An Attribute Extraction for Automated Malware Attack Classification and Detection Using Soft Computing Techniques

Albishry, Nabeel; AlGhamdi, Rayed; Almalawi, Abdulmohsen; Khan, Asif Irshad; Kshirsagar, Pravin R.; Debtera, Baru

doi:10.1155/2022/5061059

Cited by 8 publications

(4 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the feature extraction was not performed. Soft Computing Techniques were utilized in Albishry et al 54 for attribute extraction. However, the dimensionality was higher.…”

Section: Proposed Methodologymentioning

confidence: 99%

Artificial intelligence enabled Luong Attention and Hosmer Lemeshow Regression Window‐based attack detection in 6G

Bhuvaneshwari¹,

Balusamy

Dhanaraj

et al. 2023

Int J Communication

View full text Add to dashboard Cite

SummaryRegardless of the developments of networking and communication technologies, security is without exception a predominant feature to ensure network reliability. The future sixth‐generation (6G) network is anticipated to be carried out with artificial intelligence (AI) powered communication via machine learning (ML), post‐quantum cryptography, and so on. AI‐powered communication has been in recent years utilized in enhancing network traffic performance with respect to resource management, optimal frequency spectrum design, security, and latency. The studies of modern wireless communications and anticipated features of 6G networks revealed a prerequisite for designing a trustworthy attack detection mechanism. In this work, a method called, Luong Attention and Hosmer Lemeshow Regression Window‐based (LA‐HLRW) attack detection in 6G is proposed. Initially, with the raw Botnet Attack dataset obtained as input, preprocessing is performed to normalize network traffic features. Next, the dimensionality of network traffic feature of large‐scale network traffic data is reduced using the Luong Attention integrated with Long Short Term Memory (LSTM)‐based Feature extraction model. Finally, with the objective of classifying network traffic samples for attack detection in 6G, we analyze the low dimensional network traffic feature set produced by Luong Attention integrated with LSTM using the Hosmer Lemeshow Logistic Regression Window‐based Attack Detection model. Extensive experiments are performed with the Botnet Attack dataset to validate the efficiency of the proposed LA‐HLRW method by using different parameters such as attack detection accuracy, attack detection time, precision, and recall. The overall analysis of proposed LA‐HLRW results significantly reduced the attack detection time by 24%, and additionally improved attack detection accuracy, precision, and recall by 5%, 5%, and 6% as compared to existing attack detection methods respectively.

show abstract

“…However, the feature extraction was not performed. Soft Computing Techniques were utilized in Albishry et al 54 for attribute extraction. However, the dimensionality was higher.…”

Section: Proposed Methodologymentioning

confidence: 99%

Artificial intelligence enabled Luong Attention and Hosmer Lemeshow Regression Window‐based attack detection in 6G

Bhuvaneshwari¹,

Balusamy

Dhanaraj

et al. 2023

Int J Communication

View full text Add to dashboard Cite

show abstract

“…Daeef et al [27] proposed a method to uncover the underlying patterns of malicious behaviour among different malware families by utilising the Jaccard index and visualisation techniques. J. Singh et al [28] and Albishry et al [29] explained how ML techniques have been widely utilised in the field of malware detection. These techniques involve training classification algorithms using features extracted from malware samples.…”

Section: Related Workmentioning

confidence: 99%

Dynamic Malware Classification and API Categorisation of Windows Portable Executable Files Using Machine Learning

Syeda,

Asghar

2024

Applied Sciences

View full text Add to dashboard Cite

The rise of malware attacks presents a significant cyber-security challenge, with advanced techniques and offline command-and-control (C2) servers causing disruptions and financial losses. This paper proposes a methodology for dynamic malware analysis and classification using a malware Portable Executable (PE) file from the MalwareBazaar repository. It suggests effective strategies to mitigate the impact of evolving malware threats. For this purpose, a five-level approach for data management and experiments was utilised: (1) generation of a customised dataset by analysing a total of 582 malware and 438 goodware samples from Windows PE files; (2) feature extraction and feature scoring based on Chi2 and Gini importance; (3) empirical evaluation of six state-of-the-art baseline machine learning (ML) models, including Logistic Regression (LR), Support Vector Machine (SVM), Naive Bayes (NB), Random Forest (RF), XGBoost (XGB), and K-Nearest Neighbour (KNN), with the curated dataset; (4) malware family classification using VirusTotal APIs; and, finally, (5) categorisation of 23 distinct APIs from 266 malware APIs. According to the results, Gini’s method takes a holistic view of feature scoring, considering a wider range of API activities. The RF achieved the highest precision of 0.99, accuracy of 0.96, area under the curve (AUC) of 0.98, and F1-score of 0.96, with a 0.93 true-positive rate (TPR) and 0.0098 false-positive rate (FPR), among all applied ML models. The results show that Trojans (27%) and ransomware (22%) are the most risky among 11 malware families. Windows-based APIs (22%), the file system (12%), and registry manipulation (8.2%) showcased their importance in detecting malicious activity in API categorisation. This paper considers a dual approach for feature reduction and scoring, resulting in an improved F1-score (2%), and the inclusion of AUC and specificity metrics distinguishes it from existing research (Section Comparative Analysis with Existing Approaches). The newly generated dataset is publicly available in the GitHub repository (Data Availability Statement) to facilitate aspirant researchers’ dynamic malware analysis.

show abstract

“…Meanwhile, machine learning techniques were largely employed in malware detection [29,30]. Malware samples were examined and the extracted features are used to train the classification algorithm.…”

Section: Related Workmentioning

confidence: 99%

Tree-Based Classifier Ensembles for PE Malware Analysis: A Performance Revisit

Louk

Tama

2022

Algorithms

View full text Add to dashboard Cite

Given their escalating number and variety, combating malware is becoming increasingly strenuous. Machine learning techniques are often used in the literature to automatically discover the models and patterns behind such challenges and create solutions that can maintain the rapid pace at which malware evolves. This article compares various tree-based ensemble learning methods that have been proposed in the analysis of PE malware. A tree-based ensemble is an unconventional learning paradigm that constructs and combines a collection of base learners (e.g., decision trees), as opposed to the conventional learning paradigm, which aims to construct individual learners from training data. Several tree-based ensemble techniques, such as random forest, XGBoost, CatBoost, GBM, and LightGBM, are taken into consideration and are appraised using different performance measures, such as accuracy, MCC, precision, recall, AUC, and F1. In addition, the experiment includes many public datasets, such as BODMAS, Kaggle, and CIC-MalMem-2022, to demonstrate the generalizability of the classifiers in a variety of contexts. Based on the test findings, all tree-based ensembles performed well, and performance differences between algorithms are not statistically significant, particularly when their respective hyperparameters are appropriately configured. The proposed tree-based ensemble techniques also outperformed other, similar PE malware detectors that have been published in recent years.

show abstract

An Attribute Extraction for Automated Malware Attack Classification and Detection Using Soft Computing Techniques

Cited by 8 publications

References 27 publications

Artificial intelligence enabled Luong Attention and Hosmer Lemeshow Regression Window‐based attack detection in 6G

Artificial intelligence enabled Luong Attention and Hosmer Lemeshow Regression Window‐based attack detection in 6G

Dynamic Malware Classification and API Categorisation of Windows Portable Executable Files Using Machine Learning

Tree-Based Classifier Ensembles for PE Malware Analysis: A Performance Revisit

Contact Info

Product

Resources

About