Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Literature Review
Discussion -Conclusions
References

Advanced Information Systems Engineering Workshops

Profile image of Kostantinos DemertzisKostantinos Demertzis

Abstract

Recent malware developments have the ability to remain hidden during infection and operation. They prevent analysis and removal, using various techniques, namely: obscure filenames, modification of file attributes, or operation under the pretense of legitimate programs and services. Also, the malware might attempt to subvert modern detection software, by hiding running processes, network connections and strings with malicious URLs or registry keys. The malware can go a step further and obfuscate the entire file with a packer, which is special software that takes the original malware file and compresses it, thus making all the original code and data unreadable. This paper proposes a novel approach, which uses minimum computational power and resources, to indentify Packed Executable (PEX), so as to spot the existence of malware software. It is an Evolving Computational Intelligence System for Malware Detection (ECISMD) which performs classification by Evolving Spiking Neural Networks (eSNN), in order to properly label a packed executable. On the other hand, it uses an Evolving Classification Function (ECF) for the detection of malwares and applies Genetic Algorithms to achieve ECF Optimization.

Related papers

Classification System for Malware Identification and Detection
Tushar Punjabi

International Journal of Advanced Research in Computer Science and Software Engineering, 2017

Signature based malware detection systems have been a tremendously utilized reaction to the unavoidable issue of malware. Distinguishing proof of malware variations is basic to a detection system furthermore, is made conceivable by distinguishing invariant qualities in related examples. To characterize the packed and polymorphic malware, this paper proposes a novel system, named malwise, for malware characterization utilizing a quick application level emulator to switch the code pressing change, furthermore, two flowgraph coordinating algorithms to perform characterization. A correct flowgraph coordinating algorithm is utilized that utilizations string based signatures, and can recognize malware with close constant execution. Furthermore, a more powerful surmised stream chart coordinating algorithm is recommended that uses the decompilation method of organizing to produce string based signatures managable to the string alter remove. We utilize genuine and manufactured malware to show the adequacy what's more, productivity of Malwise. Utilizing more than 15,000 genuine malware, gathered from honeypots, the viability is approved by demonstrating that there is an 88% likelihood that new malware is distinguished as a variation of existing malware. The effectiveness is shown from a littler example set of malware where 86% of the specimens can be classified in under 1.3 seconds.

View PDFchevron_right
Progress in Artificial Intelligence Artificial intelligence-based antivirus in order to detect malware preventively
Sidney Lima

Progress in Artificial Intelligence , 2020

The proposed paper investigates commercial antiviruses. About 17% of the antiviruses did not recognize the existence of the malicious samples analyzed. In order to overcome the limitations of commercial antiviruses, this project creates an antivirus able to identify the modus operandi of a malware application before it is even executed by the user. In the proposed methodology, the features extracted from the executables are the input attributes of artificial neural networks. The classification of neural networks aims to group executables of 32-bit architectures into two classes: benign and malware. In total, 6272 executables are used in order to validate the proposed methodology. The proposed antivirus achieves an average performance of 98.32% in the distinction between benign and malware executables, accompanied by an average response time of only 0.07 s. Our antivirus is statistically superior and more effective when compared to the best state-of-the-art antivirus. The limitations of commercial antiviruses can be catering for artificial intelligence techniques based on machine learning. Instead of empirical and heuristic models, the proposed work identifies, in a statistical way, behaviors previously classified as suspects in real time.

View PDFchevron_right
A Framework for Optimizing Malware Classification by Using Genetic Algorithm
Aman Jantan

Malware classification is a vital in combating the malware. Malware classification system is important and work together with malware identification to prepare the right and effective antidote for malware. Current techniques in malware classification do not give a good classification result when it deals with the new and unique types of malware. For this reason, we proposed the usage of Genetic Algorithm to optimize the malware classification system as well as help in malware prediction. The new malware classification system is based on malware target and its operation behavior. The result from this study will create a new framework that designed to optimize the classification of malware. This new malware classification system also has an ability to train and learn by itself, so that it can predict the current and upcoming trend of malware attack.

