Abstract
These days, cloud computing is one of the most promising technologies to store information and provide services online efficiently. Using this rapidly developing technology to protect computer-based systems from cyber-related attacks can bring many advantages over traditional protection schemes. The protected assets can be any computer-based systems such as cyber-physical systems (CPS), critical systems, desktop and laptop computers, mobile devices, and Internet of Things (IoT). Malicious software (malware) is any software which targets the computer-based system to launch cyber-attacks to threaten the integrity, confidentiality and availability of the data. To detect the massively growing malware attacks surface, we propose an intelligent behavior-based detection system in the cloud environment. The proposed system first creates a malware dataset on different virtual machines which identify distinctive features efficiently. Then, selected features are given to the learning-based and rule-based detection agents to separate malware from benign samples. Totally, 10,000 program samples have been analyzed to evaluate the performance of the proposed system. The proposed system can detect both known and unknown malware efficiently with high detection and accuracy rate. Besides, the proposed method results have outperformed the leading methods' results in the literature. Our evaluation results show that the proposed algorithms along with machine learning (ML) classifiers achieve 99.8% detection rate, 0.4% false positive rate, and 99.7% accuracy. Our proposed system and algorithms may assist those who would like to develop a novel malware detection system in the cloud environment.
Highlights
Nowadays, there is a tremendous increase in both the amount and severity of cyber-related attacks
We considered portable executable and macro files slightly more dangerous than other files including txt, image, multimedia files, etc
During the training and testing, best performances are gathered by using cross validation k = 10 and holdout method which is using 80% training and 20% testing sets
Summary
There is a tremendous increase in both the amount and severity of cyber-related attacks. Different malware variants are the main reason for cyber-attacks. Malware is any kind of software which is designed to exploit computer and network systems’ vulnerabilities to perform malicious activities and gain financial benefits. Worm, Trojan, backdoor, rootkits, and ransomware are well-known examples of malware. Each malicious code variant and its family are designed for different purposes. While some malware variants steal sensitive data, others initiate distributed denial of service (DDoS) attacks and allow remote code execution [1]. More than one malware type and family are used
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
