{"title":"集成机器学习方法在移动威胁检测中的评价","authors":"Sanjay Kumar, A. Viinikainen, T. Hämäläinen","doi":"10.23919/ICITST.2017.8356396","DOIUrl":null,"url":null,"abstract":"The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use tailored techniques to avoid detection by the traditional antivirus. The emerging need is to detect these threats by any flow-based network solution. Therefore, we propose and evaluate a network based model which uses ensemble Machine Learning (ML) methods in order to identify the mobile threats, by analyzing the network flows of the malware communication. The ensemble ML methods not only protect over-fitting of the model but also cope with the issues related to the changing behavior of the attackers. The focus of this study is on android based mobile malwares due to its popularity among users. We have used ensemble methods to combine output of 5 supervised ML algorithms such as RF, PART, JRIP, J.48 and Ridor. Based on the evaluation results, the proposed model was found efficient at detecting known and unknown threats with the accuracy of 98.2%.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Evaluation of ensemble machine learning methods in mobile threat detection\",\"authors\":\"Sanjay Kumar, A. Viinikainen, T. Hämäläinen\",\"doi\":\"10.23919/ICITST.2017.8356396\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use tailored techniques to avoid detection by the traditional antivirus. The emerging need is to detect these threats by any flow-based network solution. Therefore, we propose and evaluate a network based model which uses ensemble Machine Learning (ML) methods in order to identify the mobile threats, by analyzing the network flows of the malware communication. The ensemble ML methods not only protect over-fitting of the model but also cope with the issues related to the changing behavior of the attackers. The focus of this study is on android based mobile malwares due to its popularity among users. We have used ensemble methods to combine output of 5 supervised ML algorithms such as RF, PART, JRIP, J.48 and Ridor. Based on the evaluation results, the proposed model was found efficient at detecting known and unknown threats with the accuracy of 98.2%.\",\"PeriodicalId\":440665,\"journal\":{\"name\":\"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/ICITST.2017.8356396\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/ICITST.2017.8356396","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Evaluation of ensemble machine learning methods in mobile threat detection
The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use tailored techniques to avoid detection by the traditional antivirus. The emerging need is to detect these threats by any flow-based network solution. Therefore, we propose and evaluate a network based model which uses ensemble Machine Learning (ML) methods in order to identify the mobile threats, by analyzing the network flows of the malware communication. The ensemble ML methods not only protect over-fitting of the model but also cope with the issues related to the changing behavior of the attackers. The focus of this study is on android based mobile malwares due to its popularity among users. We have used ensemble methods to combine output of 5 supervised ML algorithms such as RF, PART, JRIP, J.48 and Ridor. Based on the evaluation results, the proposed model was found efficient at detecting known and unknown threats with the accuracy of 98.2%.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
