[1] Defending against today’s critical threats, CISCO Cybersecurity Series. Threat Report, [online] 2020, www.cisco.com/go/securityreports (Accessed: 5th April, 2020)
[2] D. Ellis, “Worm Anatomy and model,” in Proceedings of the 2003 ACM Workshop on Rapid Malcode, 2003.
[3] D.Moore, C. Shannon, et al., “Code red: a case study on the spread of victims of an internet worm,” in Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurement, pp. 273-284, 2002
[4] D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford and N. Weaver, “Inside the slammer worm,” IEEE security & privacy, 99 (4), pp. 33-39, 2003
[5] M.G. Shultz, E. Eskin, F. Zadok, S.J. Stolfo, “Data Mining methods for detection of new malicious executables,” In Proceedings 2001 IEEE Symposium on Security and Privacy, 2001
[6] J.Z. Kolter, M.A. Maloof, “Learning to detect and classify malicious executables in the wild,” Journal of Machine Learning Research, 2006
[7] P. Vinod, V. Laxmi, M.S. Gaur, G. Chauhan, “Detecting malicious files using non-signature-based methods,” International Journal of Information and computer security, 2014
[8] J. Bai, J. Wang, G. Zou, “A malware detection scheme based on mining format information,” 2014
[9] M. Alazah, S. Venkatranan, P. Watters, “Zero-day malware detection based on supervised learning algorithms of API call signatures,” Data mining and analysis proceedings in the 9th Australasian data mining conference, 2020
[10] S. Muazzam, W. Morgan and L. Joohan, “Detecting Internet worms using data mining techniques,” Journal of Systematics Cybernetics and Informatics, 2009
[11] R. Benchea and D. T. Gavrilut, “Combining restricted boltzmann machine and oneside perceptron for malware detection,” Springer International Publishing, 2014
[12] N. Ochieng, W. Mwangi and I. Ateya, “Optimizing Computer Worm Detection Using Ensembles,” Security and Communication Networks, 2019.
[13] A. L. Samuel, “Some studies in machine learning using the game of checkers,” IBM Journal of Research and Development, vol. 3, pp. 210-229, 1959
[14] A. L. Buckzak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Communications Surveys & Tutorials, vol. 18(2), pp. 1153-1176, 2015
[15] H. Rathore, S. Agarwal, S.K. Sahay and M. Sewak, “Malware detection using machine learning and deep learning,”. In International Conference on Big Data Analytics, Springer, Cham, pp. 402-411, 2018
[16] W. Hardy, L. Chen, S. Hou, Y. Ye, Y and X. Li, “DL4MD: A deep learning framework for intelligent malware detection,”. In Proceedings of the International Conference on Data Mining (DMIN), pp. 61, 2016
[17] O.E. David and N.S. Netanyahu, “Deepsign: Deep learning for automatic malware signature generation and classification,” In 2015 International Joint Conference on Neutral Networks (IJCNN), pp. 1-8, 2015
[18] H.H. Al-Maksousy, M.C. Weigle and C. Wang, “NIDS: Neutral Network based Intrusion Detection System,” International Symposium on Technologies for National Security, IEEE, pp. 1-6, 2018
[19] R. Kumar, Z. Xiaosong, R.U. Khan, I. Ahad and J. Kumar, “Malicious code detection based on image processing using deep learning,” In Proceedings of the 2018 International Conference on Computing and Artificial Intelligence, ACM, pp. 81-85, 2018
[20] M. su, S.K. Sahay and H. Rathore, “An investigation of a deep learning-based malware detection system,”. In Proceedings of the 13th International Conference on Availability, Reliability and Security, ACM, p. 26, 2018
[21] M. Kalash, M. Rochan, N. Mohammed, N.D. Bruce, Y. Wang, Y and F. Iqbal, “Malware classification with deep evolutional neural networks,”. In 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), IEEE, pp. 1-5, 2018
