Deep learning-powered malware detection in cyberspace: a contemporary review

Cyber threats are becoming more advanced, and so is cybersecurity, which is getting more intellectual and better at hiding its presence. The requirement to achieve the balance between proactive resistive and threat-hunting measures in this dynamic environment is very high. Part four outlines how new AI techniques enable the design of the existing processes for hunting potential threats. The main objective is to digress into the core principles of threat hunting, starting from being proactive and including scenarios of deducing the clues based on the hypothesis. Then, the authors will highlight the limitations of conventional methods in detecting the gimmicks that fool even skilled hunters with an unseen threat that is smoking hiddenly in a never-ending evolutionary process. Two well-studied approaches for tackling these challenges are generative models like generative adversarial networks (GANs) and variational autoencoders (VAEs).

show abstract

Detecting and Analyzing Network Attacks: A Time-Series Analysis Using the Kitsune Dataset

Abu Khalil,

Abuzir

2024

JECT

View full text Add to dashboard Cite

Network security is a critical concern in today’s digital world, requiring efficient methods for the automatic detection and analysis of cyber attacks. This study uses the Kitsune Network Attack Dataset to explore network traffic behavior for IoT devices under various attack scenarios, including ARP MitM, SYN DoS, and Mirai Botnet. Utilizing Python-based data analysis tools, we preprocess and analyze millions of network packets to uncover patterns indicative of malicious activities. The study employs packet-level time-series analysis to visualize traffic patterns and detect anomalies specific to each attack type. Key findings include high packet volumes in attacks such as SSDP Flood and Mirai Botnet, with the Mirai Botnet attack involving multiple IP addresses and lasting over 2 hours. Notable attack-specific behaviors include high traffic on port -1 and targeted traffic on specific ports like 53195. The SYN DoS and Mirai Botnet attacks are characterized by their prolonged durations, suggesting significant disruption. Overall, the study highlights distinctive attack patterns and underscores the importance of understanding these characteristics to enhance detection and response mechanisms.

show abstract

Deep learning-powered malware detection in cyberspace: a contemporary review

Cited by 3 publications

References 133 publications

A Deep Learning Framework for Malware Classification using NLP Techniques

A Deep Learning Framework for Malware Classification using NLP Techniques

Generative AI for Threat Hunting and Behaviour Analysis

Detecting and Analyzing Network Attacks: A Time-Series Analysis Using the Kitsune Dataset

Contact Info

Product

Resources

About