A hybrid machine learning approach for analysis of stegomalware

Prudence Kadebu, Robert T. R. Shoniwa, Kudakwashe Zvarevashe, Addlight Mukwazvure, Innocent Mapanga, N. F. Thusabantu, T. T. Gotora
{"title":"A hybrid machine learning approach for analysis of stegomalware","authors":"Prudence Kadebu, Robert T. R. Shoniwa, Kudakwashe Zvarevashe, Addlight Mukwazvure, Innocent Mapanga, N. F. Thusabantu, T. T. Gotora","doi":"10.1108/ijieom-01-2023-0011","DOIUrl":null,"url":null,"abstract":"PurposeGiven how smart today’s malware authors have become through employing highly sophisticated techniques, it is only logical that methods be developed to combat the most potent threats, particularly where the malware is stealthy and makes indicators of compromise (IOC) difficult to detect. After the analysis is completed, the output can be employed to detect and then counteract the attack. The goal of this work is to propose a machine learning approach to improve malware detection by combining the strengths of both supervised and unsupervised machine learning techniques. This study is essential as malware has certainly become ubiquitous as cyber-criminals use it to attack systems in cyberspace. Malware analysis is required to reveal hidden IOC, to comprehend the attacker’s goal and the severity of the damage and to find vulnerabilities within the system.Design/methodology/approachThis research proposes a hybrid approach for dynamic and static malware analysis that combines unsupervised and supervised machine learning algorithms and goes on to show how Malware exploiting steganography can be exposed.FindingsThe tactics used by malware developers to circumvent detection are becoming more advanced with steganography becoming a popular technique applied in obfuscation to evade mechanisms for detection. Malware analysis continues to call for continuous improvement of existing techniques. State-of-the-art approaches applying machine learning have become increasingly popular with highly promising results.Originality/valueCyber security researchers globally are grappling with devising innovative strategies to identify and defend against the threat of extremely sophisticated malware attacks on key infrastructure containing sensitive data. The process of detecting the presence of malware requires expertise in malware analysis. Applying intelligent methods to this process can aid practitioners in identifying malware’s behaviour and features. This is especially expedient where the malware is stealthy, hiding IOC.","PeriodicalId":268888,"journal":{"name":"International Journal of Industrial Engineering and Operations Management","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Industrial Engineering and Operations Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ijieom-01-2023-0011","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

Abstract

PurposeGiven how smart today’s malware authors have become through employing highly sophisticated techniques, it is only logical that methods be developed to combat the most potent threats, particularly where the malware is stealthy and makes indicators of compromise (IOC) difficult to detect. After the analysis is completed, the output can be employed to detect and then counteract the attack. The goal of this work is to propose a machine learning approach to improve malware detection by combining the strengths of both supervised and unsupervised machine learning techniques. This study is essential as malware has certainly become ubiquitous as cyber-criminals use it to attack systems in cyberspace. Malware analysis is required to reveal hidden IOC, to comprehend the attacker’s goal and the severity of the damage and to find vulnerabilities within the system.Design/methodology/approachThis research proposes a hybrid approach for dynamic and static malware analysis that combines unsupervised and supervised machine learning algorithms and goes on to show how Malware exploiting steganography can be exposed.FindingsThe tactics used by malware developers to circumvent detection are becoming more advanced with steganography becoming a popular technique applied in obfuscation to evade mechanisms for detection. Malware analysis continues to call for continuous improvement of existing techniques. State-of-the-art approaches applying machine learning have become increasingly popular with highly promising results.Originality/valueCyber security researchers globally are grappling with devising innovative strategies to identify and defend against the threat of extremely sophisticated malware attacks on key infrastructure containing sensitive data. The process of detecting the presence of malware requires expertise in malware analysis. Applying intelligent methods to this process can aid practitioners in identifying malware’s behaviour and features. This is especially expedient where the malware is stealthy, hiding IOC.
一种用于隐恶意分析的混合机器学习方法
考虑到今天的恶意软件作者通过使用高度复杂的技术变得多么聪明,开发方法来对抗最强大的威胁是唯一合乎逻辑的,特别是在恶意软件是隐形的,使得妥协指标(IOC)难以检测的情况下。分析完成后,可以使用输出来检测和抵消攻击。这项工作的目标是提出一种机器学习方法,通过结合监督和无监督机器学习技术的优势来改进恶意软件检测。这项研究是必不可少的,因为恶意软件已经无处不在,因为网络罪犯用它来攻击网络空间的系统。恶意软件分析需要揭示隐藏的IOC,了解攻击者的目标和破坏的严重程度,并找到系统中的漏洞。设计/方法/方法本研究提出了一种动态和静态恶意软件分析的混合方法,该方法结合了无监督和有监督的机器学习算法,并继续展示了利用隐写术的恶意软件如何暴露。恶意软件开发人员用来规避检测的策略正变得越来越先进,隐写术成为一种流行的技术,用于混淆以逃避检测机制。恶意软件分析仍然需要不断改进现有的技术。应用机器学习的最先进的方法越来越受欢迎,结果非常有希望。全球网络安全研究人员正在努力设计创新策略,以识别和防御对包含敏感数据的关键基础设施的极其复杂的恶意软件攻击的威胁。检测恶意软件存在的过程需要恶意软件分析方面的专业知识。在此过程中应用智能方法可以帮助从业者识别恶意软件的行为和特征。当恶意软件隐藏IOC时,这是特别有利的。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信