View PDFchevron_right
A Novel Malware Detection System Based On Machine Learning and Binary Visualization
Irina Baptista

arXiv (Cornell University), 2019

The continued evolution and diversity of malware constitutes a major threat in modern systems. It is well proven that security defenses currently available are ineffective to mitigate the skills and imagination of cyber-criminals necessitating the development of novel solutions. Deep learning algorithms and artificial intelligence (AI) are rapidly evolving with remarkable results in many application areas. Following the advances of AI and recognizing the need for efficient malware detection methods, this paper presents a new approach for malware detection based on binary visualization and self-organizing incremental neural networks. The proposed method's performance in detecting malicious payloads in various file types was investigated and the experimental results showed that a detection accuracy of 91.7% and 94.1% was achieved for ransomware in .pdf and .doc files respectively. With respect to other formats of malicious code and other file types, including binaries, the proposed method behaved well with an incremental detection rate that allows efficiently detecting unknown malware at real-time.

View PDFchevron_right
A Novel Malware
Irina Baptista

2019

The continued evolution and diversity of malware constitutes a major threat in modern systems. It is well proven that security defenses currently available are ineffective to mitigate the skills and imagination of cyber-criminals necessitating the development of novel solutions. Deep learning algorithms and artificial intelligence (AI) are rapidly evolving with remarkable results in many application areas. Following the advances of AI and recognizing the need for efficient malware detection methods, this paper presents a new approach for malware detection based on binary visualization and self-organizing incremental neural networks. The proposed method’s performance in detecting malicious payloads in various file types was investigated and the experimental results showed that a detection accuracy of 91.7% and 94.1% was achieved for ransomware in .pdf and .doc files respectively. With respect to other formats of malicious code and other file types, including binaries, the proposed me...

View PDFchevron_right
ADAPTIVE NEURO-FUZZY SYSTEM FOR MALWARE DETECTION
Falana James

Malware, which are computer programs designed to infiltrate and disrupt computing operations, is one of the security challenges faced by Internet users. Most malware detection techniques such as signature-based, specification-based and static-based are faced with high false positive, low accuracy and inability to detect both zero day and polymorphic malware. In this research work, an Adaptive Neuro Fuzzy System for Malware Detection (ANFSMD) was proposed to address these problems. ANFSMD utilizes both the Application Programming Interface (API) calls and operation codes to study the behaviour of Portable Executable (PE) files. The PE files were disassembled into low-level codes and the identified features were grouped for efficient detection. Five features, selected using weighted average, were used for the fuzzification. Using a bell membership function, 243 rules were generated for predicting the behaviours of the PE files. A normalization technique was used to combine the various fuzzy sets into one. Back propagation algorithm was used for the training and the resulting errors from outputs were used to dynamically modify inputs for improved outcomes. The implementation of ANFSMD was carried out using Java Programming Language, Interactive Disassembler and Matlab because of their supports for implementation of micro-programs. A total of 20,750 malware programs from VX Heaven public dataset and 15,000 clean files from Filehippo were used for the evaluation. The result showed that Adaptive Neuro-Fuzzy Inference System (ANFIS) has a detection rate of 97.96%, Naïve Bayes has detection rate of 93.88%, Random Forest has 84.78% and Support Vector Machine has 92.87. The proposed method was also compared with a Control Flow Graph (CFG), which is one of the best existing techniques that adopted the use of API calls. The evaluation showed that the detection rate, false positive rate and overall accuracy for CFG were 93.9%, 9.3% and 92.4%, while the proposed method achieved 98%, 3.9% and 97% respectively. These results showed that ANFSMD can be deployed for efficient detection of all categories of malware.

View PDFchevron_right
Malware Detection Issues, Challenges, and Future Directions: A Survey
TAISEER EISA

Applied Sciences

The evolution of recent malicious software with the rising use of digital services has increased the probability of corrupting data, stealing information, or other cybercrimes by malware attacks. Therefore, malicious software must be detected before it impacts a large number of computers. Recently, many malware detection solutions have been proposed by researchers. However, many challenges limit these solutions to effectively detecting several types of malware, especially zero-day attacks due to obfuscation and evasion techniques, as well as the diversity of malicious behavior caused by the rapid rate of new malware and malware variants being produced every day. Several review papers have explored the issues and challenges of malware detection from various viewpoints. However, there is a lack of a deep review article that associates each analysis and detection approach with the data type. Such an association is imperative for the research community as it helps to determine the suita...

