Towards a New Cyberdefense Generation: Proposition of an Intelligent
Cybersecurity Framework for Malware Attacks

Ikram   Ben   Abdel Ouahab; Mohammed       Bouhorma; Lotfi       El Aachak; Anouar    Abdelhakim    Boudhir

doi:10.2174/2666255813999201117093512

Abstract

Objective: Newborn malware has increased significantly in recent years, becoming more dangerous for many applications. So, researchers are focusing more on solutions that serve the defense of new malware trends and variance, especially zero-day malware attacks. The prime goal of our proposition is to reach a high-security level by defending against malware attacks effectively using advanced techniques.

Methods: In this paper, we propose an Intelligent Cybersecurity Framework specialized in malware attacks in a layered architecture. After receiving the unknown malware, the Framework Core layer uses malware visualization technique to process unknown samples of the malicious software. Then, we classify malware samples into their families using: K-Nearest Neighbor, Decision Tree, and Random Forest algorithms. Classification results are given in the last layer and based on a Malware Behavior Database; we are able to warn users by giving them a detailed report on the malicious behavior of the given malware family. The proposed Intelligent Cybersecurity Framework is implemented in a graphic user interface that is easy to use.

Results: Comparing machine learning classifiers, the Random Forest algorithm gives the best results in the classification task with a precision of 97.6%.

Conclusion: However, we need to take into account the results of the other classifiers for more reliability. Finally, obtained results are efficient and fast, meeting the cybersecurity frameworks' general requirements.

Keywords: Cybersecurity framework, cyber-attacks, malware behavior, malware visualization, machine learning, malware classification.

