<i>Dark-TRACER</i>: Early Detection Framework for Malware Activity Based on Anomalous Spatiotemporal Patterns

Han, Chansu; Takeuchi, Jun’ichi; Takahashi, Takeshi; Inoue, Daisuke

doi:10.1109/access.2022.3145966

Cited by 12 publications

(3 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To solve this issue, we developed an AI-based solution that automatically detects the rise of new malware scanning activities earlier using a large-scale darknet environment (an observation environment using unused IP addresses) [9], [10]. As shown in Fig.…”

Section: Grasping Overall Iotmentioning

confidence: 99%

“…6, this method focuses on the fact that scanning behavior from hosts infected with the same malware exhibits synchronized characteristics in terms of scanning methods, timing, etc., since the same scan transmission module is used to perform the scan. In other words, when synchronized scan behaviors are detected on the darknet, it can be determined that the group of hosts emitting those scans are infected with the same malware [10]. By using this method, we believe it is possible to catch signs of new malware activity at the earliest possible stage, detect infected host groups, and link this to incident response, including guiding vulnerable equipment users to countermeasures to minimize the damage caused by the malware.…”

Section: Grasping Overall Iotmentioning

confidence: 99%

See 1 more Smart Citation

Mitigate: Toward Comprehensive Research and Development for Analyzing and Combating IoT Malware

NAKAO,

YOSHIOKA,

SASAKI

et al. 2023

IEICE Trans. Inf. & Syst.

Self Cite

View full text Add to dashboard Cite

In this paper, we developed the latest IoT honeypots to capture IoT malware currently on the loose, analyzed IoT malware with new features such as persistent infection, developed malware removal methods to be provided to IoT device users. Furthermore, as attack behaviors using IoT devices become more diverse and sophisticated every year, we conducted research related to various factors involved in understanding the overall picture of attack behaviors from the perspective of incident responders. As the final stage of countermeasures, we also conducted research and development of IoT malware disabling technology to stop only IoT malware activities in IoT devices and IoT system disabling technology to remotely control (including stopping) IoT devices themselves.

show abstract

Section: Grasping Overall Iotmentioning

confidence: 99%

Section: Grasping Overall Iotmentioning

confidence: 99%

Mitigate: Toward Comprehensive Research and Development for Analyzing and Combating IoT Malware

NAKAO,

YOSHIOKA,

SASAKI

et al. 2023

IEICE Trans. Inf. & Syst.

Self Cite

View full text Add to dashboard Cite

show abstract

“…Han.Cet al, [11] proposed the model by combining three different machine learning techniques into a single framework called Dark-TRACER, they have proposed algorithms that automatically estimate and detect anomalous spatiotemporal patterns of darknet traffic in real time. They also conducted quantitative experiments to assess this framework's capacity to detect these malware activities.…”

Section: Related Workmentioning

confidence: 99%

A Survey on Deep Learning Techniques for Darknet Traffic Malware Detection

Cynthia¹

2023

IJSREM

View full text Add to dashboard Cite

Encrypted data that is sent over Tor or a VPN is referred to as "darknet traffic." In order to identify network activity brought on by a cyberattack, it is crucial to be able to recognise, find, and explain darknet activities. Cyberattacks that pose a serious danger to network security and management can be effectively observed through darknet monitoring and classification. Despite the fact that many surveys were conducted on network traffic classification using machine learning techniques, only a small number of researchers have the means to review their work on classifying network traffic using deep learning techniques. In this article, we introduce a novel idea for research on the classification of malware used in darknet traffic that uses Deep Learning techniques, which will aid researchers in improving their surveys. First, based on the survey, we chose a few techniques, including Deep Neural Network (DNN), Convolution Neural Network (CNN), Recurrent Neural Network (RNN), and AutoEncoder (AE) that have proven to be more effective in recent study. Second, the dataset CIC-DarkNet-2020, which contains a variety of darknet activities including VPN and TOR traffic, is used to develop the models. Finally, after analysing the information, we discovered the best Deep Learning Model for classifying Darknet traffic, which has the potential to enhance the efficiency of malware variant detection using constrained system and network resources. Index Terms – Darknet, DNN, CNN, RNN, AE, Deep Learning, Classifying Darknet.

show abstract

Association rule learning for threat analysis using traffic analysis and packet filtering approach

Rawat

Chakrawarti²,

Raj

et al. 2023

Int. j. inf. tecnol.

View full text Add to dashboard Cite

Dark-TRACER: Early Detection Framework for Malware Activity Based on Anomalous Spatiotemporal Patterns

Cited by 12 publications

References 45 publications

Mitigate: Toward Comprehensive Research and Development for Analyzing and Combating IoT Malware

Mitigate: Toward Comprehensive Research and Development for Analyzing and Combating IoT Malware

A Survey on Deep Learning Techniques for Darknet Traffic Malware Detection

Association rule learning for threat analysis using traffic analysis and packet filtering approach

Contact Info

Product

Resources

About