View PDFchevron_right
Artificial intelligence-based antivirus in order to detect malware preventively
Sidney Lima

Artificial intelligence-based antivirus in order to detect malware preventively, 2021

The proposed paper investigates commercial antiviruses. About 17% of the antiviruses did not recognize the existence of the malicious samples analyzed. In order to overcome the limitations of commercial antiviruses, this project creates an antivirus able to identify the modus operandi of a malware application before it is even executed by the user. In the proposed methodology, the features extracted from the executables are the input attributes of artificial neural networks. The classification of neural networks aims to group executables of 32-bit architectures into two classes: benign and malware. In total, 6272 executables are used in order to validate the proposed methodology. The proposed antivirus achieves an average performance of 98.32% in the distinction between benign and malware executables, accompanied by an average response time of only 0.07 s. Our antivirus is statistically superior and more effective when compared to the best state-of-the-art antivirus. The limitations of commercial antiviruses can be catering for artificial intelligence techniques based on machine learning. Instead of empirical and heuristic models, the proposed work identifies, in a statistical way, behaviors previously classified as suspects in real time.

View PDFchevron_right
Encoded Executable File Detection Technique via Executable File Header Analysis
Yangseo Choi

sersc.org

Recently, the attack trends have been changed from fast and widespread malware propagation attacks to more sophisticated "targeted" attacks such as spy/adware, password stealers, ransom-ware, and botenets etc. and the attacks are tried via the automated malwares. In this situation, the malware is the most powerful weapon for the attackers. So, the attackers do not want their malwares to be reviled by anti-virus analyzer. In order to conceal their malware, malware programmers are getting utilize the anti reverse engineering techniques and code changing techniques such as the packing, encoding and encryption techniques. If the malware is packed or encrypted, then it is very difficult to analyze. Therefore, to prevent the harmful effects of malware and to generate signatures for malware detection, the packed and encrypted executable codes must initially be unpacked. The first step of unpacking is to detect the packed executable files. In this paper, a packed file detection technique based on a PE Header Analysis is proposed. In many cases, to pack and unpack the executable codes, PE files have unusual attributes in their PE headers. In this paper, these characteristics are utilized to detect the packed files. A Characteristic Vector (CV) that consists of eight elements is defined, and the Euclidean distance (ED) of the CV is calculated. The EDs of the packed files are calculated and represent the base threshold for the detection of packed files.

View PDFchevron_right
Literature Survey on Different Malware Detection Techniques
Amro Moussa

Malware was essentially developed to alert vendors about their security bugs, however, with the rise of malicious intents, computer systems suffer intelligent types of malware which are classified under four categories. Encrypted, Oligomorphic, Polymorphic, and Metamorphic malwares. Each are based on evasive techniques utilizing mutation engines and encryption methods to bypass anti-viruses undetected. On the other hand, malware detection methods are categorized into three main sectors, anomaly-based, specificationbased, and signature-based. With each detection method having its benefits and limitations. This paper aims to help researchers have a complete overview of malware detection techniques with its advantages and disadvantages.

View PDFchevron_right

References (64)

