Skip to main content

A Comparative Analysis of Malware Anomaly Detection

  • 785 Accesses

Part of the Advances in Intelligent Systems and Computing book series (AISC,volume 1158)

Abstract

We propose a classification model with various machine learning algorithms to adequately recognise malware files and clean (not malware-affected) files with an objective to minimise the number of false positives. Malware anomaly detection systems are the system security component that monitors network and framework activities for malicious movements. It is becoming an essential component to keep data framework protected with high reliability. The objective of malware inconsistency recognition is to demonstrate common applications perceiving attacks through failure impacts. In this paper, we present machine learning strategies for malware location to distinguish normal and harmful activities on the system. This malware data analytics process carried out using the WEKA tool on the figshare dataset using the four most successful algorithms on the preprocessed dataset through cross-validation. Garrett’s Ranking Strategy has been used to rank various classifiers on their performance level. The results suggest that Instance-Based Learner (IBK) classification approach is the most successful.

Keywords

  • Anomaly
  • Malware
  • Data mining
  • Machine learning
  • Detection
  • Analysis

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-981-15-4409-5_3
  • Chapter length: 10 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   219.00
Price excludes VAT (USA)
  • ISBN: 978-981-15-4409-5
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   279.99
Price excludes VAT (USA)
Fig. 1
Fig. 2
Fig. 3
Fig. 4

References

  1. Y. Yerima, S. Sezer et al., Droidfusion: a novel multilevel classifier fusion approach for android malware detection. J. IEEE Trans. Cybern. 49, 453–466 (2018)

    CrossRef  Google Scholar 

  2. I. YouI, K. Yim, Malware obfuscation techniques: a brief survey. in Proceedings of the 5th International Conference on Broadband, Wireless Computing, Communication and Applications, Fukuoka, Japan, 4–6 November

    Google Scholar 

  3. J. Grcar, John von Neumann’s analysis of Gaussian elimination and the origins of modern numerical analysis. J. Soc. Ind. Appl. Mathe. 53, 607–682 (2011)

    MathSciNet  MATH  Google Scholar 

  4. P. John, J. Mello, Report: malware poisons one-third of world’s computers. Retrieved June 6, 2019, from Tech News World. https://www.technewsworld.com/story/80707.html (2014)

  5. G. Guofei, A. Porras et al., Method and Apparatus for Detecting Malware Infections (Patent Application Publication, United Sates, 2015), pp. 1–6

    Google Scholar 

  6. A. Shamili, C Bauckhage et al., Malware detection on mobile devices using distributed machine learning. in Proceedings of the 20th International Conference on Pattern Recognition (Istanbul, Turkey, 2010), pp. 4348–4351

    Google Scholar 

  7. Y. Hamed, S. AbdulKader et al., Mobile malware detection: a survey. J. Comput. Sci. Inf. Sec. 17, 1–65 (2019)

    Google Scholar 

  8. B. India, S. Khurana, Comparison of classification techniques for intrusion detection dataset using WEKA. in Proceedings of the International Conference on Recent Advances and Innovations in Engineering, Jaipur, India, 9–11 May

    Google Scholar 

  9. M. Goldstein, S. Uchida, A comparative evaluation of unsupervised anomaly detection algorithms for multivariate data. J. PLOS ONE 11, 1–31 (2016)

    Google Scholar 

  10. L. Ruff, R. Vandermeulen et al., Deep semi-supervised anomaly detection. ArXiv 20, 1–22 (2019)

    Google Scholar 

  11. T. Schlegl, P. Seeböck et al., Unsupervised Anomaly Detection with (2017)

    Google Scholar 

  12. Generative adversarial networks to guide marker discovery. in Proceedings of the International Conference on Information Processing in Medical Imaging, Boone, United States, 25–30 June

    Google Scholar 

  13. A. Patch, J. Park, An overview of anomaly detection techniques: existing solutions and latest technological trends. Int. J. Comput. Telecommun. Netw. 51, 3448–3470 (2007)

    CrossRef  Google Scholar 

  14. V. Chandola, A. Banerjee, Anomaly detection: a survey. J. ACM Comput. Surv. 50, 1557–7341 (2009)

    Google Scholar 

  15. R. Bouckaert, Bayesian Network Classifiers in Weka. (Working paper series. University of Waikato, Department of Computer Science. No. 14/2004). Hamilton, New Zealand: University of Waikato: https://researchcommons.waikato.ac.nz/handle/10289/85

  16. R. Mehata, S. Bath et al., An analysis of hybrid layered classification algorithms for object recognition. J. Comput. Eng. 20, 57–64 (2018)

    Google Scholar 

  17. S. Kalmegh, Effective classification of Indian news using lazy classifier IB1 and IBk from weka. J. Inf. Comput. Sci. 6, 160–168 (2019)

    Google Scholar 

  18. I. Pak, P. Teh, Machine learning classifiers: evaluation of the performance in online reviews. J. Sci. Technol. 45, 1–9 (2016)

    Google Scholar 

  19. L. Li, D. Yang et al., A novel rule-based intrusion detection system using data mining. in Proceeding of the International Conference on Computer Science and Information Technology. Chengdu, China, 9–11 July

    Google Scholar 

  20. D. Fu, S. Zhou et al., The Design and implementation of a distributed network intrusion detection system based on data mining. in Proceeding of the WRI World Congress on Software Engineering, Xiamen, China 19–21 2019 May

    Google Scholar 

  21. W. Chai, C. Tan et al., Research of intelligent intrusion detection system based on web data mining technology. in Proceedings of the International Conference on Business Intelligence and Financial Engineering. Wuhan, China, 17–18 October

    Google Scholar 

  22. M. Panda, M. Patra, Evaluating machine learning algorithms for detecting network intrusions. J. Recent Trends Eng. 1, 472–477 (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Priynka Sharma .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Sharma, P., Chaudhary, K., Wagner, M., Khan, M.G.M. (2021). A Comparative Analysis of Malware Anomaly Detection. In: Bhatia, S.K., Tiwari, S., Ruidan, S., Trivedi, M.C., Mishra, K.K. (eds) Advances in Computer, Communication and Computational Sciences. Advances in Intelligent Systems and Computing, vol 1158. Springer, Singapore. https://doi.org/10.1007/978-981-15-4409-5_3

Download citation