[22] SL, S. D. SL and C.D. Jaidhar, “Windows malware detector using convolutional neural network based on visualization images,” IEEE Transactions on Emerging topics in Computing, 2019
[23] M. Lòpez- Viscaìno, C. Dafonte, F. Nòvoa, D. Garabato and M. Álvarez, “Network data unsupervised clustering to anomaly detection,” Multidisciplinary Digital Publishing Institute Proceedings, vol. 2(18), pp. 1173, 2018
[24] H. Mekky, A. Mohaisen and Z.L. Zhang, “Separation of benign and malicious network events for accurate malware family classification,” In 2015 IEEE Conference on Communications and Network Security (CNS), pp. 361-365, 2015
[25] A. Martin, H.D. Menèndez and D. Camacho, (2016, July). “Genetic boosting classification for malware detection,” In 2016 IEEE Congress on Evolutionary Compultation (CEC), pp. 1030-1037, 2016
[26]. P.M. Domingos, “A few useful things to know about machine learning,” Commun.acm, vol. 55(10), pp. 78-87, 2012
[27] N. Srivastava, G. Hinton, A. Krizhevsky, I. Sutskever and R. Salakhutdinov, “Dropout: a simple way to prevent neural networks from overfitting,” The journal of machine learning research, vol. 15(1), pp. 1929-1958, 2014
[28] CAIDA USCD Network Telescope “Three days of Conficker” - http://www.caida.org/data/passive/telescope-3days-conficker_dataset.xml
[29] Emile Aben, “Conficker/Conflicker/Downadup as seen from the USCD network telescope,” Technical Report, Caida, [online] 2009, https://www.caida.org/research/security/ms08-067/conficker.xml (Accessed: 5th April 2020)
[30] W. McKinney et al., “Data structures for statistical computing in python,” In Proceedings of the 9th Python in Science Conference, vol. 445, pp. 51–56, 2010
[31] F. Chollet et al., “Keras,” (GitHub). [online] 2015, https://github.com/fchollet/keras (Accessed: 6th April, 2020)
[2] D. Ellis, “Worm Anatomy and model,” in Proceedings of the 2003 ACM Workshop on Rapid Malcode, 2003.
[3] D.Moore, C. Shannon, et al., “Code red: a case study on the spread of victims of an internet worm,” in Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurement, pp. 273-284, 2002
[4] D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford and N. Weaver, “Inside the slammer worm,” IEEE security & privacy, 99 (4), pp. 33-39, 2003
[5] M.G. Shultz, E. Eskin, F. Zadok, S.J. Stolfo, “Data Mining methods for detection of new malicious executables,” In Proceedings 2001 IEEE Symposium on Security and Privacy, 2001
[6] J.Z. Kolter, M.A. Maloof, “Learning to detect and classify malicious executables in the wild,” Journal of Machine Learning Research, 2006
[7] P. Vinod, V. Laxmi, M.S. Gaur, G. Chauhan, “Detecting malicious files using non-signature-based methods,” International Journal of Information and computer security, 2014
[8] J. Bai, J. Wang, G. Zou, “A malware detection scheme based on mining format information,” 2014
[9] M. Alazah, S. Venkatranan, P. Watters, “Zero-day malware detection based on supervised learning algorithms of API call signatures,” Data mining and analysis proceedings in the 9th Australasian data mining conference, 2020
[10] S. Muazzam, W. Morgan and L. Joohan, “Detecting Internet worms using data mining techniques,” Journal of Systematics Cybernetics and Informatics, 2009
[11] R. Benchea and D. T. Gavrilut, “Combining restricted boltzmann machine and oneside perceptron for malware detection,” Springer International Publishing, 2014
[12] N. Ochieng, W. Mwangi and I. Ateya, “Optimizing Computer Worm Detection Using Ensembles,” Security and Communication Networks, 2019.