  1. Yan, W., Zhang, Z., Ansari, N.: Revealing Packed Malware. IEEE (2007)
  2. Cesare, S., Xiang, Y.: Software Similarity and Classification. Springer (2012)
  3. Babar, K., Khalid, F.: Generic unpacking techniques. In: Proceedings of the 2nd International Conference on Computer, Control and Communication (IC4), pp. 1-6. IEEE (2009)
  4. Royal, P., Halpin, M., Dagon, D., Edmonds, R.: Polyunpack: Automating the hidden-code extraction of unpack-executing malware. In: ACSAC, pp. 289-300 (2006)
  5. Kang, M., Poosankam, P., Yin, H.: Renovo: A hidden code extractor for packed executables. In: 2007 ACM Workshop on Recurring Malcode, pp. 46-53. ACM (2007)
  6. Martignoni, L., Christodorescu, M., Jha, S.: Omniunpack: Fast, generic, and safe unpacking of malware. In: Proceedings of the ACSAC, pp. 431-441 (2007)
  7. Yegneswaran, V., Saidi, H., Porras, P., Sharif, M.: Eureka: A framework for enabling static analysis on malware, Technical report, Technical Report SRI-CSL-08-01 (2008)
  8. Danielescu, A.: Anti-debugging and anti-emulation techniques: Code-Breakers J. (2008)
  9. Shafiq, M.Z., Tabish, S.M., Mirza, F., Farooq, M.: PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 121-141. Springer, Heidelberg (2009)
  10. Shaq, M., Tabish, S., Farooq, M.: PE-Probe: Leveraging Packer Detection and Structural Information to Detect Malicious Portable Executables. In: Virus Bulletin Conference (2009)
  11. Perdisci, R., Lanzi, A., Lee, W.: McBoost: Boosting scalability in malware collection and analysis using statistical classiffication of executables. In: Proceedings of the 2008 Annual Computer Security Applications Conference, pp. 301-310 (2008) ISSN 1063-9527
  12. Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. Journal of Machine Learning Research 7, 2721-2744 (2006)
  13. Ugarte-Pedrero, X., Santos, I., Bringas, P.G., Gastesi, M., Esparza, J.M.: Semi-supervised Learning for Packed Executable Detection. IEEE (2011) 978-1-4577-0460-4/11
  14. Ugarte-Pedrero, X., Santos, I., Laorden, C., Sanz, B., Bringas, G.P.: Collective Classification for Packed Executable Identification. In: ACM CEAS, pp. 23-30 (2011)
  15. Gavrilut, D., Cimpoes, M., Anton, D., Ciortuz, L.: Malware Detection Using Machine Learning. In: Proceedings of the International Multiconference on Computer Science and Information Technology, pp. 735-741 (2009) ISBN 978-83-60810-22-4
  16. Ye, Y., Wang, D., Li, T., Ye, D.: Imds: intelligent malware detection system. ACM (2007)
  17. Chandrasekaran, M., Vidyaraman, V., Upadhyaya, S.J.: Spycon: Emulating user activities to detect evasive spyware, IPCCC. IEEE Computer Society, 502-550 (2007)
  18. Chouchane, M.R., Walenstein, A., Lakhotia, A.: Using Markov Chains to filter machine- morphed variants of malicious programs. In: 3rd International Conference on Malicious and Unwanted Software, MALWARE 2008, pp. 77-84 (2008)
  19. Stamp, M., Attaluri, S.: McGhee S.: Profile hidden markov models and metamorphic virus detection. Journal in Computer Virology (2008)
  20. Santamarta, R.: Generic detection and classification of polymorphic malware using neural pattern recognition (2006)
  21. Yoo, I.: Visualizing Windows executable viruses using self-organizing maps. In: VizSEC/DMSEC 2004: ACM Workshop (2004)
  22. Schliebs, S., Kasabov, N.: Evolving spiking neural network-a survey. Evolving Systems 4(2), 87-98 (2013)
  23. Thorpe, S.J., Delorme, A.: Rufin van Rullen: Spike-based strategies for rapid processing. Neural Networks 14(6-7), 715-725 (2001)
  24. Delorme, A., Perrinet, L., Thorpe, S.J.: Networks of Integrate-and-Fire Neurons using Rank Order Coding B: Spike Timing Dependant Plasticity and Emergence of Orientation Selectivity. Published in Neurocomputing 38-40(1-4), 539-545 (2000)
