VMAnalyzer: Malware Semantic Analysis using Integrated CNN and Bi-Directional LSTM for Detecting VM-level Attacks in Cloud

Mishra, Preeti; Khurana, Kashish; Gupta, Seema; Sharma, Manish

doi:10.1109/ic3.2019.8844877

Cited by 21 publications

(12 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As such, recent research efforts have moved towards employing end-to-end deep learning techniques to bypass the feature engineering step. Many research works [8], [20], [19], [21], [23], [22], [24] aimed to overcome the limitations of traditional ML approaches and employed DL algorithms. The works in [21], [23], [22], [24] provide malware detection methods based on system calls and RNN.…”

Section: A Dynamic Malware Detectionmentioning

confidence: 99%

“…Many research works [8], [20], [19], [21], [23], [22], [24] aimed to overcome the limitations of traditional ML approaches and employed DL algorithms. The works in [21], [23], [22], [24] provide malware detection methods based on system calls and RNN. Others [8], [20], [19] have also used Recurrent Neural Networks (RNN) and Convolutional Neural Network (CNN) but, instead focused on API calls.…”

Section: A Dynamic Malware Detectionmentioning

confidence: 99%

See 1 more Smart Citation

Recurrent Neural Networks Based Online Behavioural Malware Detection Techniques for Cloud Infrastructure

et al. 2021

View full text Add to dashboard Cite

Several organizations are utilizing cloud technologies and resources to run a range of applications. These services help businesses save on hardware management, scalability and maintainability concerns of underlying infrastructure. Key cloud service providers (CSPs) like Amazon, Microsoft and Google offer Infrastructure as a Service (IaaS) to meet the growing demand of such enterprises. This increased utilization of cloud platforms has made it an attractive target to the attackers, thereby, making the security of cloud services a top priority for CSPs. In this respect, malware has been recognized as one of the most dangerous and destructive threats to cloud infrastructure (IaaS). In this paper, we study the effectiveness of Recurrent Neural Networks (RNNs) based deep learning techniques for detecting malware in cloud Virtual Machines (VMs). We focus on two major RNN architectures: Long Short Term Memory RNNs (LSTMs) and Bidirectional RNNs (BIDIs). These models learn the behavior of malware over time based on run-time fine-grained processes system features such as CPU, memory, and disk utilization. We evaluate our approach on a dataset of 40,680 malicious and benign samples. The process level features were collected using real malware running in an open online cloud environment with no restrictions, which is important to emulate practical cloud provider settings and also capture the true behaviour of stealth and sophisticated malware. Both our LSTM and BIDI models achieve high detection rates over 99% for different evaluation metrics. In addition, an analysis study is conducted to understand the significance of input data representations. Our results suggest that in particular cases, input ordering does have some affect on the performance of the trained RNN models.

show abstract

Section: A Dynamic Malware Detectionmentioning

confidence: 99%

Section: A Dynamic Malware Detectionmentioning

confidence: 99%

Recurrent Neural Networks Based Online Behavioural Malware Detection Techniques for Cloud Infrastructure

et al. 2021

View full text Add to dashboard Cite

show abstract

“…e former describes the exponential decrease in the gradient for long-term cells to zero, and the latter describes the opposite event. To address these issues, an LSTM architecture was proposed [19,31], which has become popular for many applications [32,33]. During the drive deterioration process, certain health status changes and workloads influence HDD health over a long period;…”

Section: Lstm-rnn-based Prediction Modelmentioning

confidence: 99%

Hard Disk Drive Failure Prediction for Mobile Edge Computing Based on an LSTM Recurrent Neural Network

Shen

Ren

Wan

et al. 2021

Mobile Information Systems

View full text Add to dashboard Cite

With the increase in intelligence applications and services, like real-time video surveillance systems, mobile edge computing, and Internet of things (IoT), technology is greatly involved in our daily life. However, the reliability of these systems cannot be always guaranteed due to the hard disk drive (HDD) failures of edge nodes. Specifically, a lot of read/write operations and hazard edge environments make the maintenance work even harder. HDD failure prediction is one of the scalable and low-overhead proactive fault tolerant approaches to improve device reliability. In this paper, we propose an LSTM recurrent neural network-based HDD failure prediction model, which leverages the long temporal dependence feature of the drive health data to improve prediction efficiency. In addition, we design a new health degree evaluation method, which stores current health details and deterioration. The comprehensive experiments on two real-world hard drive datasets demonstrate that the proposed approach achieves a good prediction accuracy with low overhead.

show abstract

“…Due to the increased demand for computational resources, recurrent and convolutional neural network algorithms are gaining increased attention and are recently applied in a supervised or unsupervised learning model for detecting anomalous events [97]- [99]. This is mainly attributed to their ability to find patterns from sequence data of cloud networks [100]. It is anticipated that deep learning-based approaches can help improve the overall performance and efficiency of cloud-based IDSs [101]- [103].…”

Section: Collaborative Idss In Cloud Systemsmentioning

confidence: 99%

A Review of Intrusion Detection and Blockchain Applications in the Cloud: Approaches, Challenges and Solutions

2020

View full text Add to dashboard Cite

This paper reviews the background and related studies in the areas of cloud systems, intrusion detection and blockchain applications against cyber attacks. This work aims to discuss collaborative anomaly detection systems for discovering insider and outsider attacks from cloud centres, including the technologies of virtualisation and containerisation, along with trusting intrusion detection and cloud systems using blockchain. Moreover, the ability to detect such malicious attacks is critical for conducting necessary mitigation, at an early stage, to minimise the impact of disruption and restore cloud operations and their live migration processes. This paper presents an overview of cloud architecture and categorises potential stateof-the-art security events based on their occurrence at different cloud deployment models. Network Intrusion Detection Systems (NIDS) in the cloud, involving types of classification and common detection approaches, are also described. Collaborative NIDSs for cloud-based blockchain applications are also explained to demonstrate how blockchain can address challenges related to data privacy and trust management. A summary of the research challenges and future research directions in these fields is also explained.

show abstract

VMAnalyzer: Malware Semantic Analysis using Integrated CNN and Bi-Directional LSTM for Detecting VM-level Attacks in Cloud

Cited by 21 publications

References 6 publications

Recurrent Neural Networks Based Online Behavioural Malware Detection Techniques for Cloud Infrastructure

Recurrent Neural Networks Based Online Behavioural Malware Detection Techniques for Cloud Infrastructure

Hard Disk Drive Failure Prediction for Mobile Edge Computing Based on an LSTM Recurrent Neural Network

A Review of Intrusion Detection and Blockchain Applications in the Cloud: Approaches, Challenges and Solutions

Contact Info

Product

Resources

About