Khaled M. Alalayah¹, Fatma S. Alrayes², Mohamed K. Nour³, Khadija M. Alaidarous¹, Ibrahim M. Alwayle¹, Heba Mohsen⁴, Ibrahim Abdulrab Ahmed⁵, Mesfer Al Duhayyim^6,*

Computer Systems Science and Engineering, Vol.46, No.3, pp. 3103-3119, 2023, DOI:10.32604/csse.2023.034034 - 03 April 2023

Abstract Malware is a ‘malicious software program that performs multiple cyberattacks on the Internet, involving fraud, scams, nation-state cyberwar, and cybercrime. Such malicious software programs come under different classifications, namely Trojans, viruses, spyware, worms, ransomware, Rootkit, botnet malware, etc. Ransomware is a kind of malware that holds the victim’s data hostage by encrypting the information on the user’s computer to make it inaccessible to users and only decrypting it; then, the user pays a ransom procedure of a sum of money. To prevent detection, various forms of ransomware utilize more than one mechanism in their attack… More >

Emad Alsuwat^1,*, Suhare Solaiman¹, Hatim Alsuwat²

CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 3743-3759, 2023, DOI:10.32604/cmc.2023.035126 - 31 March 2023

Abstract Concept drift is a main security issue that has to be resolved since it presents a significant barrier to the deployment of machine learning (ML) models. Due to attackers’ (and/or benign equivalents’) dynamic behavior changes, testing data distribution frequently diverges from original training data over time, resulting in substantial model failures. Due to their dispersed and dynamic nature, distributed denial-of-service attacks pose a danger to cybersecurity, resulting in attacks with serious consequences for users and businesses. This paper proposes a novel design for concept drift analysis and detection of malware attacks like Distributed Denial of… More >

Zhiguo Chen^1,2,*, Jiabing Cao^1,2

CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 4445-4465, 2023, DOI:10.32604/cmc.2023.038639 - 31 March 2023

Abstract The Corona Virus Disease 2019 (COVID-19) effect has made telecommuting and remote learning the norm. The growing number of Internet-connected devices provides cyber attackers with more attack vectors. The development of malware by criminals also incorporates a number of sophisticated obfuscation techniques, making it difficult to classify and detect malware using conventional approaches. Therefore, this paper proposes a novel visualization-based malware classification system using transfer and ensemble learning (VMCTE). VMCTE has a strong anti-interference ability. Even if malware uses obfuscation, fuzzing, encryption, and other techniques to evade detection, it can be accurately classified into its… More >

Faisal S. Alsubaei¹, Haya Mesfer Alshahrani², Khaled Tarmissi³, Abdelwahed Motwakel^4,*

Intelligent Automation & Soft Computing, Vol.36, No.3, pp. 2897-2914, 2023, DOI:10.32604/iasc.2023.034907 - 15 March 2023

Abstract Cybersecurity has become the most significant research area in the domain of the Internet of Things (IoT) owing to the ever-increasing number of cyberattacks. The rapid penetration of Android platforms in mobile devices has made the detection of malware attacks a challenging process. Furthermore, Android malware is increasing on a daily basis. So, precise malware detection analytical techniques need a large number of hardware resources that are significantly resource-limited for mobile devices. In this research article, an optimal Graph Convolutional Neural Network-based Malware Detection and classification (OGCNN-MDC) model is introduced for an IoT-cloud environment. The… More >

Younghoon Ban, Jeong Hyun Yi, Haehyun Cho^*

Computer Systems Science and Engineering, Vol.46, No.2, pp. 2215-2230, 2023, DOI:10.32604/csse.2023.036555 - 09 February 2023

Abstract Android malware has evolved in various forms such as adware that continuously exposes advertisements, banking malware designed to access users’ online banking accounts, and Short Message Service (SMS) malware that uses a Command & Control (C&C) server to send malicious SMS, intercept SMS, and steal data. By using many malicious strategies, the number of malware is steadily increasing. Increasing Android malware threats numerous users, and thus, it is necessary to detect malware quickly and accurately. Each malware has distinguishable characteristics based on its actions. Therefore, security researchers have tried to categorize malware based on their… More >