  25. Thorpe, S.J., Gautrais, J.: Rank order coding. In: CNS 1997: Proceedings of the 6th Annual Conference on Computational Neuroscience: Trends in Research, New York, NY, USA, pp. 113-118. Plenum Press (1998)
  26. Kasabov, N.: Evolving connectionist systems: Methods and Applications in Bioinformatics. In: Yu, P.X., Kacprzyk, P.J. (eds.) Brain Study and Intelligent Machines. Springer, NY (2002)
  27. Wysoski, S.G., Benuskova, L., Kasabov, N.: Adaptive learning procedure for a network of spiking neurons and visual pattern recognition. In: Blanc-Talon, J., Philips, W., Popescu, D., Scheunders, P. (eds.) ACIVS 2006. LNCS, vol. 4179, pp. 1133-1142. Springer, Heidelberg (2006)
  28. Schliebs, S., Defoin-Platel, M., Kasabov, N.: Integrated feature and parameter optimization for an evolving spiking neural network. In: Köppen, M., Kasabov, N., Coghill, G. (eds.) ICONIP 2008, Part I. LNCS, vol. 5506, pp. 1229-1236. Springer, Heidelberg (2009)
  29. Song Q., Kasabov N.: Weighted Data Normalization and Feature Selection. In: Proc. of the 8th Intelligence Information Systems Conference (2003)
  30. Huang, L., Song, Q., Kasabov, N.: Evolving Connectionist System Based Role Allocation for Robotic Soccer. International Journal of Advanced Robotic Systems 5(1), 59-62 (2008) ISSN 1729-8806
  31. Kasabov, N.: Evolving fuzzy neural networks for online supervised/ unsupervised, knowledge-based learning. IEEE Trans. Cybernetics 31(6), 902-918 (2001)
  32. Kasabov, N., Song, Q.: DENFIS: Dynamic, evolving neural-fuzzy inference systems and its application for time-series prediction. IEEE Trans. 10(2), 144-154 (2002)
  33. Goh, L., Song, Q., Kasabov, N.: A Novel Feature Selection Method to Improve Classification of Gene Expression Data. In: 2nd Asia-Pacific IT Conf. vol. 29 (2004)
  34. Kasabov, N., Song, Q.: GA-parameter optimization of evolving connectionist systems for classification and a case study from bioinformatics. In: Neural Information ICONIP 2002 Proceedings of the 9th International Conference on, IEEE ICONIP, 1198128 (2002) 35. http://www.kedri.aut.ac.nz/
  35. Anezakis, V.-D., Demertzis, K., Iliadis, L., 2018. Classifying with fuzzy chi-square test: The case of invasive species. AIP Conference Proceedings 1978, 290003. https://doi.org/10/gdtm5q
  36. Anezakis, V.-D., Demertzis, K., Iliadis, L., Spartalis, S., 2017a. Hybrid intelligent modeling of wild fires risk. Evolving Systems 1-17. https://doi.org/10/gdp863
  37. Anezakis, V.-D., Demertzis, K., Iliadis, L., Spartalis, S., 2016a. A Hybrid Soft Computing Approach Producing Robust Forest Fire Risk Indices, in: Artificial Intelligence Applications and Innovations, IFIP Advances in Information and Communication Technology. Presented at the IFIP International Conference on Artificial Intelligence Applications and Innovations, Springer, Cham, pp. 191-203. https://doi.org/10.1007/978-3-319-44944-9_17
  38. Anezakis, V.-D., Dermetzis, K., Iliadis, L., Spartalis, S., 2016b. Fuzzy Cognitive Maps for Long-Term Prognosis of the Evolution of Atmospheric Pollution, Based on Climate Change Scenarios: The Case of Athens, in: Computational Collective Intelligence, Lecture Notes in Computer Science. Presented at the International Conference on Computational Collective Intelligence, Springer, Cham, pp. 175-186. https://doi.org/10.1007/978-3-319-45243-2_16
  39. Anezakis, V.-D., Iliadis, L., Demertzis, K., Mallinis, G., 2017b. Hybrid Soft Computing Analytics of Cardiorespiratory Morbidity and Mortality Risk Due to Air Pollution, in: Information Systems for Crisis Response and Management in Mediterranean Countries, Lecture Notes in Business Information Processing. Presented at the International Conference on Information Systems for Crisis Response and Management in Mediterranean Countries, Springer, Cham, pp. 87-105. https://doi.org/10.1007/978-3-319-67633-3_8
