Capturing Malware Behaviour with Ontology-based Knowledge Graphs

Chowdhury, Ipshita Roy; Bhowmik, Deepayan

doi:10.1109/dsc54232.2022.9888860

Cited by 3 publications

(2 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cybersecurity is one of the major application areas of graph-based representations where they are mostly used for malware and ransomware attacks analysis [7]. Experts rely on these representations to model the complex relationships between the different components of these attacks [10], while the analysis of the structure of these graphs allows understanding of the dynamics of these attacks [11]. Graph-based representations are mostly beneficial because they can portray the complex relationships between different entities involved in complex attacks; they can be used by scholars to model the propagation of malware through networks of targeted systems [11] [7].…”

Section: Previous Studiesmentioning

confidence: 99%

“…Graph-based representations are mostly beneficial because they can portray the complex relationships between different entities involved in complex attacks; they can be used by scholars to model the propagation of malware through networks of targeted systems [11] [7]. Many scholars have tried to use knowledge representation techniques in many fields within cybersecurity; for instance, the study by some scholars [11][12][13] have reported the development of ontologies for cyberattacks' modelling on cyber supply chain systems, where these ontologies serve as a structured approach for depicting the relationships between the involved entities involved in the attacks. The nature of these cyber supply chain attacks can be understood via analysis of these ontologies.…”

Section: Previous Studiesmentioning

confidence: 99%

See 1 more Smart Citation

An Improved Knowledge Graph Representation for Ransomware Attacks Using LSTM-Based Named Entity Relation Technique and Twitter Data

Munshid

2024

jes

View full text Add to dashboard Cite

This research aims to examine the challenges associated with ransomware knowledge and develop a knowledge graph of ransomware attacks utilizing Twitter data. Ransomware is a constantly evolving global threat. The three main steps involved in the development of a knowledge graph from informal text are data collection and preprocessing, features extraction, and relation extraction. A ransomware ontology previously proposed has been used in this work for the extraction of the ransomware entities from unstructured data; this is aimed at making it fit the attacks reported on Twitter. The next process is the identification of the existing relationships in the dataset for the knowledge graph construction; the output of the process, which is the developed knowledge graph is evaluated for accuracy using a tracing technique to demonstrate its efficacy.

show abstract

Section: Previous Studiesmentioning

confidence: 99%

Section: Previous Studiesmentioning

confidence: 99%

An Improved Knowledge Graph Representation for Ransomware Attacks Using LSTM-Based Named Entity Relation Technique and Twitter Data

Munshid

2024

jes

View full text Add to dashboard Cite

show abstract

Ontology-Based Layered Rule-Based Network Intrusion Detection System for Cybercrimes Detection

Ayo,

Awotunde,

Ogundele

et al. 2024

Knowl Inf Syst

View full text Add to dashboard Cite

APKOWL: An Automatic Approach to Enhance the Malware Detection

et al. 2023

View full text Add to dashboard Cite

Malicious software (malware) can steal passwords, leak details, and generally cause havoc with users’ accounts. Most of the current malware detection techniques are designed to detect malware at the code level of the software, where it is actually infected and causes damage. Additionally, current malware detection techniques at the design level are done manually or semi-automatically. This research aims to enhance these methods to detect malware at the design level automatically with a big dataset. The proposed method presents an automatic system for detecting SMS (Short Message Service) malware at the design which is called APKOWL. It is based on reverse engineering of the mobile application and then automatically builds OWL (web ontology Language) ontology. The proposed system is implemented in python and Protégé, and its performance has been tested and evaluated on samples of android mobile applications including 3,904 malware and 3,200 benign samples. The experimental results successfully verify the effectiveness of the proposed method because it has good performance in detecting SMS malware at the software design level. The proposed method obtained an accuracy of 97%, precision of 97.5%, and recall of 99%, outperforming the compared model in all performance metrics.

show abstract

Capturing Malware Behaviour with Ontology-based Knowledge Graphs

Cited by 3 publications

References 26 publications

An Improved Knowledge Graph Representation for Ransomware Attacks Using LSTM-Based Named Entity Relation Technique and Twitter Data

An Improved Knowledge Graph Representation for Ransomware Attacks Using LSTM-Based Named Entity Relation Technique and Twitter Data

Ontology-Based Layered Rule-Based Network Intrusion Detection System for Cybercrimes Detection

APKOWL: An Automatic Approach to Enhance the Malware Detection

Contact Info

Product

Resources

About