329 Hits in 7.9 sec

Improving Zero-Day Malware Testing Methodology Using Statistically Significant Time-Lagged Test Samples [article]

Konstantin Berlin, Joshua Saxe
2016 arXiv   pre-print
One of the most important metrics for a protection product is how well it is able to stop malware, specifically on "zero"-day malware that has not been seen by the security community before.  ...  This enables cheap and accurate evaluation of zero-day true and false positive rates.  ...  We hope that the above analysis provides a basis for improvement in anti-malware testing methodologies, allowing for more accurate evaluation of performance.  ... 
arXiv:1608.00669v1 fatcat:orha2fpjkzfb7ftxpu7zggumgy

Classification for DGA-Based Malicious Domain Names with Deep Learning Architectures

Feng Zeng
2017 International Journal of Intelligent Information Systems  
The preemptive defenses against various malware created by domain generation algorithms (DGAs) have traditionally been solved using manually-crafted domain features obtained by heuristic process.  ...  However, it is difficult to achieve real-world deployment with most research on detecting DGA-based malicious domain names due to poor performance and time consuming.  ...  As a result, there is a significant increase in the amount of requests that were being directed at the failback DGA domains used by the malware.  ... 
doi:10.11648/j.ijiis.20170606.11 fatcat:qc5r6d6ztbh6lcdkxm4uxgeuwy

Real-time malware process detection and automated process killing [article]

Matilda Rhode, Pete Burnap, Adam Wedgbury
2022 arXiv   pre-print
The proposed model uses statistical filtering on top of a machine learning dynamic behavioural malware detection model in order to detect individual malicious processes on the fly and kill those which  ...  This paper argues that detecting malware in real-time on an endpoint necessitates an automated response due to the rapid and destructive nature of some malware.  ...  Due to the huge numbers of new malware appearing each day, the detection of malware samples needs to be automated [2] .  ... 
arXiv:1902.02598v3 fatcat:mpbbi2eoszcvrautk7qnxpk66q

Real-Time Malware Process Detection and Automated Process Killing

Matilda Rhode, Pete Burnap, Adam Wedgbury, Mamoun Alazab
2021 Security and Communication Networks  
The proposed model uses statistical filtering on top of a machine learning dynamic behavioural malware detection model in order to detect individual malicious processes on the fly and kill those which  ...  This paper argues that detecting malware in real-time on an endpoint necessitates an automated response due to the rapid and destructive nature of some malware.  ...  Due to the huge numbers of new malware appearing each day, the detection of malware samples needs to be automated [2] .  ... 
doi:10.1155/2021/8933681 fatcat:wsakyplx6rf7rck4u6oazcahhy

ITect: Scalable Information Theoretic Similarity for Malware Detection [article]

Sukriti Bhattacharya, Hector D. Menendez, Earl Barr, David Clark
2016 arXiv   pre-print
Malware creators have been getting their way for too long now.  ...  It outperforms VirusTotal for precision and accuracy on combined Kaggle and VirusShare malware.  ...  Similarity measures are capable of detecting zero-day malware when it is generated from existing malware.  ... 
arXiv:1609.02404v1 fatcat:scfvkxglobgxtkslzsmazeutoq

The Effects of Traditional Anti-Virus Labels on Malware Detection Using Dynamic Runtime Opcodes

Domhnall Carlin, Alexandra Cowan, Philip O'Kane, Sakir Sezer
2017 IEEE Access  
We find that malware detection rates are lessened when samples are labeled with traditional anti-virus (AV) labels.  ...  The main contribution of this paper is the creation of a new parsed runtime trace data set of over 100 000 labeled samples, which will address these shortcomings, and we offer the data set itself for use  ...  The time-lag between the release of the malware 'in the wild' (Zero Day) and the counter-measures being developed, allows a window for the malware to cause substantial damage.  ... 
doi:10.1109/access.2017.2749538 fatcat:agpuxnhlrbf3tb733hq3sbdrgi

A Review of Computer Vision Methods in Network Security [article]

Jiawei Zhao, Rahat Masood, Suranga Seneviratne
2020 arXiv   pre-print
attacks that are reported almost every day.  ...  Network security has become an area of significant importance more than ever as highlighted by the eye-opening numbers of data breaches, attacks on critical infrastructure, and malware/ransomware/cryptojacker  ...  The key idea in related to zero-day detection is to use the generator function of the GAN to generate new malware samples and use the discriminator function to predict whether the given sample is a malware  ... 
arXiv:2005.03318v1 fatcat:pcng7535obec3l6fejkllbi3ii

ScaleNet: Scalable and Hybrid Frameworkfor Cyber Threat Situational AwarenessBased on DNS, URL,and Email Data Analysis

R. Vinayakumar, K. P. Soman, Prabaharan Poornachandran, Vysakh S. Mohan, Amara Dinesh Kumar
2018 Journal of Cyber Security and Mobility  
They are incompetent in labeling the malware because of the time taken to reverse engineer the malware to generate a signature.  ...  Deep learning is a machine learning technique largely used by researchers in recent days. It avoids feature engineering which served as a critical step for conventional machine learning algorithms.  ...  Because, Time split of data facilitates to meet the zero day malware detection. Testing of Data set 2 is done by giving importance to time information.  ... 
doi:10.13052/jcsm2245-1439.823 fatcat:dpsz7dfa2bhufg2fljdafxt2zi

