Detection of Trickbot and Emotet Banking Trojans with Machine Learning

Abstract

Internet banking is getting more popular with the increasing number and demand of online banking customers. Almost all transactions that could be performed in bank branches could also be realized through internet banking. Internet banking, which has become widespread with the increasing use of the Internet, has also led to an increase in cases of financial fraud. This has made the protection of personal data and the security of banking services more important than ever. It is very important for institutions and organizations providing online banking services to take security measures in their systems. Cybercriminals target internet users with methods such as malware infection, botnets, spam, phishing, identity theft, and social engineering that they use and develop every day. Therefore, there are always potential risks in using internet banking. Banking viruses commonly used by cybercriminals today are TrickBot and Emotet. Nowadays TrickBot and Emotet are popular banking trojans which gives hard times for online banking customers. Their primary goal is to steal user’s banking and personal information. In this study, we will investigate the behavior analysis and new tricks of TrickBot and Emotet banking viruses, which use different methods to compromise the security of online banking customers. We benefited WEKA program to detect these banking viruses. In addition to this, we also focused on the detection of TrickBot and Emotet Banking viruses with using Random Tree, J48, Naive Bayes, SMO Techniques.