Zhengqiu Weng^1,2, Timing Chen^1,*, Tiantian Zhu¹, Hang Dong¹, Dan Zhou¹, Osama Alfarraj³

Computer Systems Science and Engineering, Vol.37, No.1, pp. 105-119, 2021, DOI:10.32604/csse.2021.015074

Abstract Internet traffic encryption is a very common traffic protection method. Most internet traffic is protected by the encryption protocol called transport layer security (TLS). Although traffic encryption can ensure the security of communication, it also enables malware to hide its information and avoid being detected. At present, most of the malicious traffic detection methods are aimed at the unencrypted ones. There are some problems in the detection of encrypted traffic, such as high false positive rate, difficulty in feature extraction, and insufficient practicability. The accuracy and effectiveness of existing methods need to be improved. In this paper, we present TLSmell,… More >

Rami Sihwail^*, Khairuddin Omar, Khairul Akram Zainol Ariffin

CMC-Computers, Materials & Continua, Vol.67, No.2, pp. 2301-2320, 2021, DOI:10.32604/cmc.2021.014510

Abstract The study of malware behaviors, over the last years, has received tremendous attention from researchers for the purpose of reducing malware risks. Most of the investigating experiments are performed using either static analysis or behavior analysis. However, recent studies have shown that both analyses are vulnerable to modern malware files that use several techniques to avoid analysis and detection. Therefore, extracted features could be meaningless and a distraction for malware analysts. However, the volatile memory can expose useful information about malware behaviors and characteristics. In addition, memory analysis is capable of detecting unconventional malware, such as in-memory and fileless malware.… More >

Yue Li¹, Guangquan Xu^2,3, Hequn Xian^1,*, Longlong Rao³, Jiangang Shi^4,*

Intelligent Automation & Soft Computing, Vol.25, No.3, pp. 637-647, 2019, DOI:10.31209/2019.100000118

Abstract In order to prevent the spread of Android malware and protect privacy information from being compromised, this study proposes a novel multidimensional hybrid features extraction and analysis method for Android malware detection. This method is based primarily on a multidimensional hybrid features vector by extracting the information of permission requests, API calls, and runtime behaviors. The innovation of this study is to extract greater amounts of static and dynamic features information and combine them, that renders the features vector for training completer and more comprehensive. In addition, the feature selection algorithm is used to further optimize the extracted information to… More >

Chunlai Du¹, Shenghui Liu¹, Lei Si², Yanhui Guo^{2, *}, Tong Jin¹

CMC-Computers, Materials & Continua, Vol.64, No.3, pp. 1785-1796, 2020, DOI:10.32604/cmc.2020.010091

Abstract In recent years, the number of exposed vulnerabilities has grown rapidly and more and more attacks occurred to intrude on the target computers using these vulnerabilities such as different malware. Malware detection has attracted more attention and still faces severe challenges. As malware detection based traditional machine learning relies on exports’ experience to design efficient features to distinguish different malware, it causes bottleneck on feature engineer and is also time-consuming to find efficient features. Due to its promising ability in automatically proposing and selecting significant features, deep learning has gradually become a research hotspot. In this paper, aiming to detect… More >