Visible to the public Biblio

Found 932 results

Filters: First Letter Of Title is D  [Clear All Filters]
Krohmer, D., Schotten, H. D..  2020.  Decentralized Identifier Distribution for Moving Target Defense and Beyond. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1—8.
In this work, we propose a novel approach for decentralized identifier distribution and synchronization in networks. The protocol generates network entity identifiers composed of timestamps and cryptographically secure random values with a significant reduction of collision probability. The distribution is inspired by Unique Universal Identifiers and Timestamp-based Concurrency Control algorithms originating from database applications. We defined fundamental requirements for the distribution, including: uniqueness, accuracy of distribution, optimal timing behavior, scalability, small impact on network load for different operation modes and overall compliance to common network security objectives. An implementation of the proposed approach is evaluated and the results are presented. Originally designed for a domain of proactive defense strategies known as Moving Target Defense, the general architecture of the protocol enables arbitrary applications where identifier distributions in networks have to be decentralized, rapid and secure.
Kumar, M., Singh, A. K..  2020.  Distributed Intrusion Detection System using Blockchain and Cloud Computing Infrastructure. 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184). :248—252.
Intrusion Detection System is a well-known term in the domain of Network and Information Security. It's one of the important components of the Network and Information Security infrastructure. Host Intrusion Detection System (HIDS) helps to detect unauthorized use, abnormal and malicious activities on the host, whereas Network Intrusion Detection System (NIDS) helps to detect attacks and intrusion on networks. Various researchers are actively working on different approaches to improving the IDS performance and many improvements have been achieved. However, development in many other technologies and newly emerging techniques always opens the doors of opportunity to add a sharp edge to IDS and to make it more robust and reliable. This paper proposes the development of Distributed Intrusion Detection System (DIDS) using emerging and promising technologies like Blockchain upon a stable platform like cloud infrastructure.
Patil, A., Jha, A., Mulla, M. M., Narayan, D. G., Kengond, S..  2020.  Data Provenance Assurance for Cloud Storage Using Blockchain. 2020 International Conference on Advances in Computing, Communication Materials (ICACCM). :443—448.

Cloud forensics investigates the crime committed over cloud infrastructures like SLA-violations and storage privacy. Cloud storage forensics is the process of recording the history of the creation and operations performed on a cloud data object and investing it. Secure data provenance in the Cloud is crucial for data accountability, forensics, and privacy. Towards this, we present a Cloud-based data provenance framework using Blockchain, which traces data record operations and generates provenance data. Initially, we design a dropbox like application using AWS S3 storage. The application creates a cloud storage application for the students and faculty of the university, thereby making the storage and sharing of work and resources efficient. Later, we design a data provenance mechanism for confidential files of users using Ethereum blockchain. We also evaluate the proposed system using performance parameters like query and transaction latency by varying the load and number of nodes of the blockchain network.

Olowononi, F. O., Rawat, D. B., Liu, C..  2020.  Dependable Adaptive Mobility in Vehicular Networks for Resilient Mobile Cyber Physical Systems. 2020 IEEE International Conference on Communications Workshops (ICC Workshops). :1—6.

Improved safety, high mobility and environmental concerns in transportation systems across the world and the corresponding developments in information and communication technologies continue to drive attention towards Intelligent Transportation Systems (ITS). This is evident in advanced driver-assistance systems such as lane departure warning, adaptive cruise control and collision avoidance. However, in connected and autonomous vehicles, the efficient functionality of these applications depends largely on the ability of a vehicle to accurately predict it operating parameters such as location and speed. The ability to predict the immediate future/next location (or speed) of a vehicle or its ability to predict neighbors help in guaranteeing integrity, availability and accountability, thus boosting safety and resiliency of the Vehicular Network for Mobile Cyber Physical Systems (VCPS). In this paper, we proposed a secure movement-prediction for connected vehicles by using Kalman filter. Specifically, Kalman filter predicts the locations and speeds of individual vehicles with reference to already observed and known information such posted legal speed limit, geographic/road location, direction etc. The aim is to achieve resilience through the predicted and exchanged information between connected moving vehicles in an adaptive manner. By being able to predict their future locations, the following vehicle is able to adjust its position more accurately to avoid collision and to ensure optimal information exchange among vehicles.

