Romil Rawat, Yagyanath Rimal, P. William, Snehil Dahima, Sonali Gupta, K. Sankaran
{"title":"利用机器学习方法分析影响金融组织的恶意软件威胁","authors":"Romil Rawat, Yagyanath Rimal, P. William, Snehil Dahima, Sonali Gupta, K. Sankaran","doi":"10.4018/ijitwe.304051","DOIUrl":null,"url":null,"abstract":"Since 2014, Emotet has been using Man-in-the-Browsers (MITB) attacks to target companies in the finance industry and their clients. Its key aim is to steal victims' online money-lending records and vital credentials as they go to their banks' websites. Without analyzing network packet payload computing (PPC), IP address labels, port number traces, or protocol knowledge, we have used Machine Learning (ML) modeling to detect Emotet malware infections and recognize Emotet related congestion flows in this work. To classify emotet associated flows and detect emotet infections, the output outcome values are compared by four separate popular ML algorithms: RF (Random Forest), MLP (Multi-Layer Perceptron), SMO (Sequential Minimal Optimization Technique), and the LRM (Logistic Regression Model). The suggested classifier is then improved by determining the right hyperparameter and attribute set range. Using network packet (computation) identifiers, the Random Forest classifier detects emotet-based flows with 99.9726 percent precision and a 92.3 percent true positive rating.","PeriodicalId":222340,"journal":{"name":"Int. J. Inf. Technol. Web Eng.","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":"{\"title\":\"Malware Threat Affecting Financial Organization Analysis Using Machine Learning Approach\",\"authors\":\"Romil Rawat, Yagyanath Rimal, P. William, Snehil Dahima, Sonali Gupta, K. Sankaran\",\"doi\":\"10.4018/ijitwe.304051\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Since 2014, Emotet has been using Man-in-the-Browsers (MITB) attacks to target companies in the finance industry and their clients. Its key aim is to steal victims' online money-lending records and vital credentials as they go to their banks' websites. Without analyzing network packet payload computing (PPC), IP address labels, port number traces, or protocol knowledge, we have used Machine Learning (ML) modeling to detect Emotet malware infections and recognize Emotet related congestion flows in this work. To classify emotet associated flows and detect emotet infections, the output outcome values are compared by four separate popular ML algorithms: RF (Random Forest), MLP (Multi-Layer Perceptron), SMO (Sequential Minimal Optimization Technique), and the LRM (Logistic Regression Model). The suggested classifier is then improved by determining the right hyperparameter and attribute set range. Using network packet (computation) identifiers, the Random Forest classifier detects emotet-based flows with 99.9726 percent precision and a 92.3 percent true positive rating.\",\"PeriodicalId\":222340,\"journal\":{\"name\":\"Int. J. Inf. Technol. Web Eng.\",\"volume\":\"28 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"30\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Inf. Technol. Web Eng.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/ijitwe.304051\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Inf. Technol. Web Eng.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijitwe.304051","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Malware Threat Affecting Financial Organization Analysis Using Machine Learning Approach
Since 2014, Emotet has been using Man-in-the-Browsers (MITB) attacks to target companies in the finance industry and their clients. Its key aim is to steal victims' online money-lending records and vital credentials as they go to their banks' websites. Without analyzing network packet payload computing (PPC), IP address labels, port number traces, or protocol knowledge, we have used Machine Learning (ML) modeling to detect Emotet malware infections and recognize Emotet related congestion flows in this work. To classify emotet associated flows and detect emotet infections, the output outcome values are compared by four separate popular ML algorithms: RF (Random Forest), MLP (Multi-Layer Perceptron), SMO (Sequential Minimal Optimization Technique), and the LRM (Logistic Regression Model). The suggested classifier is then improved by determining the right hyperparameter and attribute set range. Using network packet (computation) identifiers, the Random Forest classifier detects emotet-based flows with 99.9726 percent precision and a 92.3 percent true positive rating.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
