scholarly journals Use of Data Visualisation for Zero-Day Malware Detection

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Sitalakshmi Venkatraman ◽  
Mamoun Alazab
Keyword(s):  
Malware Analysis ◽  
Data Visualisation ◽  
Comprehensive Overview ◽  
Malicious Software ◽  
Analysis Techniques ◽  
Data Intensive ◽  
Malware Classification ◽  
Use Of Data ◽  
Effective Analysis ◽  
Similarity Matrices

With the explosion of Internet of Things (IoT) worldwide, there is an increasing threat from malicious software (malware) attackers that calls for efficient monitoring of vulnerable systems. Large amounts of data collected from computer networks, servers, and mobile devices need to be analysed for malware proliferation. Effective analysis methods are needed to match with the scale and complexity of such a data-intensive environment. In today’s Big Data contexts, visualisation techniques can support malware analysts going through the time-consuming process of analysing suspicious activities thoroughly. This paper takes a step further in contributing to the evolving realm of visualisation techniques used in the information security field. The aim of the paper is twofold: (1) to provide a comprehensive overview of the existing visualisation techniques for detecting suspicious behaviour of systems and (2) to design a novel visualisation using similarity matrix method for establishing malware classification accurately. The prime motivation of our proposal is to identify obfuscated malware using visualisation of the extended x86 IA-32 (opcode) similarity patterns, which are hard to detect with the existing approaches. Our approach uses hybrid models wherein static and dynamic malware analysis techniques are combined effectively along with visualisation of similarity matrices in order to detect and classify zero-day malware efficiently. Overall, the high accuracy of classification achieved with our proposed method can be visually observed since different malware families exhibit significantly dissimilar behaviour patterns.

scholarly journals Malware Detection Based on Code Visualization and Two-Level Classification

Information ◽  
2021 ◽  
Vol 12 (3) ◽  
pp. 118
Author(s):  
Vassilios Moussas ◽  
Antonios Andreatos
Keyword(s):  
Web Applications ◽  
Detection System ◽  
Malware Detection ◽  
Image Features ◽  
Malicious Code ◽  
Malware Analysis ◽  
Malicious Software ◽  
Antivirus Software ◽  
Malware Classification ◽  
Artificial Neural Network Ann

Malware creators generate new malicious software samples by making minor changes in previously generated code, in order to reuse malicious code, as well as to go unnoticed from signature-based antivirus software. As a result, various families of variations of the same initial code exist today. Visualization of compiled executables for malware analysis has been proposed several years ago. Visualization can greatly assist malware classification and requires neither disassembly nor code execution. Moreover, new variations of known malware families are instantly detected, in contrast to traditional signature-based antivirus software. This paper addresses the problem of identifying variations of existing malware visualized as images. A new malware detection system based on a two-level Artificial Neural Network (ANN) is proposed. The classification is based on file and image features. The proposed system is tested on the ‘Malimg’ dataset consisting of the visual representation of well-known malware families. From this set some important image features are extracted. Based on these features, the ANN is trained. Then, this ANN is used to detect and classify other samples of the dataset. Malware families creating a confusion are classified by a second level of ANNs. The proposed two-level ANN method excels in simplicity, accuracy, and speed; it is easy to implement and fast to run, thus it can be applied to antivirus software, smart firewalls, web applications, etc.

scholarly journals Survey on Mobile Malware Analysis and Detection

2018 ◽  
Vol 7 (2.32) ◽  
pp. 279 ◽  
Author(s):  
K Swetha ◽  
K V.D.Kiran
Keyword(s):  
Mobile Phones ◽  
Malware Detection ◽  
Detection Methods ◽  
Classification Algorithms ◽  
Malware Analysis ◽  
Consistent System ◽  
Malware Classification ◽  
Mobile Malware

The amazing advances of mobile phones enable their wide utilize. Since mobiles are joined with pariah applications, bundles of security and insurance issues are incited. But, current mobile malware analysis and detection advances are as yet flawed, incapable, and incomprehensive. On account of particular qualities of mobiles such as constrained assets, user action and neighborhood correspondence ability, consistent system network, versatile malware detection faces new difficulties, particularly on remarkable runtime malware area. This paper provides overview on  malware classification, methodologies of assessment, analysis and on and off device detection methods on android. The work mainly focuses on different classification algorithms which are used as a part of dynamic malware detection on android.  