Poudel, S., Sun, H., Nikovski, D., Zhang, J..  2020.  Distributed Average Consensus Algorithm for Damage Assessment of Power Distribution System. 2020 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1—5.
In this paper, we propose a novel method to obtain the damage model (connectivity) of a power distribution system (PDS) based on distributed consensus algorithm. The measurement and sensing units in the distribution network are modeled as an agent with limited communication capability that exchanges the information (switch status) to reach an agreement in a consensus algorithm. Besides, a communication graph is designed for agents to run the consensus algorithm which is efficient and robust during the disaster event. Agents can dynamically communicate with the other agent based on available links that are established and solve the distributed consensus algorithm quickly to come up with the correct topology of PDS. Numerical simulations are performed to demonstrate the effectiveness of the proposed approach with the help of an IEEE 123-node test case with 3 different sub-graphs.
Liu, F., Eugenio, E., Jin, I. H., Bowen, C..  2020.  Differentially Private Generation of Social Networks via Exponential Random Graph Models. 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). :1695—1700.
Many social networks contain sensitive relational information. One approach to protect the sensitive relational information while offering flexibility for social network research and analysis is to release synthetic social networks at a pre-specified privacy risk level, given the original observed network. We propose the DP-ERGM procedure that synthesizes networks that satisfy the differential privacy (DP) via the exponential random graph model (EGRM). We apply DP-ERGM to a college student friendship network and compare its original network information preservation in the generated private networks with two other approaches: differentially private DyadWise Randomized Response (DWRR) and Sanitization of the Conditional probability of Edge given Attribute classes (SCEA). The results suggest that DP-EGRM preserves the original information significantly better than DWRR and SCEA in both network statistics and inferences from ERGMs and latent space models. In addition, DP-ERGM satisfies the node DP, a stronger notion of privacy than the edge DP that DWRR and SCEA satisfy.
Başkaya, D., Samet, R..  2020.  DDoS Attacks Detection by Using Machine Learning Methods on Online Systems. 2020 5th International Conference on Computer Science and Engineering (UBMK). :52—57.
DDoS attacks impose serious threats to many large or small organizations; therefore DDoS attacks have to be detected as soon as possible. In this study, a methodology to detect DDoS attacks is proposed and implemented on online systems. In the scope of the proposed methodology, Multi Layer Perceptron (MLP), Random Forest (RF), K-Nearest Neighbor (KNN), C-Support Vector Machine (SVC) machine learning methods are used with scaling and feature reduction preprocessing methods and then effects of preprocesses on detection accuracy rates of HTTP (Hypertext Transfer Protocol) flood, TCP SYN (Transport Control Protocol Synchronize) flood, UDP (User Datagram Protocol) flood and ICMP (Internet Control Message Protocol) flood DDoS attacks are analyzed. Obtained results showed that DDoS attacks can be detected with high accuracy of 99.2%.
Wang, L., Liu, Y..  2020.  A DDoS Attack Detection Method Based on Information Entropy and Deep Learning in SDN. 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). 1:1084—1088.
Software Defined Networking (SDN) decouples the control plane and the data plane and solves the difficulty of new services deployment. However, the threat of a single point of failure is also introduced at the same time. The attacker can launch DDoS attacks towards the controller through switches. In this paper, a DDoS attack detection method based on information entropy and deep learning is proposed. Firstly, suspicious traffic can be inspected through information entropy detection by the controller. Then, fine-grained packet-based detection is executed by the convolutional neural network (CNN) model to distinguish between normal traffic and attack traffic. Finally, the controller performs the defense strategy to intercept the attack. The experiments indicate that the accuracy of this method reaches 98.98%, which has the potential to detect DDoS attack traffic effectively in the SDN environment.
Nandi, S., Phadikar, S., Majumder, K..  2020.  Detection of DDoS Attack and Classification Using a Hybrid Approach. 2020 Third ISEA Conference on Security and Privacy (ISEA-ISAP). :41—47.
