, and Reliable Malware Detection in Real-Time Based on Training SVM, Decision Tree, and Boosting using Specified Heuristics Anomalies of Portable Executable Files
The continuity in the financial and other related losses due to cyber-attacks prove the substantial growth of malware and their lethal proliferation techniques. Every successful malware attack highlights the weaknesses in the defence mechanisms responsible for securing the targeted computer or a network. The recent cyber-attacks reveal the presence of sophistication and intelligence in malware behaviour having the ability to conceal their code and operate within the system autonomously. The conventional detection mechanisms not only possess the scarcity in malware detection capabilities, they consume a large amount of resources while scanning for malicious entities in the system. Many recent reports have highlighted this issue along with the challenges faced by the alternate solutions and studies conducted in the same area. There is an unprecedented need of a resilient and autonomous solution that takes proactive approach against modern malware with stealth behaviour. This thesis proposes a multi-aspect solution comprising of an intelligent malware detection framework and an energy efficient hosting model. The malware detection framework is a combination of conventional and novel malware detection techniques. The proposed framework incorporates comprehensive feature heuristics of files generated by a bespoke static feature extraction tool. These comprehensive heuristics are used to train the machine learning algorithms; Support Vector Machine, Decision Tree, and Boosting to differentiate between clean and malicious files. Both these techniques; feature heuristics and machine learning are combined to form a two-factor detection mechanism. This thesis also presents a cloud-based energy efficient and scalable hosting model, which combines multiple infrastructure components of Amazon Web Services to host the malware detection framework. This hosting model presents a client-server architecture, where client is a lightweight service running on the host machine and server is based on the cloud. The proposed framework and the hosting model were evaluated individually and combined by specifically designed experiments using separate repositories of clean and malicious files. The experiments were designed to evaluate the malware detection capabilities and energy efficiency while operating within a system. The proposed malware detection framework and the hosting model showed significant improvement in malware detection while consuming quite low CPU resources during the operation
CloudIntell: An intelligent malware detection system
YesEnterprises and individual users heavily rely on the abilities of antiviruses and
other security mechanisms. However, the methodologies used by such software
are not enough to detect and prevent most of the malicious activities and also
consume a huge amount of resources of the host machine for their regular oper-
ations. In this paper, we propose a combination of machine learning techniques
applied on a rich set of features extracted from a large dataset of benign and
malicious les through a bespoke feature extraction tool. We extracted a rich
set of features from each le and applied support vector machine, decision tree,
and boosting on decision tree to get the highest possible detection rate. We also
introduce a cloud-based scalable architecture hosted on Amazon web services to
cater the needs of detection methodology. We tested our methodology against
di erent scenarios and generated high achieving results with lowest energy con-
sumption of the host machine
Recommended from our members
Cyber-Attack Modeling Analysis Techniques: An Overview
YesCyber attack is a sensitive issue in the world
of Internet security. Governments and business organisations
around the world are providing enormous effort to secure their
data. They are using various types of tools and techniques to
keep the business running, while adversaries are trying to breach
security and send malicious software such as botnets, viruses,
trojans etc., to access valuable data. Everyday the situation is
getting worse because of new types of malware emerging to attack
networks. It is important to understand those attacks both before
and after they happen in order to provide better security to
our systems. Understanding attack models provide more insight
into network vulnerability; which in turn can be used to protect
the network from future attacks. In the cyber security world, it
is difficult to predict a potential attack without understanding
the vulnerability of the network. So, it is important to analyse
the network to identify top possible vulnerability list, which will
give an intuitive idea to protect the network. Also, handling an
ongoing attack poses significant risk on the network and valuable
data, where prompt action is necessary. Proper utilisation of
attack modelling techniques provide advance planning, which
can be implemented rapidly during an ongoing attack event. This
paper aims to analyse various types of existing attack modelling
techniques to understand the vulnerability of the network; and
the behaviour and goals of the adversary. The ultimate goal is to
handle cyber attack in efficient manner using attack modelling
techniques