Article
Computer Science, Artificial Intelligence
Rui Zheng, Qiuyun Wang, Zhuopang Lin, Zhengwei Jiang, Jianming Fu, Guojun Peng
Summary: This paper proposes a cryptocurrency mining malware detection method called CMalHunt, which integrates heuristic rule features as a domain knowledge component in an ensemble learning framework. Experimental results show that CMalHunt outperforms baseline machine learning models, validating the effectiveness of feature type integration.
APPLIED SOFT COMPUTING
(2022)
Article
Chemistry, Multidisciplinary
Murat Dener, Gokce Ok, Abdullah Orman
Summary: The study suggests using memory data in malware detection and applying deep learning and machine learning approaches in a big data environment. Results show that the Logistic Regression algorithm achieved the most successful malware detection in memory analysis.
APPLIED SCIENCES-BASEL
(2022)
Article
Computer Science, Information Systems
Yun Gao, Hirokazu Hasegawa, Yukiko Yamaguchi, Hajime Shimada
Summary: This study proposes a malware classification system based on Control-Flow Graph (CFG) and Graph Isomorphism Network (GIN) using machine learning methods to process large-scale data. Experimental results show that the method achieves high accuracy and AUC in malware detection.
Article
Computer Science, Hardware & Architecture
Chongyang Bai, Qian Han, Ghita Mezzour, Fabio Pierazzi, V. S. Subrahmanian
Summary: The study introduces the DBank system utilizing novel TSG features to predict whether an Android APK is a banking trojan with high accuracy and defensive capabilities against attackers; By analyzing five major ABT families, the study identifies the features that best separate them from goodware and other malware.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
(2021)
Review
Computer Science, Theory & Methods
Pascal Maniriho, Abdun Naser Mahmood, Mohammad Jabed Morshed Chowdhury
Summary: There has been a growing trend of malware release, which has raised concerns among security professionals worldwide. Understanding different types of malware and their detection techniques is challenging but crucial for researchers and the security community. Malware analysis, including static analysis, code analysis, dynamic analysis, memory analysis, and hybrid analysis techniques, is a crucial step towards detecting malware. Machine learning and deep learning methods have gained attention for their ability to develop sophisticated malware detection models that can handle known and unknown malicious activities. This survey provides a comprehensive study and analysis of current malware and detection techniques using the snowball approach, covering topics such as malware analysis testbeds, dynamic malware analysis, memory analysis, malware behavior analysis tools, datasets repositories, feature selection, machine learning, and deep learning techniques. The study also includes comparisons of behavior-based malware detection techniques grouped by categories of machine learning and deep learning techniques, as well as discussion on performance evaluation metrics, current research challenges, and future directions.
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE
(2022)
Article
Computer Science, Artificial Intelligence
Jieren Cheng, Jiachen Zheng, Xiaomei Yu
Summary: This paper provides an overview of the prevalent methods for detecting malicious codes, including signature-based, behavioral-based, and machine learning approaches. The effective malicious features are summarized and novel machine learning methods are discussed in depth. Furthermore, an ensemble interpretable framework is explored for automatic and efficient detection of malicious codes.
INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS
(2022)
Article
Computer Science, Theory & Methods
Dylan Chou, Meng Jiang
Summary: This survey presents the challenges faced by data-driven network intrusion detection, including the authenticity and representativeness of datasets. Trends in the past decade are analyzed, and future directions are proposed, including the application of NID in cloud-based environments, designing scalable models for large network data, and collecting labeled datasets from real-world networks.
ACM COMPUTING SURVEYS
(2022)
Article
Computer Science, Artificial Intelligence
David Escudero Garcia, Noemi DeCastro-Garcia, Angel Luis Munoz Castaneda
Summary: In this research, the performance of transfer learning techniques for malware detection is evaluated over different time horizons and learning settings. Experiments are conducted on unbalanced data with different file types to address additional challenges in malware detection. The goal is to determine if transfer learning can help solve the concept drift problem and build models that can detect new malware.
EXPERT SYSTEMS WITH APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Anson Pinhero, M. L. Anupama, P. Vinod, C. A. Visaggio, N. Aneesh, S. Abhijith, S. AnanthaKrishnan
Summary: With the rapid growth of malware, automatic classification faces challenges, this study explores a new approach combining malware visualization and deep learning classification, successfully improving classification accuracy and efficiency.
COMPUTERS & SECURITY
(2021)
Article
Computer Science, Artificial Intelligence
Fabricio Ceschin, Marcus Botacin, Heitor Murilo Gomes, Felipe Pinage, Luiz S. Oliveira, Andre Gregio
Summary: Malware poses a major threat to computer systems, and the constant evolution of malware samples causes concept drift, which directly affects the detection rates of machine learning models. This study evaluates the impact of concept drift on malware classifiers and proposes a novel data stream pipeline to mitigate the issue.
EXPERT SYSTEMS WITH APPLICATIONS
(2023)
Article
Computer Science, Hardware & Architecture
Shanxi Li, Qingguo Zhou, Rui Zhou, Qingquan Lv
Summary: Malware has been a serious threat to computer systems for a long time, and traditional detection methods have limited effectiveness. AI-based malware detection has gained popularity due to its better predictive performance. A malware classifier based on graph convolutional network has been designed to adapt to the diversity of malware characteristics, showing superior performance in detection, with high accuracy and stability.