In the area of cloud security, detection of DDoS attack is a challenging task such that legitimate users use the cloud resources properly. So in this paper, detection and classification of the attacking packets and normal packets are done by using various machine learning classifiers. We have selected the most relevant features from NSL KDD dataset using five (Information gain, gain ratio, chi-squared, ReliefF, and symmetrical uncertainty) commonly used feature selection methods. Now from the entire selected feature set, the most important features are selected by applying our hybrid feature selection method. Since all the anomalous instances of the dataset do not belong to DDoS category so we have separated only the DDoS packets from the dataset using the selected features. Finally, the dataset has been prepared and named as KDD DDoS dataset by considering the selected DDoS packets and normal packets. This KDD DDoS dataset has been discretized using discretize tool in weka for getting better performance. Finally, this discretize dataset has been applied on some commonly used (Naive Bayes, Bayes Net, Decision Table, J48 and Random Forest) classifiers for determining the detection rate of the classifiers. 10 fold cross validation has been used here for measuring the robustness of the system. To measure the efficiency of our hybrid feature selection method, we have also applied the same set of classifiers on the NSL KDD dataset, where it gives the best anomaly detection rate of 99.72% and average detection rate 98.47% similarly, we have applied the same set of classifiers on NSL DDoS dataset and obtain the average DDoS detection of 99.01% and the best DDoS detection rate of 99.86%. In order to compare the performance of our proposed hybrid method, we have also applied the existing feature selection methods and measured the detection rate using the same set of classifiers. Finally, we have seen that our hybrid approach for detecting the DDoS attack gives the best detection rate compared to some existing methods.
Sumantra, I., Gandhi, S. Indira.  2020.  DDoS attack Detection and Mitigation in Software Defined Networks. 2020 International Conference on System, Computation, Automation and Networking (ICSCAN). :1—5.
This work aims to formulate an effective scheme which can detect and mitigate of Distributed Denial of Service (DDoS) attack in Software Defined Networks. Distributed Denial of Service attacks are one of the most destructive attacks in the internet. Whenever you heard of a website being hacked, it would have probably been a victim of a DDoS attack. A DDoS attack is aimed at disrupting the normal operation of a system by making service and resources unavailable to legitimate users by overloading the system with excessive superfluous traffic from distributed source. These distributed set of compromised hosts that performs the attack are referred as Botnet. Software Defined Networking being an emerging technology, offers a solution to reduce network management complexity. It separates the Control plane and the data plane. This decoupling provides centralized control of the network with programmability and flexibility. This work harness this programming ability and centralized control of SDN to obtain the randomness of the network flow data. This statistical approach utilizes the source IP in the network and various attributes of TCP flags and calculates entropy from them. The proposed technique can detect volume based and application based DDoS attacks like TCP SYN flood, Ping flood and Slow HTTP attacks. The methodology is evaluated through emulation using Mininet and Detection and mitigation strategies are implemented in POX controller. The experimental results show the proposed method have improved performance evaluation parameters including the Attack detection time, Delay to serve a legitimate request in the presence of attacker and overall CPU utilization.
Abdulkarem, H. S., Dawod, A..  2020.  DDoS Attack Detection and Mitigation at SDN Data Plane Layer. 2020 2nd Global Power, Energy and Communication Conference (GPECOM). :322—326.
In the coming future, Software-defined networking (SDN) will become a technology more responsive, fully automated, and highly secure. SDN is a way to manage networks by separate the control plane from the forwarding plane, by using software to manage network functions through a centralized control point. A distributed denial-of-service (DDoS) attack is the most popular malicious attempt to disrupt normal traffic of a targeted server, service, or network. The problem of the paper is the DDoS attack inside the SDN environment and how could use SDN specifications through the advantage of Open vSwitch programmability feature to stop the attack. This paper presents DDoS attack detection and mitigation in the SDN data-plane by applying a written SDN application in python language, based on the malicious traffic abnormal behavior to reduce the interference with normal traffic. The evaluation results reveal detection and mitigation time between 100 to 150 sec. The work also sheds light on the programming relevance with the open daylight controller over an abstracted view of the network infrastructure.
Wang, Y., Kjerstad, E., Belisario, B..  2020.  A Dynamic Analysis Security Testing Infrastructure for Internet of Things. 2020 Sixth International Conference on Mobile And Secure Services (MobiSecServ). :1—6.
