Mariia S. Dorosh scite author profile

Mariia S. Dorosh

2Publications

0Citation Statements Received

28Citation Statements Given

How they've been cited

How they cite others

Affiliations

Publications

Order By: Most citations

Functional modeling of the organization’s information securityculture state monitoring system development

Voitsekhovska¹,

Dorosh²,

Grechaninov³

et al. 2022

HAIT

View full text Add to dashboard Cite

The mass transition to remote work, which triggered the quarantine and then military actions on the territory of Ukraine, led to new challenges to increase the level of information protection. In addition, permanent information and cyber-attacks create a persistent danger to physical and information systems. This, in turn, requires a clear understanding of the level of information security of various organizations, especially for critical infrastructure. An important component of the organization's information security is the information security culture of all participants in internal information processes. Such kind of influence is usually called the Human Factor. The paper`s aim reveals with two goals. The first goal is the information processes functional modeling of the information security culture level assessment automation as a part of the overall organization`s security system. The second part consists in the information security system of project (ISSoP) maturity model development to provide the vital level of trust to organization within project activities. The functional model of system development presents a number of separate processes: the formation of questionnaires, data collection, and assessment of information security culture at the personal, department and organizational levels. Defined input and output data, mechanisms, models, methods and control elements for each process. This model can be included as a component of the system for determining the level of the common organization`s information security system. The maturity stages of the information security culture in a project include different Info-Sec activities at various stages of its life cycle. Such kind of activities need to be taken into account while developing organization`s information security systems.

show abstract

Semantic analysis and classification of malware for UNIX-likeoperating systems with the use of machine learning methods

Mishchenko¹,

Dorosh²

2022

AAIT

View full text Add to dashboard Cite

The paper focuses on malware classification, based on semantic analysis of disassembled binaries sections’ opcodes with the use of n-grams, TF-IDF indicator and machine learning algorithms. The purpose of the research is to improve and extend the variety of methods for identifying malware developed for UNIX-likeoperating systems. The taskof the research is to create an algorithm, which can identify the types of threats in malicious binary files using n-grams, TF-IDF indicator and machine learning algorithms. Malware classification process can be based either on static or dynamic signatures. Static signatures can be represented as byte-code sequences, binary-assembled instructions, or importedlibraries. Dynamic signatures can be represented as the sequence of actions made by malware. We will use a static signatures strategy for semantic analysis and classification of malware. In this paper,we will work with binary ELF files, which is the mostcommon executable file type for UNIX-likeoperating systems. For the purpose of this research we gathered 2999 malwareELFfiles, using data from VirusShare and VirusTotal sites, and 959 non malware program files from /usr/bin directory in Linux operatingsystem. Each malware file represents one of 3 malware families: Gafgyt, Mirai, and Lightaidra, which are popular and harmful threats to UNIX systems. Each ELF file in dataset was labelled according to its type. The proposed classification algorithm consists of several preparation steps: disassembly of every ELF binary file from the dataset and semantically processing and vectorizing assembly instructions in each file section. For the settingclassification threshold, the Multinomial Naive Bayes model is used. Using the classification threshold, we define the sizefor n-grams and the section of the file, which will give the best classification results. For obtaining the best score, multiple machine learning models, along with hyperparameter optimization, will be used. As a metric of the accuracy of the designed algorithm, mean accuracy and weighted F1 score are used. Stochastic gradient descent for SVM model was selected as the best performing ML model, based on the obtained experimental results.Developed algorithm was experimentally proved to be effective for classifying malware for UNIX operating systems. Results were analyzed and used for making conclusions and suggestions for future work

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mariia S. Dorosh

Functional modeling of the organization’s information securityculture state monitoring system development

Semantic analysis and classification of malware for UNIX-likeoperating systems with the use of machine learning methods

Contact Info

Product

Resources

About