Logistic regression for polymorphic malware detection using ANOVA F-test

Kumar, Brijesh; H, Naveen; Kumar, B. Praveen; Sharma, Sai Shyam; Villegas, Jaime Eduardo Bernal

doi:10.1109/iciiecs.2017.8275880

Cited by 13 publications

(9 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Logistic regression is an algorithm that can be used to classify if the data is malware (1) or not (0). Kumar et al [47] used a training set that allows for the data to be organized into a confusion matrix (See Table 1). The True Positive (TP) in this case would be that the traffic would be actual malware, False Positive (FP) is non-botnet packets being incorrectly labelled as a botnet.…”

Section: Machine Learning Based Detectionmentioning

confidence: 99%

“…True Negative (TN) is data packets that are correctly labelled as non-botnets, while False Negative (FN) is actual botnet data being treated as non-botnet data. To ensure that the predictions are accurate Kumar et al [47] proposed the use of Precision which is where the True Positive is divided by the sum of both the True and False Positives to determine how precise the matrix is creating the formula of (p = TP/FP). The recall is also considered where the True Positive is divided by the sum of True Positive and False Negative (R = TP/(TP + FN)) [48].…”

Section: Machine Learning Based Detectionmentioning

confidence: 99%

“…The results of potential phishing emails are shown through a confusion matrix labelling each as a TP would be equal to a spam email, TN would be treated as a non-spam email FP is where an email is classified as a spam email but not, and FN is an email that is spam but is classified as a non-spam email (See Table 2). Although relating to Kumar et al [47], precision and recall can be used to mitigate the incorrect classifications from the first model and then implement said corrections to the newer models along with applying weights to help with strengthening the weaker areas of the regression.…”

Section: Phishing Detectionmentioning

confidence: 99%

See 2 more Smart Citations

A Survey on Botnets, Issues, Threats, Methods, Detection and Prevention

Owen

Zarrin

Pour

2022

JCP

View full text Add to dashboard Cite

Botnets have become increasingly common and progressively dangerous to both business and domestic networks alike. Due to the Covid-19 pandemic, a large quantity of the population has been performing corporate activities from their homes. This leads to speculation that most computer users and employees working remotely do not have proper defences against botnets, resulting in botnet infection propagating to other devices connected to the target network. Consequently, not only did botnet infection occur within the target user’s machine but also neighbouring devices. The focus of this paper is to review and investigate current state of the art and research works for both methods of infection, such as how a botnet could penetrate a system or network directly or indirectly, and standard detection strategies that had been used in the past. Furthermore, we investigate the capabilities of Artificial Intelligence (AI) to create innovative approaches for botnet detection to enable making predictions as to whether there are botnets present within a network. The paper also discusses methods that threat-actors may be used to infect target devices with botnet code. Machine learning algorithms are examined to determine how they may be used to assist AI-based detection and what advantages and disadvantages they would have to compare the most suitable algorithm businesses could use. Finally, current botnet prevention and countermeasures are discussed to determine how botnets can be prevented from corporate and domestic networks and ensure that future attacks can be prevented.

show abstract

Section: Machine Learning Based Detectionmentioning

confidence: 99%

Section: Machine Learning Based Detectionmentioning

confidence: 99%

Section: Phishing Detectionmentioning

confidence: 99%

See 1 more Smart Citation

A Survey on Botnets, Issues, Threats, Methods, Detection and Prevention

Owen

Zarrin

Pour

2022

JCP

View full text Add to dashboard Cite

show abstract

“…In [7], a machine learning model is presented to capture the complex patterns of polymorphic malware and benign files. This model uses logistic regression with ANOVA F-Test and snort.…”

Section: Evaluation Of Existing Techniquesmentioning

confidence: 99%

Taxonomy-Based Intelligent Malware Detection Framework

Mirza

Hussain

Awan

et al. 2019

2019 IEEE Global Communications Conference (GLOBECOM)

View full text Add to dashboard Cite

Timely detection of a malicious piece of code accurately, in an enterprise network or in an individual device, before it propagates and mutate itself, is one of the most challenging tasks in the domain of cyber security. Millions of variants of each latest malware are released every day and each of these variants have a unique static signature. Conventional anti-malware tools use signatures and static heuristics of malware to segregate them from legitimate files, which is not an effective technique because of the number of malware variants released every passing day. To overcome the fundamental flaw of operational techniques, we propose a framework that generalizes the static and dynamic malware features that are used to train multiple machine learning algorithms. The generalization of clean and malicious features enables the framework to accurately differentiate between clean and malicious files.

show abstract

“…Automated techniques such as machine learning (ML) and deep learning (DL) techniques are considered as potential tools for malware detection because of their superior generalization capacity (El Merabet&Hajraoui, 2019) [12]. Different ML algorithms such as support vector machine (SVM) (Rashidi et al, 2017) [13], Decision Trees (DT) (Zulkifli et al, 2018) [14], Logistic Regression (LR) (Kumar et al, 2017) [15], are used widely in different malware detection approaches. However, conventional ML algorithms depend mainly on feature extraction and feature learning mechanisms which require expert domain knowledge (Raff et al, 2018) [16] (Rhode et al, 2018) [17].…”

Section: Introductionmentioning

confidence: 99%

A Novel Malware Detection Approach Using Performance Importance Weighted Random Forest (Peri-Wrf) Learning Model

Parmar¹,

Brahmbhatt²

2022

INDJCSE

View full text Add to dashboard Cite

Malware detection has gained huge attention in recent times. This is mainly because of the increase in new malware variants which pose a significant threat to information security. The conventional malware detection systems are not capable of detecting new generation malwares due to the constant changes in the network behavior. An efficient malware detection approach must be able to handle the dynamic changes in the malware behavior with a very minimum processing time to identify malicious attacks at the initial stage. This paper presents a novel Performance Importance Weighted Random Forest (PERI-WRF) for detecting different types of malwares in network systems. The proposed PERI-WRF incorporates a novel data reduction technique which is capable of reducing the size of training data to maximize the classification accuracy. A clustering algorithm consisting of GWO and K-means++ algorithm is implemented to group the malicious data samples collected from input. To validate the effectiveness of the detection framework, the system was tested using various evaluation metrics. Results show that the proposed malware detection model with novel data reduction techniques achieves superior classification accuracy, and the proposed approach is appropriate for detecting real-time malwares with superior accuracy and low MAE score.

show abstract

Logistic regression for polymorphic malware detection using ANOVA F-test

Cited by 13 publications

References 8 publications

A Survey on Botnets, Issues, Threats, Methods, Detection and Prevention

A Survey on Botnets, Issues, Threats, Methods, Detection and Prevention

Taxonomy-Based Intelligent Malware Detection Framework

A Novel Malware Detection Approach Using Performance Importance Weighted Random Forest (Peri-Wrf) Learning Model

Contact Info

Product

Resources

About