IoT devices such as Google Home and Amazon Echo provide great convenience to our lives. Many of these IoT devices collect data including Personal Identifiable Information such as names, phone numbers, and addresses and thus IoT security is important. However, conducting security analysis on IoT devices is challenging due to the variety, the volume of the devices, and the special skills required for hardware and software analysis. In this research, we create and demonstrate a dynamic analysis security testing infrastructure for capturing network traffic from IoT devices. The network traffic is automatically mirrored to a server for live traffic monitoring and offline data analysis. Using the dynamic analysis security testing infrastructure, we conduct extensive security analysis on network traffic from Google Home and Amazon Echo. Our testing results indicate that Google Home enforces tighter security controls than Amazon Echo while both Google and Amazon devices provide the desired security level to protect user data in general. The dynamic analysis security testing infrastructure presented in the paper can be utilized to conduct similar security analysis on any IoT devices.
Zhai, P., Song, Y., Zhu, X., Cao, L., Zhang, J., Yang, C..  2020.  Distributed Denial of Service Defense in Software Defined Network Using OpenFlow. 2020 IEEE/CIC International Conference on Communications in China (ICCC). :1274—1279.
Software Defined Network (SDN) is a new type of network architecture solution, and its innovation lies in decoupling traditional network system into a control plane, a data plane, and an application plane. It logically implements centralized control and management of the network, and SDN is considered to represent the development trend of the network in the future. However, SDN still faces many security challenges. Currently, the number of insecure devices is huge. Distributed Denial of Service (DDoS) attacks are one of the major network security threats.This paper focuses on the detection and mitigation of DDoS attacks in SDN. Firstly, we explore a solution to detect DDoS using Renyi entropy, and we use exponentially weighted moving average algorithm to set a dynamic threshold to adapt to changes of the network. Second, to mitigate this threat, we analyze the historical behavior of each source IP address and score it to determine the malicious source IP address, and use OpenFlow protocol to block attack source.The experimental results show that the scheme studied in this paper can effectively detect and mitigate DDoS attacks.
Navabi, S., Nayyar, A..  2020.  A Dynamic Mechanism for Security Management in Multi-Agent Networked Systems. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :1628—1637.
We study the problem of designing a dynamic mechanism for security management in an interconnected multi-agent system with N strategic agents and one coordinator. The system is modeled as a network of N vertices. Each agent resides in one of the vertices of the network and has a privately known security state that describes its safety level at each time. The evolution of an agent's security state depends on its own state, the states of its neighbors in the network and on actions taken by a network coordinator. Each agent's utility at time instant t depends on its own state, the states of its neighbors in the network and on actions taken by a network coordinator. The objective of the network coordinator is to take security actions in order to maximize the long-term expected social surplus. Since agents are strategic and their security states are private information, the coordinator needs to incentivize agents to reveal their information. This results in a dynamic mechanism design problem for the coordinator. We leverage the inter-temporal correlations between the agents' security states to identify sufficient conditions under which an incentive compatible expected social surplus maximizing mechanism can be constructed. We then identify two special cases of our formulation and describe how the desired mechanism is constructed in these cases.
Reshma, S., Shaila, K., Venugopal, K. R..  2020.  DEAVD - Data Encryption and Aggregation using Voronoi Diagram for Wireless Sensor Networks. 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4). :635–638.
Wireless Sensor Networks (WSNs) are applied in environmental monitoring, military surveillance, etc., whereas these applications focuses on providing security for sensed data and the nodes are available for a long time. Hence, we propose DEAVD protocol for secure data exchange with limited usage of energy. The DEAVD protocol compresses data to reduces the energy consumption and implements an energy efficient encryption and decryption technique using voronoi diagram paradigm. Thus, there is an improvement in the proposed protocol with respect to security due to the concept adapted during data encryption and aggregation.
Myasnikova, N., Beresten, M. P., Myasnikova, M. G..  2020.  Development of Decomposition Methods for Empirical Modes Based on Extremal Filtration. 2020 Moscow Workshop on Electronic and Networking Technologies (MWENT). :1–4.
The method of extremal filtration implementing the decomposition of signals into alternating components is considered. The history of the method development is described, its mathematical substantiation is given. The method suggests signal decomposition based on the removal of known components locally determined by their extrema. The similarity of the method with empirical modes decomposition in terms of the result is shown, and their comparison is also carried out. The algorithm of extremal filtration has a simple mathematical basis that does not require the calculation of transcendental functions, which provides it with higher performance with comparable results. The advantages and disadvantages of the extremal filtration method are analyzed, and the possibility of its application for solving various technical problems is shown, i.e. the formation of diagnostic features, rapid analysis of signals, spectral and time-frequency analysis, etc. The methods for calculating spectral characteristics are described: by the parameters of the distinguished components, based on the approximation on the extrema by bell-shaped pulses. The method distribution in case of wavelet transform of signals is described. The method allows obtaining rapid evaluation of the frequencies and amplitudes (powers) of the components, which can be used as diagnostic features in solving problems of recognition, diagnosis and monitoring. The possibility of using extremal filtration in real-time systems is shown.