scholarly journals Biosensor Designs for Platelet-derived Microparticles Analysis

2017 ◽  
Vol 53 (04) ◽  
pp. 234-237
Author(s):  
Jyotsna Kailashiya
Keyword(s):  
Myocardial Infarction ◽  
Platelet Activation ◽  
Cost Effective ◽  
Analysis Techniques ◽  
Conventional Analysis ◽  
Analytical Tools ◽  
Effective Analysis ◽  
Potential Biomarkers

ABSTRACTPlatelet-derived microparticles (PMPs) are often used as marker of platelet activation and their count in blood has been found to be significantly associated with many diseases like myocardial infarction, stroke, venous thrombo-embolism etc. PMPs have been proposed as potential biomarkers for these conditions. Biosensors are newer analytical tools, being developed for convenient and cost effective analysis. For PMPs analysis, biosensors offer many advantages over conventional analysis techniques. This mini review compiles designs and techniques of reported biosensors based on antibody capturing for analysis of PMPs.

scholarly journals Evasion and Countermeasures Techniques to Detect Dynamic Binary Instrumentation Frameworks

2021 ◽  
Author(s):  
Ailton Dos Santos Fh ◽  
Ricardo J. Rodríguez ◽  
Eduardo L. Feitosa
Keyword(s):  
Future Research ◽  
Malware Analysis ◽  
Framework Analysis ◽  
Malicious Software ◽  
Binary Instrumentation ◽  
Analysis Technique ◽  
Dynamic Binary Instrumentation ◽  
Split Personality ◽  
Attack Surface ◽  
Evasive Malware

Dynamic Binary Instrumentation (DBI) is a dynamic analysis technique that allows arbitrary code to be executed when a program is running. DBI frameworks have started to be used to analyze malicious applications. As a result, different approaches have merged to detect and avoid them. Commonly referred to as split personality malware or evasive malware are pieces of malicious software that incorporate snippets of code to detect when they are under DBI framework analysis and thus mimic benign behavior. Recent studies have questioned the use of DBI in malware analysis, arguing that it increases the attack surface. In this paper, we examine the anti-instrumentation techniques that abuse desktop-based DBI frameworks and existing countermeasures to determine if it is possible to reduce the exploitable attack surface introduced by these DBI frameworks. In particular, we review the related literature to identify (i) the existing set of DBI framework evasion techniques and (ii) the existing set of countermeasures to avoid them. We also analyze and compare the taxonomies introduced in the literature, and propose a new taxonomy that expands and completes previous taxonomies. We also note some relevant issues and outline ways of future research in the use of DBI frameworks for security purposes

scholarly journals Evaluating the Impact of Malware Analysis Techniques for Securing Web Applications through a Decision-Making Framework under Fuzzy Environment

2020 ◽  
Vol 13 (6) ◽  
pp. 94-109
Author(s):  
Rajeev Kumar ◽  
◽  
Mamdouh Alenezi ◽  
Md Ansari ◽  
Bineet Gupta ◽  
...  
Keyword(s):  
Decision Making ◽  
Web Application ◽  
Communication Systems ◽  
Web Applications ◽  
Fuzzy Ahp ◽  
Cyber Attacks ◽  
Malware Analysis ◽  
Analysis Techniques ◽  
The Impact ◽  
The Web

Nowadays, most of the cyber-attacks are initiated by extremely malicious programs known as Malware. Malwares are very vigorous and can penetrate the security of information and communication systems. While there are different techniques available for malware analysis, it becomes challenging to select the most effective approach. In this context, the decision-making process may be an efficient means of empirically assessing the impact of different methods for securing the web applications. In this research study, we have used a methodology that includes the integration of Fuzzy AHP and Fuzzy TOPSIS technique for evaluating the impact of different malware analysis techniques in web application perspective. This study uses different versions of a university’s web application for evaluating the impact of several existing malware analysis techniques. The findings of the study show that the Reverse Engineering approach is the most efficient technique for analyzing complex malware. The outcome of this study would definitely aid the future researchers and developers in selecting the appropriate techniques for scanning the web application code and enhancing the security.