[13] A. L. Samuel, “Some studies in machine learning using the game of checkers,” IBM Journal of Research and Development, vol. 3, pp. 210-229, 1959
[14] A. L. Buckzak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Communications Surveys & Tutorials, vol. 18(2), pp. 1153-1176, 2015
[15] H. Rathore, S. Agarwal, S.K. Sahay and M. Sewak, “Malware detection using machine learning and deep learning,”. In International Conference on Big Data Analytics, Springer, Cham, pp. 402-411, 2018
[16] W. Hardy, L. Chen, S. Hou, Y. Ye, Y and X. Li, “DL4MD: A deep learning framework for intelligent malware detection,”. In Proceedings of the International Conference on Data Mining (DMIN), pp. 61, 2016
[17] O.E. David and N.S. Netanyahu, “Deepsign: Deep learning for automatic malware signature generation and classification,” In 2015 International Joint Conference on Neutral Networks (IJCNN), pp. 1-8, 2015
[18] H.H. Al-Maksousy, M.C. Weigle and C. Wang, “NIDS: Neutral Network based Intrusion Detection System,” International Symposium on Technologies for National Security, IEEE, pp. 1-6, 2018
[19] R. Kumar, Z. Xiaosong, R.U. Khan, I. Ahad and J. Kumar, “Malicious code detection based on image processing using deep learning,” In Proceedings of the 2018 International Conference on Computing and Artificial Intelligence, ACM, pp. 81-85, 2018
[20] M. su, S.K. Sahay and H. Rathore, “An investigation of a deep learning-based malware detection system,”. In Proceedings of the 13th International Conference on Availability, Reliability and Security, ACM, p. 26, 2018
[21] M. Kalash, M. Rochan, N. Mohammed, N.D. Bruce, Y. Wang, Y and F. Iqbal, “Malware classification with deep evolutional neural networks,”. In 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), IEEE, pp. 1-5, 2018
[22] SL, S. D. SL and C.D. Jaidhar, “Windows malware detector using convolutional neural network based on visualization images,” IEEE Transactions on Emerging topics in Computing, 2019
[23] M. Lòpez- Viscaìno, C. Dafonte, F. Nòvoa, D. Garabato and M. Álvarez, “Network data unsupervised clustering to anomaly detection,” Multidisciplinary Digital Publishing Institute Proceedings, vol. 2(18), pp. 1173, 2018
[24] H. Mekky, A. Mohaisen and Z.L. Zhang, “Separation of benign and malicious network events for accurate malware family classification,” In 2015 IEEE Conference on Communications and Network Security (CNS), pp. 361-365, 2015
[25] A. Martin, H.D. Menèndez and D. Camacho, (2016, July). “Genetic boosting classification for malware detection,” In 2016 IEEE Congress on Evolutionary Compultation (CEC), pp. 1030-1037, 2016
[26]. P.M. Domingos, “A few useful things to know about machine learning,” Commun.acm, vol. 55(10), pp. 78-87, 2012
[27] N. Srivastava, G. Hinton, A. Krizhevsky, I. Sutskever and R. Salakhutdinov, “Dropout: a simple way to prevent neural networks from overfitting,” The journal of machine learning research, vol. 15(1), pp. 1929-1958, 2014
[28] CAIDA USCD Network Telescope “Three days of Conficker” - http://www.caida.org/data/passive/telescope-3days-conficker_dataset.xml
[29] Emile Aben, “Conficker/Conflicker/Downadup as seen from the USCD network telescope,” Technical Report, Caida, [online] 2009, https://www.caida.org/research/security/ms08-067/conficker.xml (Accessed: 5th April 2020)
[30] W. McKinney et al., “Data structures for statistical computing in python,” In Proceedings of the 9th Python in Science Conference, vol. 445, pp. 51–56, 2010
[31] F. Chollet et al., “Keras,” (GitHub). [online] 2015, https://github.com/fchollet/keras (Accessed: 6th April, 2020)
- Abstract viewed - 1301 times
- PDF downloaded - 831 times
Affiliations
Nelson Ochieng Odunga
Strathmore University
Ronald Waweru Mwangi
Affiliation not stated
Ismail Ateya Lukandu
Strathmore University
Reducing Generalization Error Using Autoencoders for The Detection of Computer Worms
Abstract
This paper discusses computer worm detection using machine learning. More specifically, the generalization capability of autoencoders is investigated and improved using regularization and deep autoencoders. Models are constructed first without autoencoders and thereafter with autoencoders. The models with autoencoders are further improved using regularization and deep autoencoders. Results show an improved in the capability of models to generalize well to new examples.