Zhiguo Chen^1,2,*, Jiabing Cao^1,2

CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 4445-4465, 2023, DOI:10.32604/cmc.2023.038639

Abstract The Corona Virus Disease 2019 (COVID-19) effect has made telecommuting and remote learning the norm. The growing number of Internet-connected devices provides cyber attackers with more attack vectors. The development of malware by criminals also incorporates a number of sophisticated obfuscation techniques, making it difficult to classify and detect malware using conventional approaches. Therefore, this paper proposes a novel visualization-based malware classification system using transfer and ensemble learning (VMCTE). VMCTE has a strong anti-interference ability. Even if malware uses obfuscation, fuzzing, encryption, and other techniques to evade detection, it can be accurately classified into its corresponding malware family. Unlike traditional… More >

Faisal S. Alsubaei¹, Haya Mesfer Alshahrani², Khaled Tarmissi³, Abdelwahed Motwakel^4,*

Intelligent Automation & Soft Computing, Vol.36, No.3, pp. 2897-2914, 2023, DOI:10.32604/iasc.2023.034907

Abstract Cybersecurity has become the most significant research area in the domain of the Internet of Things (IoT) owing to the ever-increasing number of cyberattacks. The rapid penetration of Android platforms in mobile devices has made the detection of malware attacks a challenging process. Furthermore, Android malware is increasing on a daily basis. So, precise malware detection analytical techniques need a large number of hardware resources that are significantly resource-limited for mobile devices. In this research article, an optimal Graph Convolutional Neural Network-based Malware Detection and classification (OGCNN-MDC) model is introduced for an IoT-cloud environment. The proposed OGCNN-MDC model aims to… More >

Younghoon Ban, Jeong Hyun Yi, Haehyun Cho^*

Computer Systems Science and Engineering, Vol.46, No.2, pp. 2215-2230, 2023, DOI:10.32604/csse.2023.036555

Abstract Android malware has evolved in various forms such as adware that continuously exposes advertisements, banking malware designed to access users’ online banking accounts, and Short Message Service (SMS) malware that uses a Command & Control (C&C) server to send malicious SMS, intercept SMS, and steal data. By using many malicious strategies, the number of malware is steadily increasing. Increasing Android malware threats numerous users, and thus, it is necessary to detect malware quickly and accurately. Each malware has distinguishable characteristics based on its actions. Therefore, security researchers have tried to categorize malware based on their behaviors by conducting the familial… More >

Murat Dener^*, Sercan Gulburun

CMC-Computers, Materials & Continua, Vol.75, No.1, pp. 1235-1251, 2023, DOI:10.32604/cmc.2023.036357

Abstract One of the most common types of threats to the digital world is malicious software. It is of great importance to detect and prevent existing and new malware before it damages information assets. Machine learning approaches are used effectively for this purpose. In this study, we present a model in which supervised and unsupervised learning algorithms are used together. Clustering is used to enhance the prediction performance of the supervised classifiers. The aim of the proposed model is to make predictions in the shortest possible time with high accuracy and f1 score. In the first stage of the model, the… More >

Xuyan Song, Yiting Qin, Xinyao Liu, Baojiang Cui^*, Junsong Fu

CMC-Computers, Materials & Continua, Vol.75, No.1, pp. 2061-2078, 2023, DOI:10.32604/cmc.2023.034505

Abstract Fileless webshell attacks against Java web applications have become more frequent in recent years as Java has gained market share. Webshell is a malicious script that can remotely execute commands and invade servers. It is widely used in attacks against web applications. In contrast to traditional file-based webshells, fileless webshells leave no traces on the hard drive, which means they are invisible to most antivirus software. To make matters worse, although there are some studies on fileless webshells, almost all of them are aimed at web applications developed in the PHP language. The complex mechanism of Java makes researchers face… More >

Ahmad Moawad^*, Ahmed Ismail Ebada, Aya M. Al-Zoghby

Journal of Cyber Security, Vol.4, No.3, pp. 169-184, 2022, DOI:10.32604/jcs.2022.033537

Abstract In computer security, the number of malware threats is increasing and causing damage to systems for individuals or organizations, necessitating a new detection technique capable of detecting a new variant of malware more efficiently than traditional anti-malware methods. Traditional anti-malware software cannot detect new malware variants, and conventional techniques such as static analysis, dynamic analysis, and hybrid analysis are time-consuming and rely on domain experts. Visualization-based malware detection has recently gained popularity due to its accuracy, independence from domain experts, and faster detection time. Visualization-based malware detection uses the image representation of the malware binary and applies image processing techniques… More >

J. Pavithra^*, S. Selvakumarasamy

Journal of Cyber Security, Vol.4, No.3, pp. 135-151, 2022, DOI:10.32604/jcs.2022.031889

Abstract Machine learning (ML) is often used to solve the problem of malware detection and classification, and various machine learning approaches are adapted to the problem of malware classification; still acquiring poor performance by the way of feature selection, and classification. To address the problem, an efficient novel algorithm for adaptive feature-centered XG Boost Ensemble Learner Classifier “AFC-XG Boost” is presented in this paper. The proposed model has been designed to handle varying data sets of malware detection obtained from Kaggle data set. The model turns the XG Boost classifier in several stages to optimize performance. At preprocessing stage, the data… More >

Jingwei Hao^*, Senlin Luo, Limin Pan

Computer Systems Science and Engineering, Vol.46, No.1, pp. 719-734, 2023, DOI:10.32604/csse.2023.033923

Abstract The byte stream is widely used in malware detection due to its independence of reverse engineering. However, existing methods based on the byte stream implement an indiscriminate feature extraction strategy, which ignores the byte function difference in different segments and fails to achieve targeted feature extraction for various byte semantic representation modes, resulting in byte semantic confusion. To address this issue, an enhanced adversarial byte function associated method for malware backdoor attack is proposed in this paper by categorizing various function bytes into three functions involving structure, code, and data. The Minhash algorithm, grayscale mapping, and state transition probability statistics… More >

Le Duc Thuan^1,2,*, Pham Van Huong², Hoang Van Hiep¹, Nguyen Kim Khanh¹

Computer Systems Science and Engineering, Vol.45, No.3, pp. 2741-2759, 2023, DOI:10.32604/csse.2023.033420

Abstract Android malware has exploded in popularity in recent years, due to the platform’s dominance of the mobile market. With the advancement of deep learning technology, numerous deep learning-based works have been proposed for the classification of Android malware. Deep learning technology is designed to handle a large amount of raw and continuous data, such as image content data. However, it is incompatible with discrete features, i.e., features gathered from multiple sources. Furthermore, if the feature set is already well-extracted and sparsely distributed, this technology is less effective than traditional machine learning. On the other hand, a wide learning model can… More >

Muhammad Waqar¹, Sabeeh Fareed¹, Ajung Kim^2,*, Saif Ur Rehman Malik³, Muhammad Imran¹, Muhammad Usman Yaseen¹

CMC-Computers, Materials & Continua, Vol.74, No.2, pp. 4399-4415, 2023, DOI:10.32604/cmc.2023.032984

Abstract The Android Operating System (AOS) has been evolving since its inception and it has become one of the most widely used operating system for the Internet of Things (IoT). Due to the high popularity and reliability of AOS for IoT, it is a target of many cyber-attacks which can cause compromise of privacy, financial loss, data integrity, unauthorized access, denial of services and so on. The Android-based IoT (AIoT) devices are extremely vulnerable to various malwares due to the open nature and high acceptance of Android in the market. Recently, several detection preventive malwares are developed to conceal their malicious… More >