Enhancing Cyber-Resilience for Small and Medium-Sized Organizations with Prescriptive Malware Analysis, Detection and Response

Ilca, Lucian Florin; Lucian, Ogruţan Petre; Balan, Titus Constantin

doi:10.3390/s23156757

Cited by 14 publications

(10 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Sandboxing with integrated threat intelligence represents a sophisticated and effective approach to malware analysis and detection by combining isolated environments with up-to-date threat intelligence [70][71][72]. This method offers a comprehensive and dynamic means of understanding and identifying malicious software.…”

Section: Sandboxing With Threat Intelligence Integrationmentioning

confidence: 99%

See 1 more Smart Citation

Deep learning-powered malware detection in cyberspace: a contemporary review

Redhu,

Choudhary,

Srinivasan

et al. 2024

Front. Phys.

View full text Add to dashboard Cite

This article explores deep learning models in the field of malware detection in cyberspace, aiming to provide insights into their relevance and contributions. The primary objective of the study is to investigate the practical applications and effectiveness of deep learning models in detecting malware. By carefully analyzing the characteristics of malware samples, these models gain the ability to accurately categorize them into distinct families or types, enabling security researchers to swiftly identify and counter emerging threats. The PRISMA 2020 guidelines were used for paper selection and the time range of review study is January 2015 to Dec 2023. In the review, various deep learning models such as Recurrent Neural Networks, Deep Autoencoders, LSTM, Deep Neural Networks, Deep Belief Networks, Deep Convolutional Neural Networks, Deep Generative Models, Deep Boltzmann Machines, Deep Reinforcement Learning, Extreme Learning Machine, and others are thoroughly evaluated. It highlights their individual strengths and real-world applications in the domain of malware detection in cyberspace. The review also emphasizes that deep learning algorithms consistently demonstrate exceptional performance, exhibiting high accuracy and low false positive rates in real-world scenarios. Thus, this article aims to contribute to a better understanding of the capabilities and potential of deep learning models in enhancing cybersecurity efforts.

show abstract

Section: Sandboxing With Threat Intelligence Integrationmentioning

confidence: 99%

“…In the field of malware detection using deep learning, there are several challenges that need to be addressed and promising avenues for future research [23, [73][74][75][76][77][78][79][80][81][82][83][84][85]. Figure 5 illustrates the open challenges associated with the deep learning-powered malware detection in cyberspace.…”

Section: Open Challengesmentioning

confidence: 99%

Deep learning-powered malware detection in cyberspace: a contemporary review

Redhu,

Choudhary,

Srinivasan

et al. 2024

Front. Phys.

View full text Add to dashboard Cite

show abstract

“…The importance of the challenges is emphasized by many valuable features to both customers and organizations, including reduced expenses, improved productivity, rapidity, reliability, efficiency, and security. The application that is intended to harm and destroy systems and devices is known as intrusive malware, or malware [2]. Some common types of malwares include malicious software, spyware, viruses infections, and rootkits.…”

Section: Introductionmentioning

confidence: 99%

Kernel rootkit detection multi class on deep learning techniques

Srinivasan,

Thalavaipillai

2024

Bulletin EEI

View full text Add to dashboard Cite

The harmful code application known as a rootkit is designed to be loaded and run directly from the operating system's (OSs') Kernel. Rootkits deployed in the Kernel, called Kernel-mode rootkits, can alter the OS. The intention behind these Kernel changes is to conceal the hack. Detecting a Kernel rootkit in a target machine is found to be quite challenging. Numerous techniques can be employed to modify the Kernel of a system. Kernel rootkits also create hidden access for attacks, enabling unauthorized entry to be gained by attackers on the machine. The ultimate consequence is that essential computer data can be modified, personal information can be gathered, and hackers can observe behavior. Synthetic neural networks support artificial intelligence, a branch of deep learning that models the human brain and operates on large datasets. This study proposed the Kernel rootkit detection multi-class deep learning techniques (KRDMCDLT). Deep learning algorithms are utilized to recognize the Kernel rootkit from a batch of data by selecting essential properties for learning tracking models. Thus, by identifying the OS malware, trojan assaults can be stopped before they can access infected data. This Kernel rootkit detection was tested in a Google Cloud Platform (GCP) computing system.

show abstract

“…A VMware system is an information technology solution that creates and manages computer instances virtual machines (VMs) using VMware's virtualization technologies [1]. Because virtual systems allow for the abstraction and distribution of physical hardware components like the central processing unit, memory, storage, and the internet they can be flexible, effective, and scalable in a VMware context.…”

Section: Introductionmentioning

confidence: 99%

Kernel rootkit prevention model using multiclass

Srinivasan,

Thalavaipillai

2024

IJRES

View full text Add to dashboard Cite

Malicious individuals can access a computer network or application thanks to a series of programmes known as rootkit malware. These kernel rootkits use covert methods to conceal the kernel components, various control frameworks, and system activities, making identifying or prohibiting their presence in the target machine challenging. The bulk of rootkit detection and prevention techniques used today are particular to a system and dependent on recognized sources, making them ineffective for growing, evolving, concealed, or unnamed rootkits. This study proposes using the kernel rootkit prevention model using multiclass (KRPMM) system to identify hash values and detect/prevent such rootkits. The file downloaded by the client, who is availing of the service, is not permitted into the node used by the client in the cloud. But, it is redirected to the node wherein the file that has been downloaded and has entered the node anew is examined by a program which is specially coded to test the presence of rootkit in the file by some mechanisms and then comes to a conclusion of either the file being malicious or the file being clean and is free of rootkits. KRPMM tested only 64 rootkits.

show abstract

Enhancing Cyber-Resilience for Small and Medium-Sized Organizations with Prescriptive Malware Analysis, Detection and Response

Cited by 14 publications

References 35 publications

Deep learning-powered malware detection in cyberspace: a contemporary review

Deep learning-powered malware detection in cyberspace: a contemporary review

Kernel rootkit detection multi class on deep learning techniques

Kernel rootkit prevention model using multiclass

Contact Info

Product

Resources

About