{"title":"Network-Level Behavioral Malware Analysis Model based on Bayesian Network","authors":"M. Yusof, A. Zin","doi":"10.1109/ICCOINS49721.2021.9497140","DOIUrl":null,"url":null,"abstract":"Signature-based analysis is no longer sufficient to solve polymorphic and stealth nature of malware attacks. Therefore, a behavioral or anomalous analysis will provide a more dynamic approach for the solution. However, recent studies have shown that current behavioral analysis methods at network-level have several issues and been categorized into its common characteristics which are reduced parameters, θ and lack of prior information, p(θ). Therefore, this study aims to determine Feature Selection and Distribution Density model to select optimized features, then to design Predictive Analytics Model based on Bayesian Network to improve the analysis prediction. Finally, the aim is to evaluate detection, accuracy and false alarm rate of the model against the subject matter expert model, SVM, k-NN and Lease Squared using standard and ground-truth dataset of production traffic from the healthcare provider in Malaysia. Results have shown that the proposed model consistently outperformed other models.","PeriodicalId":245662,"journal":{"name":"2021 International Conference on Computer & Information Sciences (ICCOINS)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Computer & Information Sciences (ICCOINS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCOINS49721.2021.9497140","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Signature-based analysis is no longer sufficient to solve polymorphic and stealth nature of malware attacks. Therefore, a behavioral or anomalous analysis will provide a more dynamic approach for the solution. However, recent studies have shown that current behavioral analysis methods at network-level have several issues and been categorized into its common characteristics which are reduced parameters, θ and lack of prior information, p(θ). Therefore, this study aims to determine Feature Selection and Distribution Density model to select optimized features, then to design Predictive Analytics Model based on Bayesian Network to improve the analysis prediction. Finally, the aim is to evaluate detection, accuracy and false alarm rate of the model against the subject matter expert model, SVM, k-NN and Lease Squared using standard and ground-truth dataset of production traffic from the healthcare provider in Malaysia. Results have shown that the proposed model consistently outperformed other models.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
