Performance Comparison of Training Datasets for System Call-Based Malware Detection with Thread Information

Supervisory control and data acquisition (SCADA) systems are vital in monitoring and controlling industrial processes through the web. However, while such systems result in lower costs, greater utilisation efficiency, and improved reliability, they are vulnerable to cyberattacks, with consequences ranging from the inconvenience and minor disruption to severe physical damage and even loss of life. The authors evaluate the security of the Dam system in the form of Common Criteria, develop safety goals to improve this safety, and focus on threats and risks to the dam SCADA system. Finally proposes an anomaly‐based machine‐learning framework for detecting malicious network attacks in the SCADA system of a dam. Three unsupervised classification algorithms are considered: hierarchical clustering, local outlier factor, and isolation forest. It is shown that the hierarchical clustering algorithm achieves the highest precision and F‐score of the three algorithms. Overall, the results confirm the effectiveness of anomaly‐based detection algorithms in enhancing the robustness of SCADA systems toward malicious attacks. At the same time, it complies with the security objectives of Common Criteria, achieving the safety and protection of the dam.

show abstract

Malware Detection with Artificial Intelligence: A Systematic Literature Review

Gaber,

Ahmed,

Janicke

2024

ACM Comput. Surv.

View full text Add to dashboard Cite

In this survey, we review the key developments in the field of malware detection using AI and analyze core challenges. We systematically survey state-of-the-art methods across five critical aspects of building an accurate and robust AI powered malware detection model: malware sophistication, analysis techniques, malware repositories, feature selection and machine learning vs deep learning. The effectiveness of an AI model is dependent on the quality of the features it is trained with. In turn, the quality and authenticity of these features is dependent on the quality of the dataset and the suitability of the analysis tool. Static analysis is fast but is limited by the widespread use of obfuscation. Dynamic analysis is not impacted by obfuscation but is defeated by ubiquitous anti-analysis techniques and requires more computational power. Sophisticated and evasive malware is challenging to extract authentic discriminatory features from and combined with poor quality datasets this can lead to a situation where a model achieves high accuracy with only one specific dataset.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Performance Comparison of Training Datasets for System Call-Based Malware Detection with Thread Information

Cited by 3 publications

References 20 publications

Zero day ransomware detection with Pulse: Function classification with Transformer models and assembly language

Zero day ransomware detection with Pulse: Function classification with Transformer models and assembly language

Common criteria for security evaluation and malicious intrusion detection mechanism of dam supervisory control and data acquisition system

Malware Detection with Artificial Intelligence: A Systematic Literature Review

Contact Info

Product

Resources

About