See No Evil, Hear No Evil? Dissecting the Impact of Online Hacker Forums

Wei T. Yue, Qiu-Hong Wang, Kai-Lung Hui
2019 MIS Quarterly  
This means that two DDOS-attack posts per day could reduce the number of victims by 700-2,600 per day.  ...  Our results suggest that online-hacker-forum discussion may exhibit the dual-use characteristic. That is, it can be used for both good and bad purposes. We draw related managerial implications.  ...  The coefficient of lagged non-DDOS-attack posts in the first-stage regression, 0.084, is positive and statistically significant (p < 0.01).  ... 
doi:10.25300/misq/2019/13042 fatcat:7bf5axqdprdtzkwavo4cvsmfpe

Saving Patient Ryan Can Advanced Electronic Medical Records Make Patient Care Safer?

Muhammad Zia Hydari, Rahul Telang, William M Marella
2014 Social Science Research Network  
Our results hold against a number of robustness checks, including, but not limited to, falsification test with non-clinical IT and falsification test with a subcategory of events that is not expected to  ...  Advanced electronic medical records (EMRs) are widely expected to improve patient safety, but the evidence of advanced EMRs' impact on patient safety is inconclusive.  ...  We use two-year lags as the deployment of advanced EMRs takes time after a decision has been made. The estimates are not statistically significantly different from zero.  ... 
doi:10.2139/ssrn.2503702 fatcat:zneoy7jo6rco5gxh23rv4vqss4

Malware in the Future? Forecasting of Analyst Detection of Cyber Events [article]

Jonathan Z. Bakdash, Steve Hutchinson, Erin G. Zaroukian, Laura R. Marusich, Saravanan Thirumuruganathan, Charmaine Sample, Blaine Hoffman, and Gautam Das
2018 arXiv   pre-print
Enhanced threat awareness may improve cybersecurity.  ...  A common approach is time-series forecasting of cyber attacks based on data from network telescopes, honeypots, and automated intrusion detection/prevention systems.  ...  t is forecast using t-1, a one week lag.  ... 
arXiv:1707.03243v3 fatcat:y2kuxw5g7vdyzni4o3kf7xknbm

Forecasting of Information Security Related Incidents: Amount of Spam Messages as a Case Study

2010 IEICE transactions on communications  
This approach is based on different auto regression models which are widely used in financial time series analysis but can not be directly applied to ISRI time series due to specifics related to information  ...  We investigate and address this specifics by proposing rules (special conditions) of collection and storage of ISRI time series, adherence to which improves forecasting in this subject field.  ...  Acknowledgments We wish to express our highest gratitude to Professor Hiroe Tsubaki, Director of Risk Analysis Research Center in the Institute of Statistical Mathematics, for his valuable comments.  ... 
doi:10.1587/transcom.e93.b.1411 fatcat:dfmudonptzdxlldaay7iwin44q

Machine Learning-Enabled IoT Security: Open Issues and Challenges Under Advanced Persistent Threats [article]

Zhiyan Chen, Jinxin Liu, Yu Shen, Murat Simsek, Burak Kantarci, Hussein T. Mouftah, Petar Djukic
2022 arXiv   pre-print
Machine learning (ML)-based methods are widely used against cyber threats in IoT networks with promising performance.  ...  The article highlights statistical insights regarding frequently applied ML-based methods against network intrusion alongside the number of attacks types detected.  ...  Below is a list of some of the attacks in the IIoT literature: • Zero-day Attacks: Zero-day exploits refer to the time it takes from the detection of an attack to fix the design flaws that developers have  ... 
arXiv:2204.03433v1 fatcat:kjuwgifuqbbazm6lfrqsfynliy

MADICS: A Methodology for Anomaly Detection in Industrial Control Systems

Ángel Luis Perales Gómez, Lorenzo Fernández Maimó, Alberto Huertas Celdrán, Félix J. García Clemente
2020 Symmetry  
However, there is a significant gap in the literature regarding methodologies to detect cyber attacks in ICS scenarios.  ...  that the proposed methodology is suitable for use in real ICS scenarios.  ...  Additionally, they used the normal samples from the training and test datasets to train the model; while, to test the model, they only used cyber attack samples from the test dataset.  ... 
doi:10.3390/sym12101583 fatcat:kjegb6mvcjdmjjns7ll3rujkbq

How Do Investors Perceive the Materiality of Data Security Incidents

Ahmad H. Juma'h, Yazan Alnsour
2021 Journal of Global Information Management  
We also use multivariate regression and time-to-event analysis to examine what determines the degree of investors' reactions, considering several intervals around the event day.  ...  Using a sample of 232 data security incidents for 132 publicly traded companies in the United States, we applied an event study methodology to discern investors' reactions to material versus immaterial  ...  tested against the alternative hypothesis, H a , would show that the mean day t 0 excess return (ER) would be equal to zero, and ER would be significantly different from zero.  ... 
doi:10.4018/jgim.20211101.oa4 fatcat:4gk2qakrlvfm7dovuewk6xdquu
« Previous Showing results 1 — 15 out of 329 results