A Comparative Analysis of Malware Anomaly Detection

Sharma, Priynka; Chaudhary, Kaylash; Wagner, Michael; Khan, M. G. M.

doi:10.1007/978-981-15-4409-5_3

A Comparative Analysis of Malware Anomaly Detection

Priynka Sharma¹⁹,
Kaylash Chaudhary¹⁹,
Michael Wagner¹⁹ &
M. G. M. Khan¹⁹

Conference paper
First Online: 28 October 2020

785 Accesses

Part of the Advances in Intelligent Systems and Computing book series (AISC,volume 1158)

Abstract

We propose a classification model with various machine learning algorithms to adequately recognise malware files and clean (not malware-affected) files with an objective to minimise the number of false positives. Malware anomaly detection systems are the system security component that monitors network and framework activities for malicious movements. It is becoming an essential component to keep data framework protected with high reliability. The objective of malware inconsistency recognition is to demonstrate common applications perceiving attacks through failure impacts. In this paper, we present machine learning strategies for malware location to distinguish normal and harmful activities on the system. This malware data analytics process carried out using the WEKA tool on the figshare dataset using the four most successful algorithms on the preprocessed dataset through cross-validation. Garrett’s Ranking Strategy has been used to rank various classifiers on their performance level. The results suggest that Instance-Based Learner (IBK) classification approach is the most successful.

Keywords

Anomaly
Malware
Data mining
Machine learning
Detection
Analysis

This is a preview of subscription content, access via your institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 219.00; Price excludes VAT (USA)

Softcover Book: USD 279.99; Price excludes VAT (USA)

Learn about institutional subscriptions

References

Y. Yerima, S. Sezer et al., Droidfusion: a novel multilevel classifier fusion approach for android malware detection. J. IEEE Trans. Cybern. 49, 453–466 (2018)
CrossRef Google Scholar
I. YouI, K. Yim, Malware obfuscation techniques: a brief survey. in Proceedings of the 5th International Conference on Broadband, Wireless Computing, Communication and Applications, Fukuoka, Japan, 4–6 November
Google Scholar
J. Grcar, John von Neumann’s analysis of Gaussian elimination and the origins of modern numerical analysis. J. Soc. Ind. Appl. Mathe. 53, 607–682 (2011)
MathSciNet MATH Google Scholar
P. John, J. Mello, Report: malware poisons one-third of world’s computers. Retrieved June 6, 2019, from Tech News World. https://www.technewsworld.com/story/80707.html (2014)
G. Guofei, A. Porras et al., Method and Apparatus for Detecting Malware Infections (Patent Application Publication, United Sates, 2015), pp. 1–6
Google Scholar
A. Shamili, C Bauckhage et al., Malware detection on mobile devices using distributed machine learning. in Proceedings of the 20th International Conference on Pattern Recognition (Istanbul, Turkey, 2010), pp. 4348–4351
Google Scholar
Y. Hamed, S. AbdulKader et al., Mobile malware detection: a survey. J. Comput. Sci. Inf. Sec. 17, 1–65 (2019)
Google Scholar
B. India, S. Khurana, Comparison of classification techniques for intrusion detection dataset using WEKA. in Proceedings of the International Conference on Recent Advances and Innovations in Engineering, Jaipur, India, 9–11 May
Google Scholar
M. Goldstein, S. Uchida, A comparative evaluation of unsupervised anomaly detection algorithms for multivariate data. J. PLOS ONE 11, 1–31 (2016)
Google Scholar
L. Ruff, R. Vandermeulen et al., Deep semi-supervised anomaly detection. ArXiv 20, 1–22 (2019)
Google Scholar
T. Schlegl, P. Seeböck et al., Unsupervised Anomaly Detection with (2017)
Google Scholar
Generative adversarial networks to guide marker discovery. in Proceedings of the International Conference on Information Processing in Medical Imaging, Boone, United States, 25–30 June
Google Scholar
A. Patch, J. Park, An overview of anomaly detection techniques: existing solutions and latest technological trends. Int. J. Comput. Telecommun. Netw. 51, 3448–3470 (2007)
CrossRef Google Scholar
V. Chandola, A. Banerjee, Anomaly detection: a survey. J. ACM Comput. Surv. 50, 1557–7341 (2009)
Google Scholar
R. Bouckaert, Bayesian Network Classifiers in Weka. (Working paper series. University of Waikato, Department of Computer Science. No. 14/2004). Hamilton, New Zealand: University of Waikato: https://researchcommons.waikato.ac.nz/handle/10289/85
R. Mehata, S. Bath et al., An analysis of hybrid layered classification algorithms for object recognition. J. Comput. Eng. 20, 57–64 (2018)
Google Scholar
S. Kalmegh, Effective classification of Indian news using lazy classifier IB1 and IBk from weka. J. Inf. Comput. Sci. 6, 160–168 (2019)
Google Scholar
I. Pak, P. Teh, Machine learning classifiers: evaluation of the performance in online reviews. J. Sci. Technol. 45, 1–9 (2016)
Google Scholar
L. Li, D. Yang et al., A novel rule-based intrusion detection system using data mining. in Proceeding of the International Conference on Computer Science and Information Technology. Chengdu, China, 9–11 July
Google Scholar
D. Fu, S. Zhou et al., The Design and implementation of a distributed network intrusion detection system based on data mining. in Proceeding of the WRI World Congress on Software Engineering, Xiamen, China 19–21 2019 May
Google Scholar
W. Chai, C. Tan et al., Research of intelligent intrusion detection system based on web data mining technology. in Proceedings of the International Conference on Business Intelligence and Financial Engineering. Wuhan, China, 17–18 October
Google Scholar
M. Panda, M. Patra, Evaluating machine learning algorithms for detecting network intrusions. J. Recent Trends Eng. 1, 472–477 (2009)
Google Scholar

