Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

HB-DIPM: Human Behavior Analysis-Based Malware Detection and Intrusion Prevention Model in the Future Internet

  • Lee, Jeong Kyu (Dept. of Computer Science and Engineering, Seoul National University of Science and Technology) ;
  • Moon, Seo Yeon (Dept. of Computer Science and Engineering, Seoul National University of Science and Technology) ;
  • Park, Jong Hyuk (Dept. of Computer Science and Engineering, Seoul National University of Science and Technology)
  • Received : 2016.02.03
  • Accepted : 2016.08.12
  • Published : 2016.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

As interest in the Internet increases, related technologies are also quickly progressing. As smart devices become more widely used, interest is growing in words are missing here like "improving the" or "figuring out how to use the" future Internet to resolve the fundamental issues of transmission quality and security. The future Internet is being studied to improve the limits of existing Internet structures and to reflect new requirements. In particular, research on words are missing here like "finding new forms of" or "applying new forms of" or "studying various types of" or "finding ways to provide more" reliable communication to connect the Internet to various services is in demand. In this paper, we analyze the security threats caused by malicious activities in the future Internet and propose a human behavior analysis-based security service model for malware detection and intrusion prevention to provide more reliable communication. Our proposed service model provides high reliability services by responding to security threats by detecting various malware intrusions and protocol authentications based on human behavior.

