DOI QR코드

DOI QR Code

Malwares Attack Detection Using Ensemble Deep Restricted Boltzmann Machine

  • K. Janani (Karpagam Academy of Higher Education) ;
  • R. Gunasundari (Karpagam Academy of Higher Education)
  • Received : 2024.05.05
  • Published : 2024.05.30

Abstract

In recent times cyber attackers can use Artificial Intelligence (AI) to boost the sophistication and scope of attacks. On the defense side, AI is used to enhance defense plans, to boost the robustness, flexibility, and efficiency of defense systems, which means adapting to environmental changes to reduce impacts. With increased developments in the field of information and communication technologies, various exploits occur as a danger sign to cyber security and these exploitations are changing rapidly. Cyber criminals use new, sophisticated tactics to boost their attack speed and size. Consequently, there is a need for more flexible, adaptable and strong cyber defense systems that can identify a wide range of threats in real-time. In recent years, the adoption of AI approaches has increased and maintained a vital role in the detection and prevention of cyber threats. In this paper, an Ensemble Deep Restricted Boltzmann Machine (EDRBM) is developed for the classification of cybersecurity threats in case of a large-scale network environment. The EDRBM acts as a classification model that enables the classification of malicious flowsets from the largescale network. The simulation is conducted to test the efficacy of the proposed EDRBM under various malware attacks. The simulation results show that the proposed method achieves higher classification rate in classifying the malware in the flowsets i.e., malicious flowsets than other methods.

Keywords

References

  1. Sarker, I. H. (2021). Deep cybersecurity: a comprehensive overview from neural network and deep learning perspective. SN Computer Science, 2(3), 1-16. https://doi.org/10.1007/s42979-020-00382-x
  2. Chen, D., Wawrzynski, P., & Lv, Z. (2021). Cyber security in smart cities: a review of deep learning-based applications and case studies. Sustainable Cities and Society, 66, 102655.
  3. Liu, Z., Wang, R., Japkowicz, N., Tang, D., Zhang, W., & Zhao, J. (2021). Research on unsupervised feature learning for Android malware detection based on restricted Boltzmann machines. Future Generation Computer Systems, 120, 91-108. https://doi.org/10.1016/j.future.2021.02.015
  4. Demertzis, K., Iliadis, L., Pimenidis, E., & Kikiras, P. (2022). Variational restricted Boltzmann machines to automated anomaly detection. Neural Computing and Applications, 1-14.
  5. Huma, Z. E., Latif, S., Ahmad, J., Idrees, Z., Ibrar, A., Zou, Z., ... & Baothman, F. (2021). A hybrid deep random neural network for cyberattack detection in the industrial internet of things. IEEE Access, 9, 55595-55605. https://doi.org/10.1109/ACCESS.2021.3071766
  6. Thakkar, A., & Lohiya, R. (2021). A review on machine learning and deep learning perspectives of IDS for IoT: recent updates, security issues, and challenges. Archives of Computational Methods in Engineering, 28(4), 3211-3243. https://doi.org/10.1007/s11831-020-09496-0
  7. Bello, I., Chiroma, H., Abdullahi, U. A., Gital, A. Y. U., Jauro, F., Khan, A., ... & Abdulhamid, S. I. M. (2021). Detecting ransomware attacks using intelligent algorithms: Recent development and next direction from deep learning and big data perspectives. Journal of Ambient Intelligence and Humanized Computing, 12(9), 8699-8717. https://doi.org/10.1007/s12652-020-02630-7
  8. Gupta, C., Johri, I., Srinivasan, K., Hu, Y. C., Qaisar, S. M., & Huang, K. Y. (2022). A Systematic Review on Machine Learning and Deep Learning Models for Electronic Information Security in Mobile Networks. Sensors, 22(5), 2017.
  9. Basit, A., Zafar, M., Liu, X., Javed, A. R., Jalil, Z., & Kifayat, K. (2021). A comprehensive survey of AI-enabled phishing attacks detection techniques. Telecommunication Systems, 76(1), 139-154.
  10. Tsimenidis, S., Lagkas, T., & Rantos, K. (2022). Deep learning in iot intrusion detection. Journal of Network and Systems Management, 30(1), 1-40.
  11. Gu, G., Porras, P. A., Yegneswaran, V., Fong, M. W., & Lee, W. (2007, August). Bothunter: Detecting malware infection through ids-driven dialog correlation. In USENIX Security Symposium (Vol. 7, pp. 1-16).
  12. Bilge, L., Balzarotti, D., Robertson, W., Kirda, E., & Kruegel, C. (2012, December). Disclosure: detecting botnet command and control servers through large-scale netflow analysis. In Proceedings of the 28th Annual Computer Security Applications Conference (pp. 129-138).
  13. Oujezsky, V., Horvath, T., & Skorpil, V. (2016, June). Modeling botnet C&C traffic lifespans from netflow using survival analysis. In 2016 39th International Conference on Telecommunications and Signal Processing (TSP) (pp. 50-55).
  14. Kheir, N., & Wolley, C. (2013, November). Botsuer: Suing stealthy p2p bots in network traffic through netflow analysis. In International Conference on Cryptology and Network Security (pp. 162-178). Springer, Cham.
  15. Francois, J., Wang, S., & Engel, T. (2011, May). BotTrack: tracking botnets using NetFlow and PageRank. In International Conference on Research in Networking (pp. 1-14). Springer, Berlin, Heidelberg.
  16. Amini, P., Azmi, R., & Araghizadeh, M. (2014). Botnet detection using NetFlow and clustering. Advances in Computer Science: an International Journal, 3(2), 139-149.
  17. Bartos, K., Sofka, M., & Franc, V. (2016). Optimized invariant representation of network traffic for detecting unseen malware variants. In 25th USENIX Security Symposium (USENIX Security 16) (pp. 807-822).
  18. Perdisci, R., Lee, W., & Feamster, N. (2010, April). Behavioral clustering of http-based malware and signature generation using malicious network traces. In NSDI (Vol. 10, p. 14).
  19. Rafique, M. Z., & Caballero, J. (2013, October). Firma: Malware clustering and network signature generation with mixed network behaviors. In International Workshop on Recent Advances in Intrusion Detection (pp. 144-163). Springer, Berlin, Heidelberg.
  20. AlAhmadi, B. A., & Martinovic, I. (2018, May). MalClassifier: Malware family classification using network flow sequence behaviour. In 2018 APWG Symposium on Electronic Crime Research (eCrime) (pp. 1-13).
  21. Mohaisen, A., West, A. G., Mankin, A., & Alrawi, O. (2014, October). Chatter: Classifying malware families using system event ordering. In 2014 IEEE Conference on Communications and Network Security (pp. 283-291). IEEE.