Download references

Author information

Authors and Affiliations

School of Computing, Information and Mathematical Sciences, The University of the South Pacific, Suva, Fiji
Priynka Sharma, Kaylash Chaudhary, Michael Wagner & M. G. M. Khan

Authors

Priynka Sharma
View author publications
You can also search for this author in PubMed Google Scholar
Kaylash Chaudhary
View author publications
You can also search for this author in PubMed Google Scholar
Michael Wagner
View author publications
You can also search for this author in PubMed Google Scholar
M. G. M. Khan
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Priynka Sharma .

Editor information

Editors and Affiliations

Department of Mathematics and Computer Science, University of Missouri–St. Louis, Chesterfield, MO, USA
Prof. Sanjiv K. Bhatia
Computer Science Engineering Department, ABES Engineering College, Ghaziabad, Uttar Pradesh, India
Dr. Shailesh Tiwari
Shanghai Advanced Research Institute, Pudong, China
Dr. Su Ruidan
National Institute of Technology Agartala, Agartala, Tripura, India
Dr. Munesh Chandra Trivedi
Computer Science Engineering Department, Motilal Nehru National Institute of Technology, Allahabad, Uttar Pradesh, India
Dr. K. K. Mishra

Rights and permissions

Reprints and Permissions

Copyright information

About this paper

Cite this paper

Sharma, P., Chaudhary, K., Wagner, M., Khan, M.G.M. (2021). A Comparative Analysis of Malware Anomaly Detection. In: Bhatia, S.K., Tiwari, S., Ruidan, S., Trivedi, M.C., Mishra, K.K. (eds) Advances in Computer, Communication and Computational Sciences. Advances in Intelligent Systems and Computing, vol 1158. Springer, Singapore. https://doi.org/10.1007/978-981-15-4409-5_3

Download citation

DOI: https://doi.org/10.1007/978-981-15-4409-5_3
Published: 28 October 2020
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-4408-8
Online ISBN: 978-981-15-4409-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)