Yi Qing¹, Xiangyu Liu², Yanhui Du^2,*

CMC-Computers, Materials & Continua, Vol.76, No.2, pp. 2095-2119, 2023, DOI:10.32604/cmc.2023.039980

Abstract Distributed Denial of Service (DDoS) attacks have always been a major concern in the security field. With the release of malware source codes such as BASHLITE and Mirai, Internet of Things (IoT) devices have become the new source of DDoS attacks against many Internet applications. Although there are many datasets in the field of IoT intrusion detection, such as Bot-IoT, Constrained Application Protocol–Denial of Service (CoAP-DoS), and LATAM-DDoS-IoT (some of the names of DDoS datasets), which mainly focus on DDoS attacks, the datasets describing new IoT DDoS attack scenarios are extremely rare, and only N-BaIoT and IoT-23 datasets used IoT… More >

Bilal Khan¹, Muhammad Arshad², Sarwar Shah Khan^3,4,*

Journal of Cyber Security, Vol.5, pp. 1-11, 2023, DOI:10.32604/jcs.2023.042501

Abstract The proliferation of maliciously coded documents as file transfers increase has led to a rise in sophisticated attacks. Portable Document Format (PDF) files have emerged as a major attack vector for malware due to their adaptability and wide usage. Detecting malware in PDF files is challenging due to its ability to include various harmful elements such as embedded scripts, exploits, and malicious URLs. This paper presents a comparative analysis of machine learning (ML) techniques, including Naive Bayes (NB), K-Nearest Neighbor (KNN), Average One Dependency Estimator (A1DE), Random Forest (RF), and Support Vector Machine (SVM) for PDF malware detection. The study… More >

Khaled M. Alalayah¹, Fatma S. Alrayes², Mohamed K. Nour³, Khadija M. Alaidarous¹, Ibrahim M. Alwayle¹, Heba Mohsen⁴, Ibrahim Abdulrab Ahmed⁵, Mesfer Al Duhayyim^6,*

Computer Systems Science and Engineering, Vol.46, No.3, pp. 3103-3119, 2023, DOI:10.32604/csse.2023.034034

Abstract Malware is a ‘malicious software program that performs multiple cyberattacks on the Internet, involving fraud, scams, nation-state cyberwar, and cybercrime. Such malicious software programs come under different classifications, namely Trojans, viruses, spyware, worms, ransomware, Rootkit, botnet malware, etc. Ransomware is a kind of malware that holds the victim’s data hostage by encrypting the information on the user’s computer to make it inaccessible to users and only decrypting it; then, the user pays a ransom procedure of a sum of money. To prevent detection, various forms of ransomware utilize more than one mechanism in their attack flow in conjunction with Machine… More >

Emad Alsuwat^1,*, Suhare Solaiman¹, Hatim Alsuwat²

CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 3743-3759, 2023, DOI:10.32604/cmc.2023.035126

Abstract Concept drift is a main security issue that has to be resolved since it presents a significant barrier to the deployment of machine learning (ML) models. Due to attackers’ (and/or benign equivalents’) dynamic behavior changes, testing data distribution frequently diverges from original training data over time, resulting in substantial model failures. Due to their dispersed and dynamic nature, distributed denial-of-service attacks pose a danger to cybersecurity, resulting in attacks with serious consequences for users and businesses. This paper proposes a novel design for concept drift analysis and detection of malware attacks like Distributed Denial of Service (DDOS) in the network.… More >

Zhiguo Chen^1,2,*, Jiabing Cao^1,2

CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 4445-4465, 2023, DOI:10.32604/cmc.2023.038639

Abstract The Corona Virus Disease 2019 (COVID-19) effect has made telecommuting and remote learning the norm. The growing number of Internet-connected devices provides cyber attackers with more attack vectors. The development of malware by criminals also incorporates a number of sophisticated obfuscation techniques, making it difficult to classify and detect malware using conventional approaches. Therefore, this paper proposes a novel visualization-based malware classification system using transfer and ensemble learning (VMCTE). VMCTE has a strong anti-interference ability. Even if malware uses obfuscation, fuzzing, encryption, and other techniques to evade detection, it can be accurately classified into its corresponding malware family. Unlike traditional… More >