scholarly journals Malware: The Never-Ending Arm Race

2021 ◽  
pp. 1-25
Author(s):  
Hector David Menendez
Keyword(s):  
Machine Learning ◽  
Dynamic Analysis ◽  
Detection System ◽  
Vice President ◽  
Historical Background ◽  
Malicious Software ◽  
Static And Dynamic Analysis ◽  
Analysis Techniques ◽  
Single Strategy ◽  
New Strategies

"Antivirus is death"' and probably every detection system that focuses on a single strategy for indicators of compromise. This famous quote that Brian Dye --Symantec's senior vice president-- stated in 2014 is the best representation of the current situation with malware detection and mitigation. Concealment strategies evolved significantly during the last years, not just like the classical ones based on polimorphic and metamorphic methodologies, which killed the signature-based detection that antiviruses use, but also the capabilities to fileless malware, i.e. malware only resident in volatile memory that makes every disk analysis senseless. This review provides a historical background of different concealment strategies introduced to protect malicious --and not necessarily malicious-- software from different detection or analysis techniques. It will cover binary, static and dynamic analysis, and also new strategies based on machine learning from both perspectives, the attackers and the defenders.

scholarly journals SPENDING REVIEW BERBASIS PERFORMANCE-BASED BUDGETING (PBB) TERHADAP APBD KABUPATEN SLEMAN TAHUN 2017-2018

REFORMASI ◽  
2020 ◽  
Vol 10 (2) ◽  
pp. 186-208
Author(s):  
Al Fauzi Rahmat ◽  
Fajar Rahmanto ◽  
Muchammad Iqbal Firmansyah ◽  
Dyah Mutiarin
Keyword(s):  
Qualitative Method ◽  
Research Data ◽  
Government Employees ◽  
Average Deviation ◽  
Data Presentation ◽  
Analysis Techniques ◽  
Deviation Analysis ◽  
Use Of Data ◽  
Regional Budget ◽  
And Performance

Artikel ini bertujuan untuk menganalisis sejauh mana spending review berbasis Performance-Based Budgeting (PBB) terhadap APBD Kabupaten Sleman tahun 2017-2018. Selanjutnya, artikel ini menggunakan metode kualitatif yaitu untuk mengidentifikasi dan menafsirkan sebuah konteks terkait spending review yang perlu di identifikasi secara mendalam. Kemudian, perolahan data dilakukan melalui studi kajian literature (online dan offline). Sebagaimana penggunaan teknik analisis data dalam penelitian ini dilakukan dengan tahapan kodifikasi data, penyajian data dan hasil data penelitian. Hasil penelitin ini menunjukan bahwa kondisi anggaran belanja daerah Pemerintah Kabupaten Sleman Tahun 2017 dan 2018 mengalami kenaikan, namun ditinjau pada sektor anggaran belanja pegawai Pemerintah Kabupaten Sleman mengalami penurunan. Selanjutnya hasil review alokasi yang dilakukan terhadap realisasi anggaran belanja daerah terjadi penghematan anggaran belanja dari tahun 2017 ke 2018. Kemudian, untuk review tolak ukur dan kinerja melalui layanan kesehatan dan pendidikan menunjukan adanya peningkatan angka indeks pembangunan manusia. Lebih lanjut, Analisis Deviasi Kebutuhan menunjukkan dalam dua tahun anggaran Pemerintah Kabupaten Sleman yakni tahun 2017 dan 2018 memiliki tingkat rata-rata deviasi kebutuhan dengan alokasi anggaran belanja daerah sebesar (11,85%).Abstract: This article aims to analyze the extent of spending based on Performance-Based Budgeting (PBB) based Regional Expenditure Budget (APBD) of Sleman Regency in 2017-2018. Furthermore, this article uses a qualitative method to identify and interpret a context related to spending review that needs to be identified in depth. Therefore, data processing through literature studies (online and offline). As the use of data analysis techniques in this study carried out with the stages of data codification, data presentation and results of research data. The results of this research indicate that condition of regional expenditure budgets of the Sleman Regency Government in 2017 and 2018 has increased, but in terms of expenditure budget sector the Sleman Regency Government employees have decreased. Furthermore, the results of a review of the allocations made to the realization of the regional expenditure budget savings spending occurred from 2017 to 2018. In addition, for a review of benchmarks and performance through health and education services showed an increase in the index of human development. Moreover, the Need Deviation Analysis shows that in the two fiscal years the Sleman Regency Government, namely 2017 and 2018, has an average deviation of needs with a regional budget allocation of (11.85%).Keywords: Spending Review; Performance-based Budget; Regional Expenditure Budget; Sleman Regency

