Abstract
The paper proposes the architecture of a distributed malware detection system based on decentralized architecture in local area computer networks. Its feature is the synthesis of its requirements of distribution, decentralization, multilevel. This allows you to use it autonomously. In addition, the feature of the components of the system is the same organization, which allows the exchange of knowledge in the middle of the system, which, unlike the known systems, allows you to use the knowledge gained by separate parts of the system in other parts. The developed system allows to fill it with subsystems of detection of various types of malicious software in local area networks. The paper presents the results of experiments on the use of the developed system for the detection of metamorphic viruses.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
INTERPOL. https://www.interpol.int/Crime-areas/Cybercrime/The-threats/Malware,-bots,-botnets
Security response publications. Monthly threat report. https://www.symantec.com/security_response/publications/monthlythreatreport.jsp
McAfee labs threat report. https://www.mcafee.com/us/resources/reports/rp-quarterly-threats-dec-2017.pdf
Overview of symantec endpoint protection 12, Part 2. https://www.anti-malware.ru/reviews/Symantec_Endpoint_Protection_12_2
Palo Alto Networks. https://www.paloaltonetworks.com/
Malwarebytes endpoint security. https://ru.malwarebytes.com/business/endpointsecurity/
Cisco NAC Appliance (Clean Access). https://www.cisco.com/c/en/us/products/security/nac-appliance-clean-access/index.html
Comodo cybersecurity. https://www.comodo.com/
Branitskiy, A., Kotenko, I.: Hybridization of computational intelligence methods for attack detection in computer networks. J. Comput. Sci. 23, 145–156 (2017)
Baldangombo, U., Jambaljav, N., Horng, S.: A static malware detection system using data mining methods. Int. J. Artif. Intell. Appl. (IJAIA) 4(4), 113–126 (2013)
Bezobrazov, S., Sachenko, A., Komar, M., Rubanau, V.: The methods of artificial intelligence for malicious applications detection in Android OS. Int. J. Comput. 15(3), 184–190 (2016)
Eskandari, M., Hashemi, S.: A graph mining approach for detecting unknown malwares. J. Vis. Lang. Comput. 23(3), 154–162 (2012)
Kaushal, K., Swadas, P., Prajapati, N.: Metamorphic malware detection using statistical analysis. Int. J. Soft Comput. Eng. 2(3), 49–53 (2012)
Ghiasi, M., Sami, A., Salehi, Z.: Dynamic malware detection using registers values set analysis. In: Information Security and Cryptology, pp. 54–59 (2012)
Komar, M., Golovko, V., Sachenko, A., Bezobrazov, S.: Intelligent system for detection of networking intrusion. In: Proceedings of the 6th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2011, Prague, Czech Republic, pp. 374–377 (2011)
Lysenko, S., Savenko, O., Kryshchuk, A., Kljots, Y.: Botnet detection technique for corporate area network. In: Proceedings of the 2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems, pp. 363–368 (2013)
Shafiq, M.Z., Tabish, S.M., Mirza, F., Farooq, M.: PE-Miner: Mining structural information to detect malicious executables in realtime. In: International Workshop on Recent Advances in Intrusion Detection, pp. 121–141 (2009)
David, B., Filiol, E., Gallienne, K.: Structural analysis of binary executable headers for malware detection optimization. J. Comput. Virol. Hacking Tech. 13(2), 87–93 (2017)
Savenko, O., Lysenko, S., Nicheporuk, A., Savenko, B.: Metamorphic viruses’ detection technique based on the equivalent functional block search. ICT in Education, Research and Industrial Applications, Integration, Harmonization and Knowledge Transfer, vol. 1844, pp. 555–569 (2017)
Savenko, O., Lysenko, S., Nicheporuk, A., Savenko, B.: Approach for the unknown metamorphic virus detection. In: 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems. Technology and Applications, Bucharest, Romania, pp. 453–458 (2017)
VX Heavens. http://vxheaven.org/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Markowsky, G., Savenko, O., Sachenko, A. (2019). Distributed Malware Detection System Based on Decentralized Architecture in Local Area Networks. In: Shakhovska, N., Medykovskyy, M. (eds) Advances in Intelligent Systems and Computing III. CSIT 2018. Advances in Intelligent Systems and Computing, vol 871. Springer, Cham. https://doi.org/10.1007/978-3-030-01069-0_42
Download citation
DOI: https://doi.org/10.1007/978-3-030-01069-0_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01068-3
Online ISBN: 978-3-030-01069-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)