  40. Anezakis, V.D., Mallinis, G., Iliadis, L., Demertzis, K., 2018. Soft computing forecasting of cardiovascular and respiratory incidents based on climate change scenarios, in: 2018 IEEE Conference on Evolving and Adaptive Intelligent Systems (EAIS). Presented at the 2018 IEEE Conference on Evolving and Adaptive Intelligent Systems (EAIS), pp. 1-8. https://doi.org/10.1109/EAIS.2018.8397174
  41. Bougoudis, I., Demertzis, K., Iliadis, L., 2016a. Fast and low cost prediction of extreme air pollution values with hybrid unsupervised learning. Integrated Computer-Aided Engineering 23, 115-127. https://doi.org/10/f8dt4t
  42. Bougoudis, I., Demertzis, K., Iliadis, L., 2016b. HISYCOL a hybrid computational intelligence system for combined machine learning: the case of air pollution modeling in Athens. Neural Comput & Applic 27, 1191-1206. https://doi.org/10/f8r7vf
  43. Bougoudis, I., Demertzis, K., Iliadis, L., Anezakis, V.-D., Papaleonidas, A., 2018. FuSSFFra, a fuzzy semi-supervised forecasting framework: the case of the air pollution in Athens. Neural Computing and Applications 29. https://doi.org/10/gc9bbf
  44. Bougoudis, I., Demertzis, K., Iliadis, L., Anezakis, V.-D., Papaleonidas, A., 2016c. Semi- supervised Hybrid Modeling of Atmospheric Pollution in Urban Centers, in: Engineering Applications of Neural Networks, Communications in Computer and Information Science. Presented at the International Conference on Engineering Applications of Neural Networks, Springer, Cham, pp. 51-63. https://doi.org/10.1007/978-3-319-44188-7_4
  45. Demertzis, K., Iliadis, L., 2018a. A Computational Intelligence System Identifying Cyber-Attacks on Smart Energy Grids, in: Modern Discrete Mathematics and Analysis, Springer Optimization and Its Applications. Springer, Cham, pp. 97-116. https://doi.org/10.1007/978-3-319-74325-7_5
  46. Demertzis, K., Iliadis, L., 2018b. The Impact of Climate Change on Biodiversity: The Ecological Consequences of Invasive Species in Greece, in: Handbook of Climate Change Communication: Vol. 1, Climate Change Management. Springer, Cham, pp. 15-38. https://doi.org/10.1007/978-3-319-69838-0_2
  47. Demertzis, K., Iliadis, L., 2017. Detecting invasive species with a bio-inspired semi- supervised neurocomputing approach: the case of Lagocephalus sceleratus. Neural Computing and Applications 28. https://doi.org/10/gbkgb7
  48. Demertzis, K., Iliadis, L., 2016a. Hybrid Intelligent Method for Detecting Android Malware, in: Knowledge, Information and Creativity Support Systems, Advances in Intelligent Systems and Computing. Springer, Cham, pp. 289-304. https://doi.org/10.1007/978-3-319-27478-2_20
  49. Demertzis, K., Iliadis, L., 2016b. Adaptive Elitist Differential Evolution Extreme Learning Machines on Big Data: Intelligent Recognition of Invasive Species, in: Advances in Big Data, Advances in Intelligent Systems and Computing. Presented at the INNS Conference on Big Data, Springer, Cham, pp. 333-345. https://doi.org/10.1007/978-3-319-47898-2_34
  50. Demertzis, K., Iliadis, L., 2015a. A Bio-Inspired Hybrid Artificial Intelligence Framework for Cyber Security, in: Computation, Cryptography, and Network Security. Springer, Cham, pp. 161-193. https://doi.org/10.1007/978-3-319-18275-9_7
  51. Demertzis, K., Iliadis, L., 2015b. SAME: An Intelligent Anti-malware Extension for Android ART Virtual Machine, in: Computational Collective Intelligence, Lecture Notes in Computer Science. Springer, Cham, pp. 235-245. https://doi.org/10.1007/978-3- 319-24306-1_23
  52. Demertzis, K., Iliadis, L., 2015c. Evolving Smart URL Filter in a Zone-Based Policy Firewall for Detecting Algorithmically Generated Malicious Domains, in: Statistical Learning and Data Sciences, Lecture Notes in Computer Science. Presented at the International Symposium on Statistical Learning and Data Sciences, Springer, Cham, pp. 223-233. https://doi.org/10.1007/978-3-319-17091-6_17