Keywords

References

  1. S. Ata, D. Huang, X. Liu, A. Wada, T. Xing, P. Juluri, C. J. Chung, Y. Sato, and D. Medhi, "SeRViTR: a framework, implementation, and a testbed for a trustworthy future Internet," Computer Networks, vol. 63, pp. 128-146, 2014. https://doi.org/10.1016/j.bjp.2013.12.028
  2. A. Ghezzi and M. Dramitinos, "Towards a Future Internet infrastructure: analyzing the multidimensional impacts of assured quality Internet interconnection," Telematics and Informatics, vol. 33, no. 2, pp. 613-630, 2016. https://doi.org/10.1016/j.tele.2015.10.003
  3. P. Jappinen, R. Guarneri, and L. M. Correia, "An applications perspective into the Future Internet," Journal of Network and Computer Applications, vol. 36, no. 1, pp. 249-254, 2013. https://doi.org/10.1016/j.jnca.2012.08.009
  4. K. C. Wang, M. Brinn, and J. Mambretti, "From federated software defined infrastructure to future Internet architecture," in Proceedings of International Science and Technology Conference Modern Networking Technologies (MoNeTeC), Moscow, Russia, 2014, pp. 1-6.
  5. M. Berman, J. S. Chase, L. Landweber, A. Nakao, M. Ott, D. Raychaudhuri, R. Ricci, and I. Seskar, "GENI: a federated testbed for innovative network experiments," Computer Networks, vol. 61, pp. 5-23, 2014. https://doi.org/10.1016/j.bjp.2013.12.037
  6. A. Hakiria, A. Gokhale, P. Berthou, D. C. Schmidt, and T. Gayraud "Software-defined networking: challenges and research opportunities for Future Internet," Computer Networks, vol. 75, pp. 453-471, 2014. https://doi.org/10.1016/j.comnet.2014.10.015
  7. C. Granell, D. Havlik, S. Schade, Z. Sabeur, C. Delaney, J. Pielorz, et al., "Future Internet technologies for environmental applications," Environmental Modelling & Software, vol. 78, pp. 1-15, 2016. https://doi.org/10.1016/j.envsoft.2015.12.015
  8. The Global Environment for Network Innovations (GENI) [Online]. Available: http://groups.geni.net.
  9. J. Kim and D. Kim, "A Future Internet testbed in Korea," in Proceedings of the 2011 World Congress in Computer Science, Computer Engineering, and Applied Computing (WorldComp), Las Vegas, NV, 2011 [Online]. Available: http://weblidi.info.unlp.edu.ar/worldcomp2011-mirror/ICM.htm.
  10. A. Lanna, F. Liberati, L. Zuccaro, and A. Di Giorgio, "Electric vehicles charging control based on Future Internet generic enablers," in Proceedings of 2014 IEEE International Electric Vehicle Conference (IEVC), Florence, Italy, 2014, pp. 1-5.
  11. W. Tsai, C. F. Lai, and A. V. Vasilakos, "Future Internet of Things: open issues and challenges," Wireless Networks, vol. 20, no. 8, pp. 2201-2217, 2014. https://doi.org/10.1007/s11276-014-0731-0
  12. Y. Park, D. S. Reeves, and M. Stamp, "Deriving common malware behavior through graph clustering," Computers & Security, vol. 39, pp. 419-430, 2013. https://doi.org/10.1016/j.cose.2013.09.006
  13. C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel, and M. Rajarajan, "A survey of intrusion detection techniques in cloud," Journal of Network and Computer Applications, vol. 36, no. 1, pp. 42-57, 2013. https://doi.org/10.1016/j.jnca.2012.05.003
  14. S. J. Hashim, A. R. Ramli, F. Hashim, K. Samsudin, R. Abdullah, A. R. Azmir, L. B. Osamah, I. A. Al-Baltah, and M. M. Al-Habshi, "SCARECROW: scalable malware reporting, detection and analysis," Journal of Convergence Information Technology, vol. 8, no. 14, pp. 1-12, 2013.
  15. Y. Qiao, Y, Yabg, L. Ji, and J. He, "Analyzing malware by abstracting the frequent itemsets in API call sequences," in Proceedings of 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Melbourne, Australia, 2013, pp. 265-270.
  16. R. Islam, R. Tian, L. M. Batten, and S. Versteeg, "Classification of malware based on integrated static and dynamic features," Journal of Network and Computer Applications, vol. 36, no. 2, pp. 646-656, 2013. https://doi.org/10.1016/j.jnca.2012.10.004
  17. L. Feng, X. Liao, Q. Han, and H. Li, "Dynamical analysis and control strategies on malware propagation model," Applied Mathematical Modelling, vol. 37, no. 16, pp. 8225-8236, 2013. https://doi.org/10.1016/j.apm.2013.03.051
  18. D. DeBarr, V. Ramanathan, and H. Wechsler, "Phishing detection using traffic behavior spectral clustering and random forests," in Proceedings of 2013 IEEE International Conference on Intelligence and Security Informatics (ISI), Seattle, WA, 2013, pp. 67-72.
  19. B. Prelipcean, A. S. Popescu, and D. T. Gavrilut, "Improving malware detection response time with behaviorbased statistical analysis," in Proceedings of 2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), Timisoara, Romania, 2015, pp. 232-239.
  20. G. Aloi, M. Di Felice, V. Loscri, P. Pace, and G. Ruggeri, "Spontaneous smartphone networks as a user-centric solution for the Future Internet," IEEE Communications Magazine, vol. 52, no. 12, pp. 26-33, 2014. https://doi.org/10.1109/MCOM.2014.6979948
  21. G. Suarez-Tangil, J. E. Tapiador, P. Peris-Lopez, and A. Ribagorda, "Evolution, detection and analysis of malware for smart device," IEEE Communications Surveys & Tutorials, vol. 16, no. 2, pp. 961-987, 2014. https://doi.org/10.1109/SURV.2013.101613.00077
  22. P. Wang and Y. S. Wang, "Malware behavioural detection and vaccine development by using a support vector model classifier," Journal of Computer and System Sciences, vol. 81, no. 6, pp. 1012-1026, 2015. https://doi.org/10.1016/j.jcss.2014.12.014
  23. P. Dewan, A. Kashyap, and P. Kumaraguru, "Analyzing social and stylometric features to identify spear phishing emails," in Proceedings of 2014 APWG Symposium on Electronic Crime Research (eCrime), Birmingham, AL, 2014, pp. 1-13.
  24. A. Mohaisen, O. Alrawi, and M. Mohaisen, "Amal: high-fidelity, behavior-based automated malware analysis and classification," Computer & Security, vol. 52, pp. 251-266, 2015. https://doi.org/10.1016/j.cose.2015.04.001
  25. N. Nissim, R. Moskovitch, L. Rokach, and Y. Elovici, "Novel active learning methods for enhanced PC malware detection in windows OS," Expert Systems with Applications, vol. 41, no. 13, pp. 5843-5857, 2014. https://doi.org/10.1016/j.eswa.2014.02.053
  26. S. Alam, R. N. Horspool, I. Traore, and I. Sogukpinar, "A framework for metamorphic malware analysis and real-time detection," Computers & Security, vol. 48, pp. 212-233, 2015. https://doi.org/10.1016/j.cose.2014.10.011