Banerjee, R., Baksi, A., Singh, N., Bishnu, S. K..  2020.  Detection of XSS in web applications using Machine Learning Classifiers. 2020 4th International Conference on Electronics, Materials Engineering Nano-Technology (IEMENTech). :1—5.
Considering the amount of time we spend on the internet, web pages have evolved over a period of time with rapid progression and momentum. With such advancement, we find ourselves fronting a few hostile ideologies, breaching the security levels of webpages as such. The most hazardous of them all is XSS, known as Cross-Site Scripting, is one of the attacks which frequently occur in website-based applications. Cross-Site Scripting (XSS) attacks happen when malicious data enters a web application through an untrusted source. The spam attacks happen in the form of Wall posts, News feed, Message spam and mostly when a user is open to download content of webpages. This paper investigates the use of machine learning to build classifiers to allow the detection of XSS. Establishing our approach, we target the detection modus operandi of XSS attack via two features: URLs and JavaScript. To predict the level of XSS threat, we will be using four machine learning algorithms (SVM, KNN, Random forest and Logistic Regression). Proposing these classified algorithms, webpages will be branded as malicious or benign. After assessing and calculating the dataset features, we concluded that the Random Forest Classifier performed most accurately with the lowest False Positive Rate of 0.34. This precision will ensure a method much efficient to evaluate threatening XSS for the smooth functioning of the system.
Kascheev, S., Olenchikova, T..  2020.  The Detecting Cross-Site Scripting (XSS) Using Machine Learning Methods. 2020 Global Smart Industry Conference (GloSIC). :265—270.
This article discusses the problem of detecting cross-site scripting (XSS) using machine learning methods. XSS is an attack in which malicious code is embedded on a page to interact with an attacker’s web server. The XSS attack ranks third in the ranking of key web application risks according to Open Source Foundation for Application Security (OWASP). This attack has not been studied for a long time. It was considered harmless. However, this is fallacious: the page or HTTP Cookie may contain very vulnerable data, such as payment document numbers or the administrator session token. Machine learning is a tool that can be used to detect XSS attacks. This article describes an experiment. As a result the model for detecting XSS attacks was created. Following machine learning algorithms are considered: the support vector method, the decision tree, the Naive Bayes classifier, and Logistic Regression. The accuracy of the presented methods is made a comparison.
Purohit, S., Calyam, P., Wang, S., Yempalla, R., Varghese, J..  2020.  DefenseChain: Consortium Blockchain for Cyber Threat Intelligence Sharing and Defense. 2020 2nd Conference on Blockchain Research Applications for Innovative Networks and Services (BRAINS). :112—119.
Cloud-hosted applications are prone to targeted attacks such as DDoS, advanced persistent threats, cryptojacking which threaten service availability. Recently, methods for threat information sharing and defense require co-operation and trust between multiple domains/entities. There is a need for mechanisms that establish distributed trust to allow for such a collective defense. In this paper, we present a novel threat intelligence sharing and defense system, namely “DefenseChain”, to allow organizations to have incentive-based and trustworthy co-operation to mitigate the impact of cyber attacks. Our solution approach features a consortium Blockchain platform to obtain threat data and select suitable peers to help with attack detection and mitigation. We propose an economic model for creation and sustenance of the consortium with peers through a reputation estimation scheme that uses `Quality of Detection' and `Quality of Mitigation' metrics. Our evaluation experiments with DefenseChain implementation are performed on an Open Cloud testbed with Hyperledger Composer and in a simulation environment. Our results show that the DefenseChain system overall performs better than state-of-the-art decision making schemes in choosing the most appropriate detector and mitigator peers. In addition, we show that our DefenseChain achieves better performance trade-offs in terms of metrics such as detection time, mitigation time and attack reoccurence rate. Lastly, our validation results demonstrate that our DefenseChain can effectively identify rational/irrational service providers.