Murat Dener^*, Sercan Gulburun

CMC-Computers, Materials & Continua, Vol.75, No.1, pp. 1235-1251, 2023, DOI:10.32604/cmc.2023.036357 - 06 February 2023

Abstract One of the most common types of threats to the digital world is malicious software. It is of great importance to detect and prevent existing and new malware before it damages information assets. Machine learning approaches are used effectively for this purpose. In this study, we present a model in which supervised and unsupervised learning algorithms are used together. Clustering is used to enhance the prediction performance of the supervised classifiers. The aim of the proposed model is to make predictions in the shortest possible time with high accuracy and f1 score. In the first… More >

Xuyan Song, Yiting Qin, Xinyao Liu, Baojiang Cui^*, Junsong Fu

CMC-Computers, Materials & Continua, Vol.75, No.1, pp. 2061-2078, 2023, DOI:10.32604/cmc.2023.034505 - 06 February 2023

Abstract Fileless webshell attacks against Java web applications have become more frequent in recent years as Java has gained market share. Webshell is a malicious script that can remotely execute commands and invade servers. It is widely used in attacks against web applications. In contrast to traditional file-based webshells, fileless webshells leave no traces on the hard drive, which means they are invisible to most antivirus software. To make matters worse, although there are some studies on fileless webshells, almost all of them are aimed at web applications developed in the PHP language. The complex mechanism… More >

Jingwei Hao^*, Senlin Luo, Limin Pan

Computer Systems Science and Engineering, Vol.46, No.1, pp. 719-734, 2023, DOI:10.32604/csse.2023.033923 - 20 January 2023

Abstract The byte stream is widely used in malware detection due to its independence of reverse engineering. However, existing methods based on the byte stream implement an indiscriminate feature extraction strategy, which ignores the byte function difference in different segments and fails to achieve targeted feature extraction for various byte semantic representation modes, resulting in byte semantic confusion. To address this issue, an enhanced adversarial byte function associated method for malware backdoor attack is proposed in this paper by categorizing various function bytes into three functions involving structure, code, and data. The Minhash algorithm, grayscale mapping, More >

Le Duc Thuan^1,2,*, Pham Van Huong², Hoang Van Hiep¹, Nguyen Kim Khanh¹

Computer Systems Science and Engineering, Vol.45, No.3, pp. 2741-2759, 2023, DOI:10.32604/csse.2023.033420 - 21 December 2022

Abstract Android malware has exploded in popularity in recent years, due to the platform’s dominance of the mobile market. With the advancement of deep learning technology, numerous deep learning-based works have been proposed for the classification of Android malware. Deep learning technology is designed to handle a large amount of raw and continuous data, such as image content data. However, it is incompatible with discrete features, i.e., features gathered from multiple sources. Furthermore, if the feature set is already well-extracted and sparsely distributed, this technology is less effective than traditional machine learning. On the other hand,… More >

Muhammad Waqar¹, Sabeeh Fareed¹, Ajung Kim^2,*, Saif Ur Rehman Malik³, Muhammad Imran¹, Muhammad Usman Yaseen¹

CMC-Computers, Materials & Continua, Vol.74, No.2, pp. 4399-4415, 2023, DOI:10.32604/cmc.2023.032984 - 31 October 2022

Abstract The Android Operating System (AOS) has been evolving since its inception and it has become one of the most widely used operating system for the Internet of Things (IoT). Due to the high popularity and reliability of AOS for IoT, it is a target of many cyber-attacks which can cause compromise of privacy, financial loss, data integrity, unauthorized access, denial of services and so on. The Android-based IoT (AIoT) devices are extremely vulnerable to various malwares due to the open nature and high acceptance of Android in the market. Recently, several detection preventive malwares are More >