Distributed Discrete Malware Detection Systems Based on Partial Centralization and Self-Organization

Q3 Computer Science

International Journal of Computing Pub Date : 2023-07-01 DOI:10.47839/ijc.22.2.3082

Sergii Lysenko, B. Savenko

{"title":"Distributed Discrete Malware Detection Systems Based on Partial Centralization and Self-Organization","authors":"Sergii Lysenko, B. Savenko","doi":"10.47839/ijc.22.2.3082","DOIUrl":null,"url":null,"abstract":"Malware detection remains an urgent task today. Various means for the development of information technology and providing users with useful applications are being transformed by attackers into tools for malicious influences and manifestations. A variety of countermeasures and detection tools have been developed to detect malware, but the problem of malware distribution remains relevant. It is especially important for enterprises and organizations. Their corporate networks and resources are becoming objects of interest to intruders. To counteract and prevent the effects of malware, they have various systems in place. In order to improve the counteraction to malicious influences and manifestations, the paper proposes the use of distributed discrete systems, in the architecture of which the principles of self-organization, adaptability and partial centralization are synthesized. Such tools and their functioning will be difficult to understand for attackers and, therefore, will be difficult to circumvent. The architecture of the proposed tools will integrate the implemented methods of malware detection for a holistic counteraction to malware. Such a system will be a single sensor that will detect malicious influences and anomalies. To organize its functioning, descriptions of characteristic indicators are needed. The paper presents the developed mathematical models for determining the values of characteristic indicators. According to obtained values the system architecture was formed. In order to evaluate the sustainability of the developed distributed discrete system a set of experiments were conducted. In addition, to study the accuracy of malware detection, the developed system was tested for the possibility of worm virus detection. Experimental studies have confirmed the effectiveness of the proposed solution, which makes it possible to use the obtained solutions for the development of such systems.","PeriodicalId":37669,"journal":{"name":"International Journal of Computing","volume":"5 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.47839/ijc.22.2.3082","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

Abstract

Malware detection remains an urgent task today. Various means for the development of information technology and providing users with useful applications are being transformed by attackers into tools for malicious influences and manifestations. A variety of countermeasures and detection tools have been developed to detect malware, but the problem of malware distribution remains relevant. It is especially important for enterprises and organizations. Their corporate networks and resources are becoming objects of interest to intruders. To counteract and prevent the effects of malware, they have various systems in place. In order to improve the counteraction to malicious influences and manifestations, the paper proposes the use of distributed discrete systems, in the architecture of which the principles of self-organization, adaptability and partial centralization are synthesized. Such tools and their functioning will be difficult to understand for attackers and, therefore, will be difficult to circumvent. The architecture of the proposed tools will integrate the implemented methods of malware detection for a holistic counteraction to malware. Such a system will be a single sensor that will detect malicious influences and anomalies. To organize its functioning, descriptions of characteristic indicators are needed. The paper presents the developed mathematical models for determining the values of characteristic indicators. According to obtained values the system architecture was formed. In order to evaluate the sustainability of the developed distributed discrete system a set of experiments were conducted. In addition, to study the accuracy of malware detection, the developed system was tested for the possibility of worm virus detection. Experimental studies have confirmed the effectiveness of the proposed solution, which makes it possible to use the obtained solutions for the development of such systems.

查看原文本刊更多论文

基于部分集中化和自组织的分布式离散恶意软件检测系统

恶意软件检测今天仍然是一项紧迫的任务。发展信息技术和向用户提供有用应用程序的各种手段正在被攻击者转变为恶意影响和表现的工具。已经开发了各种对策和检测工具来检测恶意软件，但恶意软件分发的问题仍然相关。这对企业和组织来说尤为重要。他们的公司网络和资源正成为入侵者感兴趣的目标。为了抵消和防止恶意软件的影响，他们有各种各样的系统。为了提高对恶意影响和表现的反作用，本文提出了分布式离散系统的使用，在该体系结构中综合了自组织、自适应性和部分集中化原则。这些工具及其功能对于攻击者来说很难理解，因此也很难规避。所提出的工具的体系结构将集成恶意软件检测的实现方法，以实现对恶意软件的整体对抗。这样的系统将是一个单一的传感器，将检测恶意影响和异常。为了组织其运作，需要对特征指标进行描述。本文提出了确定特征指标值的数学模型。根据得到的数值，形成了系统的体系结构。为了评估所开发的分布式离散系统的可持续性，进行了一系列实验。此外，为了研究恶意软件检测的准确性，对所开发的系统进行了蠕虫病毒检测的可能性测试。实验研究证实了所提出的解决方案的有效性，这使得将所获得的解决方案用于此类系统的开发成为可能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Computing Computer Science-Computer Science (miscellaneous)

CiteScore

2.20

自引率

0.00%

发文量

期刊介绍： The International Journal of Computing Journal was established in 2002 on the base of Branch Research Laboratory for Automated Systems and Networks, since 2005 it’s renamed as Research Institute of Intelligent Computer Systems. A goal of the Journal is to publish papers with the novel results in Computing Science and Computer Engineering and Information Technologies and Software Engineering and Information Systems within the Journal topics. The official language of the Journal is English; also papers abstracts in both Ukrainian and Russian languages are published there. The issues of the Journal are published quarterly. The Editorial Board consists of about 30 recognized worldwide scientists.