ABSTRACT
Malwares attacks are becoming increasingly destructive. Hackers target all types of devices from big to the most little ones. Researcher's communities in cybersecurity field are working hard to defend malwares attacks as well as any other malicious activity. In fact, the primary goal is to defend cyberattacks as fast as possible to avoid catastrophic damages. In this paper, we proposed new cybersecurity architecture specialized in malwares attacks defense. This proposal puts together four layers based on malwares behaviors. In addition, we perform malware classifier using malware visualization technique, GIST descriptor features and K-Nearest Neighbor algorithm. The classifier is able to put each input malware image into its corresponding family. Families distribution is been divided by malwares behaviors. For the purpose of attaining speedy malwares classifier, we use Univariate Feature Selection technique to reduce GIST feature. So we succeeded in getting from 320 to only 50 features in less timing with very close accuracy of 97,67%.
- Galal, H.S., Mahdy, Y.B. and Atiea, M.A. 2016. Behavior-based features model for malware detection. Journal of Computer Virology and Hacking Techniques. 12, 2 (May 2016), 59--67. DOI:https://doi.org/10.1007/s11416-015-0244-0.Google ScholarCross Ref
- Goshtasby, A.A. 2012. Image Descriptors. Image Registration. (2012), 219--246. DOI:https://doi.org/10.1007/978-1-4471-2458-0_5.Google Scholar
- Ikram, B.A.O., Mohammed, B., Abdelhakim, B.A., Lotfi, E.A. and Zafar, B. 2019. Machine Learning Application for Malwares Classification Using Visualization Technique. Proceedings of the 4th International Conference on Smart City Applications (Casablanca MA, 2019), 110:1-110:6.Google Scholar
- Luo, J. and Lo, D.C. 2017. Malware image classification using machine learning with local binary pattern. 2017 IEEE International Conference on Big Data (Big Data) (Dec. 2017), 4664--4667.Google ScholarCross Ref
- Makandar, A. and Patrot, A. 2015. Malware analysis and classification using Artificial Neural Network. 2015 International Conference on Trends in Automation, Communications and Computing Technology (I-TACT-15) (Dec. 2015), 1--6.Google ScholarCross Ref
- Makandar, A. and Patrot, A. 2017. Wavelet Statistical Feature based Malware Class Recognition and Classification using Supervised Learning Classifier. Oriental journal of computer science and technology. 10, 2 (Jun. 2017), 400--406. DOI:https://doi.org/10.13005/ojcst/10.02.20.Google Scholar
- Nappa, A., Rafique, M.Z. and Caballero, J. 2014. The MALICIA dataset: identification and analysis of drive-by download operations. International Journal of Information Security. 14, (2014), 15--33. DOI:https://doi.org/10.1007/s10207-014-0248-7.Google ScholarDigital Library
- Nataraj, L., Karthikeyan, S., Jacob, G. and Manjunath, B.S. 2011. Malware images: visualization and automatic classification. Proceedings of the 8th International Symposium on Visualization for Cyber Security - VizSec '11 (Pittsburgh, Pennsylvania, 2011), 1--7.Google ScholarDigital Library
- Oliva, A. and Torralba, A. Modeling the Shape of the Scene: A Holistic Representation of the Spatial Envelope. 31.Google Scholar
- Rieck, K., Holz, T., Willems, C., Düssel, P. and Laskov, P. 2008. Learning and Classification of Malware Behavior. Detection of Intrusions and Malware, and Vulnerability Assessment. D. Zamboni, ed. Springer Berlin Heidelberg. 108--125.Google Scholar
- Yajamanam, S., Selvin, V.R.S., Di Troia, F. and Stamp, M. 2018. Deep Learning versus Gist Descriptors for Image-based Malware Classification: Proceedings of the 4th International Conference on Information Systems Security and Privacy (Funchal, Madeira, Portugal, 2018), 553--561.Google Scholar
Index Terms
- Speedy and efficient malwares images classifier using reduced GIST features for a new defense guide
Recommendations
Machine learning application for malwares classification using visualization technique
SCA '19: Proceedings of the 4th International Conference on Smart City ApplicationsNowadays attackers work hard to develop efficient cyberthreats and exploit new techniques. So defenders need to use advanced methodologies to combat the latest threats and safely remove them from computers, mobiles and connected devices. Without the ...
Malware Function Classification Using APIs in Initial Behavior
ASIAJCIS '15: Proceedings of the 2015 10th Asia Joint Conference on Information SecurityMalware proliferation has become a serious threat to the Internet in recent years. Most of the current malware are subspecies of existing malware that have been automatically generated by illegal tools. To conduct an efficient analysis of malware, ...
Grouping the Executables to Detect Malwares with High Accuracy
The metamorphic malware variants with the same malicious behavior (family), can obfuscate themselves to look different from each other. This variation in structure lead to a huge signature database for traditional signature matching techniques to detect ...
Comments