JOURNAL OF SUPERCOMPUTING
(2022)
Article
Computer Science, Information Systems
Farhan Ullah, Gautam Srivastava, Shamsher Ullah
Summary: Android, being the most widely used mobile platform, is a prime target for malicious attacks. This study proposes a novel malware detection method that combines API-Call Graphs with byte-level image representation, resulting in effective detection and classification of malware.
JOURNAL OF CLOUD COMPUTING-ADVANCES SYSTEMS AND APPLICATIONS
(2022)
Article
Computer Science, Information Systems
Manuel Torres, Rafael Alvarez, Miguel Cazorla
Summary: Cybercriminals constantly develop new techniques to evade security measures, resulting in rapid evolution of malware. Detecting malware across multiple systems is challenging due to unique characteristics of each computing environment. Traditional signature-based malware detection has been replaced by modern approaches, such as machine learning and behavior-based threat detection. Researchers use these techniques to extract features from various data sources and feed them to models for accurate prediction.
Article
Computer Science, Theory & Methods
Aqib Rashid, Jose Such
Summary: ML models are vulnerable to adversarial query attacks, and this paper presents a stateful defense system called MalProtect that can reduce the evasion rate of adversarial attacks in the malware detection domain.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
(2023)
Article
Computer Science, Information Systems
Alejandro Guerra-Manzanares, Hayretdin Bahsi
Summary: This study evaluates the machine learning models in the Android malware detection domain and highlights the significance of timestamp selection in concept drift modeling and long-term performance of the model.
COMPUTERS & SECURITY
(2022)
Article
Computer Science, Software Engineering
Flavio Toffalini, Jun Sun, Martin Ochoa
SOFTWARE-PRACTICE & EXPERIENCE
(2019)
Article
Computer Science, Theory & Methods
Ivan Homoliak, Flavio Toffalini, Juan Guarnizo, Yuval Elovici, Martin Ochoa
ACM COMPUTING SURVEYS
(2019)
Article
Computer Science, Information Systems
Eyasu Getahun Chekole, Sudipta Chattopadhyay, Martin Ochoa, Huaqun Guo, Unnikrishnan Cheramangalath
COMPUTERS & SECURITY
(2020)
Article
Computer Science, Information Systems
Jesus Solano, Luis Camacho, Alejandro Correa, Claudio Deiro, Javier Vargas, Martin Ochoa
Summary: Combining fingerprinting and behavioral dynamics can enhance the security of login mechanisms. Context analysis and behavioral analysis individually achieve around 0.7 accuracy, but a combined approach can reach up to 0.9 accuracy using a linear combination of the outcomes of the single models.
INTERNATIONAL JOURNAL OF INFORMATION SECURITY
(2021)
Proceedings Paper
Computer Science, Information Systems
Amit Tambe, Yan Lin Aung, Ragav Sridharan, Martin Ochoa, Nils Ole Tippenhauer, Asaf Shabtai, Yuval Elovici
PROCEEDINGS OF THE NINTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY (CODASPY '19)
(2019)
Proceedings Paper
Computer Science, Information Systems
Flavio Toffalini, Martin Ochoa, Sun Jun, Jianying Zhou
PROCEEDINGS OF THE NINTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY (CODASPY '19)
(2019)
Proceedings Paper
Computer Science, Information Systems
Xueou Wang, Xiaolu Hou, Ruben Rios, Per Hallgren, Nils Ole Tippenhauer, Martin Ochoa
COMPUTER SECURITY (ESORICS 2018), PT II
(2018)
Proceedings Paper
Computer Science, Information Systems
John H. Castellanos, Martin Ochoa, Jianying Zhou
34TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2018)
(2018)
Proceedings Paper
Computer Science, Information Systems
Eyasu Getahun Chekole, Sudipta Chattopadhyay, Martin Ochoa, Guo Huaqun
ENGINEERING SECURE SOFTWARE AND SYSTEMS, ESSOS 2018
(2018)
Proceedings Paper
Computer Science, Theory & Methods
Eyasu Getahun Chekole, John Henry Castellanos, Martin Ochoa, David K. Y. Yau
COMPUTER SECURITY, 2017
(2018)
Article
Computer Science, Information Systems
Per Hallgren, Ravi Kishore, Martin Ochoa, Andrei Sabelfeld
JOURNAL OF COMPUTER SECURITY
(2018)
Proceedings Paper
Computer Science, Information Systems
Martin Ochoa, Sebastian Banescu, Cynthia Disenfeld, Gilles Barthe, Vijay Ganesh
2017 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY (EUROS&P)
(2017)
Proceedings Paper
Computer Science, Information Systems
Athul Harilal, Flavio Toffalini, John Castellanos, Juan Guarnizo, Ivan Homoliak, Martin Ochoa
PROCEEDINGS OF THE 2017 INTERNATIONAL WORKSHOP ON MANAGING INSIDER SECURITY THREATS (MIST'17)
(2017)
Proceedings Paper
Computer Science, Theory & Methods
Tobias Wuechner, Martin Ochoa, Enrico Lovat, Alexander Pretschner
2016 14TH ANNUAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST)
(2016)