Philosophising Data

Big Data ◽  
2016 ◽  
pp. 302-313
Author(s):  
Jackie Campbell ◽  
Victor Chang ◽  
Amin Hosseinian-Far
Keyword(s):  
Big Data ◽  
Data Analysis ◽  
Data Collection ◽  
Data Visualisation ◽  
Business Decisions ◽  
Human Skill ◽  
Use Of Data ◽  
Market Trends ◽  
Scale Data ◽  
Current Practices

This chapter aims to critically reflect on the processes, agendas and use of Big Data by presenting existing issues and problems in place and consolidating our points of views presented from different angles. This chapter also describes current practices of handling Big Data, including considerations of smaller scale data analysis and the use of data visualisation to improve business decisions and prediction of market trends. The chapter concludes that alongside any data collection, analysis and visualisation, the ‘researcher' should be fully aware of the limitations of the data, by considering the data from different perspectives, angles and lenses. Not only will this add the validation and validity of the data, but it will also provide a ‘thinking tool' by which to explore the data. Arguably providing the ‘human skill' required in a process apparently destined to be automated by machines and algorithms.

scholarly journals The Use of Data Mining Methods to Predict the Result of Infertility Treatment Using the IVF ET Method

2014 ◽  
Vol 39 (1) ◽  
pp. 67-74 ◽  
Author(s):  
Paweł Malinowski ◽  
Robert Milewski ◽  
Piotr Ziniewicz ◽  
Anna Justyna Milewska ◽  
Jan Czerniecki ◽  
...  
Keyword(s):  
Data Mining ◽  
Treatment Process ◽  
Infertility Treatment ◽  
New Methods ◽  
Use Of Data ◽  
Treat Ment ◽  
Modern Methods ◽  
Mining Methods ◽  
Effective Analysis ◽  
Ivf Et

Abstract The IVF ET method is a scientifically recognized infertility treat- ment method. The problem, however, is this method’s unsatisfactory efficiency. This calls for a more thorough analysis of the information available in the treat- ment process, in order to detect the factors that have an effect on the results, as well as to effectively predict result of treatment. Classical statistical methods have proven to be inadequate in this issue. Only the use of modern methods of data mining gives hope for a more effective analysis of the collected data. This work provides an overview of the new methods used for the analysis of data on infertility treatment, and formulates a proposal for further directions for research into increasing the efficiency of the predicted result of the treatment process.

scholarly journals Overview of static methods of analysis malicious software

2020 ◽  
Keyword(s):  
Static Analysis ◽  
Large Data ◽  
Malicious Code ◽  
Machine Learning Algorithms ◽  
Data Sets ◽  
Malware Analysis ◽  
Universal Method ◽  
Malicious Software ◽  
Promising Area ◽  
Almost All

In today's world, the problem of losses from the actions of malicious software (or ordinary software, which has the characteristics of undeclared functions) continues to be extremely relevant. Therefore, the creation and modification of anti-virus solutions for protection and analysis of malware (software) is a relevant and promising area of research. This is due to the lack of a single, universal method that provides 100% finding malicious code. The paper considers the composition and main components of static analysis. The main methods of static analysis is identified, and relevant examples of almost all of them are given. Got concluded that the main advantages of static analysis are that by using a relatively simple set of commands and tools, it is possible to perform malware analysis and partially understand how it works. Attention is drawn to the fact that static analysis does not give 100% certainty that the investigated software is malicious. With this in mind, to provide a more meaningful analysis, you need to collect as much data as possible about the structure of the file, its possible functions, etc. Analysis of files for the possible presence of malicious code is provided through the use of appropriate programs to view their structure and composition. A more informative way is to analyze the Portable Executable format. It consists of the analysis of various sections of the code of fields and resources. Since static analysis does not always provide the required level of guarantees, it is better to use machine learning algorithms at the stage of making the final classification decision (malicious or not). This approach will make it possible to process large data sets with greater accuracy in determining the nature of the software is analyzed. The main purpose of this work is to analyze the existing methods of static malware analysis, and review the features of their further development.

Sign in / Sign up

Export Citation Format

Share Document