  53. Demertzis, K., Iliadis, L., 2015d. Intelligent Bio-Inspired Detection of Food Borne Pathogen by DNA Barcodes: The Case of Invasive Fish Species Lagocephalus Sceleratus, in: Engineering Applications of Neural Networks, Communications in Computer and Information Science. Presented at the International Conference on Engineering Applications of Neural Networks, Springer, Cham, pp. 89-99. https://doi.org/10.1007/978-3-319-23983-5_9
  54. Demertzis, K., Iliadis, L., 2014. Evolving Computational Intelligence System for Malware Detection, in: Advanced Information Systems Engineering Workshops, Lecture Notes in Business Information Processing. Presented at the International Conference on Advanced Information Systems Engineering, Springer, Cham, pp. 322- 334. https://doi.org/10.1007/978-3-319-07869-4_30
  55. Demertzis, K., Iliadis, L., 2013. A Hybrid Network Anomaly and Intrusion Detection Approach Based on Evolving Spiking Neural Network Classification, in: E-Democracy, Security, Privacy and Trust in a Digital World, Communications in Computer and Information Science. Presented at the International Conference on e-Democracy, Springer, Cham, pp. 11-23. https://doi.org/10.1007/978-3-319-11710-2_2
  56. Demertzis, Konstantinos, Iliadis, L., Anezakis, V.-D., 2017a. Commentary: Aedes albopictus and Aedes japonicus-two invasive mosquito species with different temperature niches in Europe. Front. Environ. Sci. 5. https://doi.org/10/gdp865
  57. Demertzis, Kostantinos, Iliadis, L., Avramidis, S., El-Kassaby, Y.A., 2017. Machine learning use in predicting interior spruce wood density utilizing progeny test information. Neural Comput & Applic 28, 505-519. https://doi.org/10/gdp86z
  58. Demertzis, Konstantinos, Iliadis, L., Spartalis, S., 2017b. A Spiking One-Class Anomaly Detection Framework for Cyber-Security on Industrial Control Systems, in: Engineering Applications of Neural Networks, Communications in Computer and Information Science. Presented at the International Conference on Engineering Applications of Neural Networks, Springer, Cham, pp. 122-134. https://doi.org/10.1007/978-3-319-65172-9_11
  59. Demertzis, K., Iliadis, L.S., Anezakis, V.-D., 2018a. An innovative soft computing system for smart energy grids cybersecurity. Advances in Building Energy Research 12, 3-24. https://doi.org/10/gdp862
  60. Demertzis, K., Iliadis, L.S., Anezakis, V.-D., 2018b. Extreme deep learning in biosecurity: the case of machine hearing for marine species identification. Journal of Information and Telecommunication 0, 1-19. https://doi.org/10/gdwszn
  61. Dimou, V., Anezakis, V.-D., Demertzis, K., Iliadis, L., 2018. Comparative analysis of exhaust emissions caused by chainsaws with soft computing and statistical approaches. Int. J. Environ. Sci. Technol. 15, 1597-1608. https://doi.org/10/gdp864
  62. Anezakis, VD., Demertzis, K., Iliadis, L. et al. Evolving Systems (2017). https://doi.org/10.1007/s12530-017-9196-6, Hybrid intelligent modeling of wild fires risk, Springer.
  63. Demertzis K., Anezakis VD., Iliadis L., Spartalis S. (2018) Temporal Modeling of Invasive Species' Migration in Greece from Neighboring Countries Using Fuzzy Cognitive Maps. In: Iliadis L., Maglogiannis I., Plagianakos V. (eds) Artificial Intelligence Applications and Innovations. AIAI 2018. IFIP Advances in Information and Communication Technology, vol 519. Springer, Cham.
  64. Konstantinos Rantos, George Drosatos, Konstantinos Demertzis, Christos Ilioudis and Alexandros Papanikolaou. Blockchain-based Consents Management for Personal Data Processing in the IoT Ecosystem. In proceedings of the 15th International Conference on Security and Cryptography (SECRYPT 2018), part of ICETE, pages 572-577, SCITEPRESS, Porto, Portugal, 26-28 July 2018.

