A Novel Malware Detection System Based On Machine Learning and Binary Visualization

Lecture Notes in Computer Science

Bendiab

et al. 2019

Self Cite

Internet of Things devices have seen a rapid growth and popularity in recent years with many more ordinary devices gaining network capability and becoming part of the ever-growing IoT network. With this exponential growth and the limitation of resources, it is becoming increasingly harder to protect against security threats such as malware due to its evolving faster than the defence mechanisms can handle with. The traditional security systems are not able to detect unknown malware as they use signature-based methods. In this paper, we aim to address this issue by introducing a novel IoT malware traffic analysis approach using neural network and binary visualisation. The prime motivation of the proposed approach is to faster detect and classify new malware (zero-day malware). The experiment results show that our method can satisfy the accuracy requirement of practical application.

Section: Ascii Characters Frequency Throughout Traffic Results and An...mentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: B Traffic Visualisationmentioning

confidence: 99%

Section: B Traffic Visualisationmentioning

confidence: 99%

See 2 more Smart Citations

Malware Squid: A Novel IoT Malware Traffic Analysis Framework Using Convolutional Neural Network and Binary Visualisation

Shire

Lecture Notes in Computer Science

Bendiab

et al. 2019

Self Cite

“…In this paper, we aim to tackle these two main issues by combining the phishing threat with binary visualisation and machine learning. This combination can lead to faster access time with high accuracy as shown in [24]. In [24], binary visualisation and machine learning were used for malware classification with promising results.…”

Section: Related Workmentioning

confidence: 99%

A Novel Approach to Detect Phishing Attacks using Binary Visualisation and Machine Learning

Barlow

Bendiaby

2020 IEEE World Congress on Services (SERVICES)

et al. 2020

Self Cite

Video recording URLs for the "main stage" sessions of IEEE SERVICES 2020 are provided in this document. The video streams are now served by underline.io and could be accessed via registered Underline accounts with IEEE SERVICES 2020 entitlement. IEEE Computer Society is working with Underline Inc. on making the videos available on the Internet with no need for an Underline account.The video URLs are listed on the "sessions" page (https://underline.io/events/30/sessions) as well as on the "schedule" page with track options "Main Stage content" and "Main Stage 2" on the underline.io website for IEEE SERVICES 2020. Below is a list of the URLs.

IoT Malware Network Traffic Classification using Visual Representation and Deep Learning

Bendiab

2020 6th IEEE Conference on Network Softwarization (NetSoft)

Alruban

et al. 2020

Self Cite

With the increase of IoT devices and technologies coming into service, Malware has risen as a challenging threat with increased infection rates and levels of sophistication. Without strong security mechanisms, a huge amount of sensitive data is exposed to vulnerabilities, and therefore, easily abused by cybercriminals to perform several illegal activities. Thus, advanced network security mechanisms that are able of performing a real-time traffic analysis and mitigation of malicious traffic are required. To address this challenge, we are proposing a novel IoT malware traffic analysis approach using deep learning and visual representation for faster detection and classification of new malware (zero-day malware). The detection of malicious network traffic in the proposed approach works at the package level, significantly reducing the time of detection with promising results due to the deep learning technologies used. To evaluate our proposed method performance, a dataset is constructed which consists of 1000 pcap files of normal and malware traffic that are collected from different network traffic sources. The experimental results of Residual Neural Network (ResNet50) are very promising, providing a 94.50% accuracy rate for detection of malware traffic.