2019
DOI: 10.1007/978-3-030-22479-0_20
|View full text |Cite
|
Sign up to set email alerts
|

Online Malware Detection in Cloud Auto-scaling Systems Using Shallow Convolutional Neural Networks

Abstract: This paper introduces a novel online malware detection approach in cloud by leveraging one of its unique characteristics-auto-scaling. Auto-scaling in cloud allows for maintaining an optimal number of running VMs based on load, by dynamically adding or terminating VMs. Our detection system is online because it detects malicious behavior while the system is running. Malware detection is performed by utilizing process-level performance metrics to model a Convolutional Neural Network (CNN). We initially employ a … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
14
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
3
3
2

Relationship

2
6

Authors

Journals

citations
Cited by 23 publications
(14 citation statements)
references
References 25 publications
0
14
0
Order By: Relevance
“…Input representation is another factor that affects the training time. The results in Table 5 indicate that some random col and row orderings 9 prolong the time taken for the model to converge. Particularly, this is more evident for the row orderings where both LSTM rowα and BIDI rowα models achieved the highest validation accuracy in epoch 40.…”
Section: A Random Ordering Resultsmentioning
confidence: 99%
See 2 more Smart Citations
“…Input representation is another factor that affects the training time. The results in Table 5 indicate that some random col and row orderings 9 prolong the time taken for the model to converge. Particularly, this is more evident for the row orderings where both LSTM rowα and BIDI rowα models achieved the highest validation accuracy in epoch 40.…”
Section: A Random Ordering Resultsmentioning
confidence: 99%
“…Beside the works that used traditional ML algorithms, others [13], [9], [32], [33] focused on using deep learning algorithms for online malware detection. The authors in [13] extended their work in [30] and introduced a detection method which uses a CNN model with the goal of identifying low profile malware.…”
Section: B Online Malware Detectionmentioning
confidence: 99%
See 1 more Smart Citation
“…References Multi-layer perceptron [16], [26], [56], [64], [139], [185], [48], [46], [15], [92], [38], [36], [88], [37], [109], [90], [104], [208], [25], [159], [25], [214], [144] Autoencoder [206], [32], [86], [73] Recurrent neural network [21], [72], [104], [86] Convolutional neural network [180], [62], [2], [104] Self-organizing map [179], [27], [177], [187] Adaptive neuro-fuzzy inference system [60], [124], [138] Extreme learning machine [209], [96], [ [197] for. Similar to the LSTM-based approaches, the values that actually occur are then compared to the prediction which allows to decide how rare they are.…”
Section: Methodsmentioning
confidence: 99%
“…• Network features [6], [22]: such approaches rely on using network features to detect malicious traffic patterns; • System calls [3], [7], [29], [38]: approaches relying on system calls to detect particular sequences of system calls that generally used by malware; • Memory features [25], [39]: approaches using features like malicious memory access patterns to detect malware; • Hardware performance counters [5], [8]: approaches with performance counters (e.g., cache hit/miss) that detect malware; • Performance metrics [2], [18], [36], [37]: approaches using system metrics like CPU or memory utilization to model normal and malicious application behavior. We use performance metrics data and focus on features that can easily be obtained by a light-weight, on-host agent.…”
Section: A Malware Behavior Datamentioning
confidence: 99%