Shang, F., Li, X., Zhai, D., Lu, Y., Zhang, D., Qian, Y..  2020.  On the Distributed Jamming System of Covert Timing Channels in 5G Networks. 2020 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA). :1107—1111.
To build the fifth generation (5G) mobile network, the sharing structure in the 5G network adopted in industries has gained great research interesting. However, in this structure data are shared among diversity networks, which introduces the threaten of network security, such as covert timing channels. To eliminate the covert timing channel, we propose to inject noise into the covert timing channel. By analyzing the modulation method of covert timing channels, we design the jamming strategy on the covert channel. According to the strategy, the interference algorithm of the covert timing channel is designed. Since the interference algorithm depends heavily on the memory, we construct a distributing jammer. Experiments results show that these covert time channel can be blocked under the distributing jammer.
Arunpandian, S., Dhenakaran, S. S..  2020.  DNA based Computing Encryption Scheme Blending Color and Gray Images. 2020 International Conference on Communication and Signal Processing (ICCSP). :0966–0970.
In this paper, a novel DNA based computing method is proposed for encryption of biometric color(face)and gray fingerprint images. In many applications of present scenario, gray and color images are exhibited major role for authenticating identity of an individual. The values of aforementioned images have considered as two separate matrices. The key generation process two level mathematical operations have applied on fingerprint image for generating encryption key. For enhancing security to biometric image, DNA computing has done on the above matrices generating DNA sequence. Further, DNA sequences have scrambled to add complexity to biometric image. Results of blending images, image of DNA computing has shown in experimental section. It is observed that the proposed substitution DNA computing algorithm has shown good resistant against statistical and differential attacks.
Pradeeksha, A. Shirley, Sathyapriya, S. Sridevi.  2020.  Design and Implementation of DNA Based Cryptographic Algorithm. 2020 5th International Conference on Devices, Circuits and Systems (ICDCS). :299–302.
The intensity of DNA figuring will reinforce the current security on frameworks by opening up another probability of a half and half cryptographic framework. Here, we are exhibiting the DNA S-box for actualizing cryptographic algorithm. The DNA based S-Box is designed using vivado software and implemented using Artix-7 device. The main aim is to design the DNA based S-box to increase the security. Also pipelining and parallelism techniques are to be implement in future to increase the speed.
Pandey, A., Mahajan, D., Gupta, S., Rastogi, i.  2020.  Detection of Blind Signature Using Recursive Sum. 2020 6th International Conference on Signal Processing and Communication (ICSC). :262–265.
Digital signatures are suitable technology for public key encryption. Acceptance (non-repudiation) of digital messages and data origin authentication are one of the main usage of digital signature. Digital signature's security mainly depends on the keys (public and private). These keys are used to generate and validate digital signatures. In digital signature signing process is performed using signer's secret key. However, any attacker can present a blinded version of message encrypted with signer's public key and can get the original message. Therefore, this paper proposed a novel method to identify blinded version of digital signature. The proposed method has been tested mathematically and found to be more efficient to detect blind signatures.
Van, L. X., Dung, L. H., Hoa, D. V..  2020.  Developing Root Problem Aims to Create a Secure Digital Signature Scheme in Data Transfer. 2020 International Conference on Green and Human Information Technology (ICGHIT). :25–30.
This paper presents the proposed method of building a digital signature algorithm which is based on the difficulty of solving root problem and some expanded root problems on Zp. The expanded root problem is a new form of difficult problem without the solution, also originally proposed and applied to build digital signature algorithms. This proposed method enable to build a high-security digital signature platform for practical applications.
Zhang, J..  2020.  DeepMal: A CNN-LSTM Model for Malware Detection Based on Dynamic Semantic Behaviours. 2020 International Conference on Computer Information and Big Data Applications (CIBDA). :313–316.
Malware refers to any software accessing or being installed in a system without the authorisation of administrators. Various malware has been widely used for cyber-criminals to accomplish their evil intentions and goals. To combat the increasing amount and reduce the threat of malicious programs, a novel deep learning framework, which uses NLP techniques for reference, combines CNN and LSTM neurones to capture the locally spatial correlations and learn from sequential longterm dependency is proposed. Hence, high-level abstractions and representations are automatically extracted for the malware classification task. The classification accuracy improves from 0.81 (best one by Random Forest) to approximately 1.0.