Employing Incremental Learning for the Detection of Multiclass New Malware Variants

Indian journal of science and technology Pub Date : 2024-03-01 DOI:10.17485/ijst/v17i10.2862

Mohammad Eid Alzahrani

{"title":"Employing Incremental Learning for the Detection of Multiclass New Malware Variants","authors":"Mohammad Eid Alzahrani","doi":"10.17485/ijst/v17i10.2862","DOIUrl":null,"url":null,"abstract":"Background/Objectives: The study aims to achieve two main objectives. The first is to reliably identify and categorize malware variations to maintain the security of computer systems. Malware poses a continuous threat to digital information and system integrity, hence the need for effective detection tools. The second objective is to propose a new incremental learning method. This method is designed to adapt over time, continually incorporating new data, which is crucial for identifying and managing multiclass malware variants. Methods: This study utilised an incremental learning technique as the basis of the approach, a type of machine learning whereby a system retains previous knowledge and builds upon the information from the newly acquired data. Particularly, this method is suitable for tackling mutating character of malware dangers. The researchers used various sets of actual world malwares for evaluating the applicability of these ideas which serves as an accurate test environment. Findings: The findings of the research are significant. We utilizing 6 different datasets, which included 158,101 benign and malicious instances, the method demonstrated a high attack detection accuracy of 99.34%. Moreover, the study was successful in identifying a new category of malware variants and distinguishing between 15 different attack categories. These results underscore the effectiveness of the proposed incremental learning method in a real-world scenario. Novelty: This research is unique because of the novel use of a tailored incremental learning technique for dealing with dynamic threat environment of malwares. However, with a new threat they cannot be so well adapted using traditional machine learning methods. On the other hand, the technique put forward in this paper facilitates continuous learning that can be modified to match different types of malicious software as they develop. The ability to evolve and adapt is an important addition to current cybersecurity practices that include malware identification and classification. Keywords: Cybersecurity, Malware Detection, Incremental learning","PeriodicalId":13296,"journal":{"name":"Indian journal of science and technology","volume":" February","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Indian journal of science and technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.17485/ijst/v17i10.2862","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Background/Objectives: The study aims to achieve two main objectives. The first is to reliably identify and categorize malware variations to maintain the security of computer systems. Malware poses a continuous threat to digital information and system integrity, hence the need for effective detection tools. The second objective is to propose a new incremental learning method. This method is designed to adapt over time, continually incorporating new data, which is crucial for identifying and managing multiclass malware variants. Methods: This study utilised an incremental learning technique as the basis of the approach, a type of machine learning whereby a system retains previous knowledge and builds upon the information from the newly acquired data. Particularly, this method is suitable for tackling mutating character of malware dangers. The researchers used various sets of actual world malwares for evaluating the applicability of these ideas which serves as an accurate test environment. Findings: The findings of the research are significant. We utilizing 6 different datasets, which included 158,101 benign and malicious instances, the method demonstrated a high attack detection accuracy of 99.34%. Moreover, the study was successful in identifying a new category of malware variants and distinguishing between 15 different attack categories. These results underscore the effectiveness of the proposed incremental learning method in a real-world scenario. Novelty: This research is unique because of the novel use of a tailored incremental learning technique for dealing with dynamic threat environment of malwares. However, with a new threat they cannot be so well adapted using traditional machine learning methods. On the other hand, the technique put forward in this paper facilitates continuous learning that can be modified to match different types of malicious software as they develop. The ability to evolve and adapt is an important addition to current cybersecurity practices that include malware identification and classification. Keywords: Cybersecurity, Malware Detection, Incremental learning

查看原文本刊更多论文

利用增量学习检测多类新恶意软件变体

背景/目标：这项研究旨在实现两个主要目标。首先是可靠地识别和分类恶意软件的变种，以维护计算机系统的安全。恶意软件对数字信息和系统完整性构成持续威胁，因此需要有效的检测工具。第二个目标是提出一种新的增量学习方法。该方法旨在随着时间的推移而不断调整，不断吸收新数据，这对于识别和管理多类恶意软件变体至关重要。方法：本研究利用增量学习技术作为方法的基础，这是一种机器学习类型，系统会保留以前的知识，并在新获取数据信息的基础上进行学习。这种方法尤其适用于处理恶意软件危险的变异特性。研究人员使用了各种实际恶意软件集来评估这些想法的适用性，这些恶意软件集是一个准确的测试环境。研究结果研究结果意义重大。我们使用了 6 个不同的数据集，其中包括 158 101 个良性和恶意实例，该方法的攻击检测准确率高达 99.34%。此外，该研究还成功识别了一类新的恶意软件变体，并区分了 15 种不同的攻击类别。这些结果凸显了所提出的增量学习方法在真实世界场景中的有效性。新颖性：这项研究之所以独特，是因为它新颖地使用了量身定制的增量学习技术来应对恶意软件的动态威胁环境。然而，传统的机器学习方法无法很好地适应新的威胁。另一方面，本文提出的技术有利于持续学习，可以根据不同类型恶意软件的发展情况对其进行修改。进化和适应能力是对当前网络安全实践（包括恶意软件识别和分类）的重要补充。关键词网络安全恶意软件检测渐进式学习

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Indian journal of science and technology

自引率

0.00%

发文量