Faisal S. Alsubaei¹, Haya Mesfer Alshahrani², Khaled Tarmissi³, Abdelwahed Motwakel^4,*

Intelligent Automation & Soft Computing, Vol.36, No.3, pp. 2897-2914, 2023, DOI:10.32604/iasc.2023.034907

Abstract Cybersecurity has become the most significant research area in the domain of the Internet of Things (IoT) owing to the ever-increasing number of cyberattacks. The rapid penetration of Android platforms in mobile devices has made the detection of malware attacks a challenging process. Furthermore, Android malware is increasing on a daily basis. So, precise malware detection analytical techniques need a large number of hardware resources that are significantly resource-limited for mobile devices. In this research article, an optimal Graph Convolutional Neural Network-based Malware Detection and classification (OGCNN-MDC) model is introduced for an IoT-cloud environment. The proposed OGCNN-MDC model aims to… More >

Younghoon Ban, Jeong Hyun Yi, Haehyun Cho^*

Computer Systems Science and Engineering, Vol.46, No.2, pp. 2215-2230, 2023, DOI:10.32604/csse.2023.036555

Abstract Android malware has evolved in various forms such as adware that continuously exposes advertisements, banking malware designed to access users’ online banking accounts, and Short Message Service (SMS) malware that uses a Command & Control (C&C) server to send malicious SMS, intercept SMS, and steal data. By using many malicious strategies, the number of malware is steadily increasing. Increasing Android malware threats numerous users, and thus, it is necessary to detect malware quickly and accurately. Each malware has distinguishable characteristics based on its actions. Therefore, security researchers have tried to categorize malware based on their behaviors by conducting the familial… More >

Murat Dener^*, Sercan Gulburun

CMC-Computers, Materials & Continua, Vol.75, No.1, pp. 1235-1251, 2023, DOI:10.32604/cmc.2023.036357

Abstract One of the most common types of threats to the digital world is malicious software. It is of great importance to detect and prevent existing and new malware before it damages information assets. Machine learning approaches are used effectively for this purpose. In this study, we present a model in which supervised and unsupervised learning algorithms are used together. Clustering is used to enhance the prediction performance of the supervised classifiers. The aim of the proposed model is to make predictions in the shortest possible time with high accuracy and f1 score. In the first stage of the model, the… More >

Xuyan Song, Yiting Qin, Xinyao Liu, Baojiang Cui^*, Junsong Fu

CMC-Computers, Materials & Continua, Vol.75, No.1, pp. 2061-2078, 2023, DOI:10.32604/cmc.2023.034505

Abstract Fileless webshell attacks against Java web applications have become more frequent in recent years as Java has gained market share. Webshell is a malicious script that can remotely execute commands and invade servers. It is widely used in attacks against web applications. In contrast to traditional file-based webshells, fileless webshells leave no traces on the hard drive, which means they are invisible to most antivirus software. To make matters worse, although there are some studies on fileless webshells, almost all of them are aimed at web applications developed in the PHP language. The complex mechanism of Java makes researchers face… More >

Ahmad Moawad^*, Ahmed Ismail Ebada, Aya M. Al-Zoghby

Journal of Cyber Security, Vol.4, No.3, pp. 169-184, 2022, DOI:10.32604/jcs.2022.033537

Abstract In computer security, the number of malware threats is increasing and causing damage to systems for individuals or organizations, necessitating a new detection technique capable of detecting a new variant of malware more efficiently than traditional anti-malware methods. Traditional anti-malware software cannot detect new malware variants, and conventional techniques such as static analysis, dynamic analysis, and hybrid analysis are time-consuming and rely on domain experts. Visualization-based malware detection has recently gained popularity due to its accuracy, independence from domain experts, and faster detection time. Visualization-based malware detection uses the image representation of the malware binary and applies image processing techniques… More >