Related papers

Evolving Computational Intelligence System for Malware Detection
Kostantinos Demertzis

 The eSNN is a type of spiking (biologically inspired) Artificial Neural Network.

View PDFchevron_right
A Novel Approach for Malware Detection based on Evolutionary Strategy
Ardavan Afshar, Amirreza Lashkari

nowadays, we face to new malware and other programs we have to protect systems against them. Malware detection is an important issue in computer's field. In this paper we propose a new method to detect malware by API calls. We have developed a fully automated system to extract API call as features effectively from executable files using n-gram statistical analysis of binary content, we are able to classify if an executable file is malicious or benign. We also use support vector machine (SVM) and tuning parameters b y evolutionary strategy. It is found that the detection system based on SVM needs less prior knowledge than other methods and can reduce the training time in compare with the same detecting methods.

View PDFchevron_right
Application of Artificial Intelligence for Detecting Computing Derived Viruses
Jonathan Blackledge

2017

Computer viruses have become complex and operates in a stealth mode to avoid detection. New viruses are argued to be created each and every day. However, most of these supposedly ‘new’ viruses are not completely new. Most of the supposedly ‘new’ viruses are not necessarily created from scratch with completely new (something novel that has never been seen before) mechanisms. For example, most of these viruses just change their form and signatures to avoid detection. But their operation and the way they infect files and systems is still the same. Hence, such viruses cannot be argued to be new. In this paper, the authors refer to such viruses as derived viruses. Just like new viruses, derived viruses are hard to detect with current scanning-detection methods. Therefore, this paper proposes a virus detection system that detects derived viruses better than existing methods. The proposed system integrates a mutating engine together with neural network to improve the detection rate of deri...

View PDFchevron_right
Malware Classification and Detection Using Artificial Neural Network
Maryam Shahpasand

2018

The steady transition towards higher computer dependency and usage has created a dangerous threat landscape that malefactors and cybercriminals are interested in. This has given the rise to an ever-changing series of malware being created aiming to do a series of malicious tasks. The Anti-Virus (AV) industry has implemented traditional methods, such as hash-based, signature-based, and heuristic-based detection techniques to detect malware, each of which has their own set of drawbacks that limit their ability to detect malware with high efficacy. To address these issues, security analysts and researchers have transitioned their focus to other disciplinary fields, most notably, machine learning. Although there have been notable works done in this domain, there yet lies a gap, as no work thus far has been able to achieve the ultimate detection rate with minimal performance overhead, therefore there’s a need for exploring new methods or set of approaches for malware detection. This pape...

View PDFchevron_right
Malicious data classification using structural information and behavioral specifications in executables
Naveen Aggarwal

2014 Recent Advances in Engineering and Computational Sciences (RAECS), 2014

With the rise in the underground Internet economy, automated malicious programs popularly known as malwares have become a major threat to computers and information systems connected to the internet. Properties such as self healing, self hiding and ability to deceive the security devices make these software hard to detect and mitigate. Therefore, the detection and the mitigation of such malicious software is a major challenge for researchers and security personals. The conventional systems for the detection and mitigation of such threats are mostly signature based systems. Major drawback of such systems are their inability to detect malware samples for which there is no signature available in their signature database. Such malwares are known as zero day malware. Moreover, more and more malware writers uses obfuscation technology such as polymorphic and metamorphic, packing, encryption, to avoid being detected by antivirus. Therefore, the traditional signature based detection system is neither effective nor efficient for the detection of zero-day malware. Hence to improve the effectiveness and efficiency of malware detection system we are using classification method based on structural information and behavioral specifications. In this paper we have used both static and dynamic analysis approaches. In static analysis we are extracting the features of an executable file followed by classification. In dynamic analysis we are taking the traces of executable files using NtTrace within controlled atmosphere. Experimental results obtained from our algorithm indicate that our proposed algorithm is effective in extracting malicious behavior of executables. Further it can also be used to detect malware variants.

View PDFchevron_right
580 California St., Suite 400
San Francisco, CA, 94104
© 2025 Academia. All rights reserved