[1]
"Malware Statistics Trends Report | AV-TEST", https://www.av-test.org/en/statistics/malware/
[2]
"IBM X-Force Incident Response and Intelligence Services Vision Retainer", https://www.av-test.org/en/statistics/malware/
[3]
"McAfee Labs 2020 Threats Predictions Report", McAfee Blogs, 2019.https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-labs-2020-threats-predictions-report/
[4]
"National Institute of Standards and Technology", NIST.https://www.nist.gov/
[5]
National Institute of Standards and Technology, "Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1", Gaithersburg, MD, NIST CSWP , National Institute of Standards and Technology, p. 04162018, 2018.
[6]
J-P.A. Yaacoub, "Securing internet of medical things systems: Limitations, issues and recommendations", Future Gener. Comput. Syst., vol. 105, pp. 581-606, 2020.
 [http://dx.doi.org/10.1016/j.future.2019.12.028]
[7]
S. Gupta, V. Malhotra,  and S.N. Singh, Securing IoT-Driven Remote Healthcare Data Through BlockchainAdvances in Data and Information Sciences., Singapore, 2020, pp. 47-56.
 [http://dx.doi.org/10.1007/978-981-15-0694-9_6]
[8]
H.I. Ahmed, A.A. Nasr, S. Abdel-Mageid,  and H.K. Aslan, "A survey of IoT security threats and defenses", IJACR, vol. 9, no. 45, pp. 325-350, 2019.
 [http://dx.doi.org/10.19101/IJACR.2019.940088]
[9]
B.A. Abdelhakim, B.A. Mohamed, B. Mohammed,  and B.A.O. Ikram, "New Security Approach for IoT Communication Systems", Proceedings of the 3rd International Conference on Smart City Applications, Tetouan, Morocco, 2018, p. 2.
 [http://dx.doi.org/10.1145/3286606.3286779]
[10]
Y.V.S. Murthy, G. Jagadish, K. Mrunalini, K. Siva, P.V.V. Satyanarayana,  and V.N.R. Kumar, A Novel Approach to Troubleshoot Security Attacks in Local Area Networks..
[11]
M.A. Jerlin,  and K. Marimuthu, "A New Malware Detection System Using Machine Learning Techniques for API Call Sequences", J. Appl. Secur. Res., vol. 13, no. 1, pp. 45-62, 2018.
 [http://dx.doi.org/10.1080/19361610.2018.1387734]
[12]
B. Cakir,  and E. Dogdu, "Malware Classification Using Deep Learning Methods", Proceedings of the ACMSE 2018 Conference, New York, NY, USA, 2018, p. 10.
[13]
K. Rieck, T. Holz, C. Willems, P. Düssel,  and P. Laskov, Learning and Classification of Malware Behavior.Detection of Intrusions and Malware, and Vulnerability Assessment., vol., vol. 5137. Springer Berlin Heidelberg: Berlin, Heidelberg, 2008, pp. 108-125.
 [http://dx.doi.org/10.1007/978-3-540-70542-0_6]
[14]
L. Nataraj, S. Karthikeyan, G. Jacob,  and B.S. Manjunath, "Malware images: visualization and automatic classification", Proceedings of the 8th International Symposium on Visualization for Cyber Security - VizSec ’11, Pittsburgh, Pennsylvania, 2011, pp. 1-7.
[15]
A. Makandar,  and A. Patrot, "Malware analysis and classification using Artificial Neural Network", 2015 International Conference on Trends in Automation, Communications and Computing Technology (I-TACT-15), 2015, pp. 1-6.
 [http://dx.doi.org/10.1109/ITACT.2015.7492653]
[16]
A. Makandar,  and A. Patrot, "Wavelet Statistical Feature based Malware Class Recognition and Classification using Supervised Learning Classifier", Oriental journal of computer science and technology, vol. 10, no. 2, pp. 400-406, 2017.
 [http://dx.doi.org/10.13005/ojcst/10.02.20]
[17]
B.A.O. Ikram, B. Mohammed, B.A. Abdelhakim, E.A. Lotfi,  and B. Zafar, "Machine learning application for malwares classification using visualization technique", Proceedings of the 4th International Conference on Smart City Applications, Casablanca, Morocco, 2019, pp. 1-6.
 [http://dx.doi.org/10.1145/3368756.3369098]
[18]
I. Ben Abdel Ouahab, L. El Aachak, B.A. Abdelhakim,  and M. Bouhorma, "Speedy and efficient malwares images classifier using reduced GIST features for a new defense guide", Marrakech, Morocco, 2020.
[19]
F.C.C. Garcia,  and F.P. Muga II, "Random Forest for Malware Classification", http://arxiv.org/abs/1609.07770
[20]
A.F. Agarap,  and F.J.H. Pepito, Towards Building an Intelligent Anti-Malware System: A Deep Learning Approach using Support Vector Machine (SVM) for Malware Classification, 2017.http://arxiv.org/abs/1801.00318
[21]
J. Luo,  and D.C. Lo, "Malware image classification using machine learning with local binary pattern", 2017 IEEE International Conference on Big Data (Big Data), 2017, pp. 4664-4667.
 [http://dx.doi.org/10.1109/BigData.2017.8258512]
[22]
E.K. Kabanga,  and C.H. Kim, "Malware Images Classification Using Convolutional Neural Network", Journal of Computer and Communications, vol. 6, no. 1, pp. 153-158, 2017.
 [http://dx.doi.org/10.4236/jcc.2018.61016]
[23]
M. Kalash, M. Rochan, N. Mohammed, N. Bruce, Y. Wang,  and F. Iqbal, "A Deep Learning Framework for Malware Classification", Int. J. Digit. Crime Forensics, vol. 12, no. 1, pp. 90-108, 2020.
 [http://dx.doi.org/10.4018/IJDCF.2020010105]
[24]
R. Pascanu, J.W. Stokes, H. Sanossian, M. Marinescu,  and A. Thomas, "Malware classification with recurrent networks", 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2015, pp. 1916-1920.
 [http://dx.doi.org/10.1109/ICASSP.2015.7178304]
[25]
B. Kolosnjaji, A. Zarras, G. Webster,  and C. Eckert, Deep Learning for Classification of Malware System Call Sequences AI 2016., Advances in Artificial Intelligence: Cham, 2016, pp. 137-149.
 [http://dx.doi.org/10.1007/978-3-319-50127-7_11]
[26]
R.C. Neath,  and M.S. Johnson, " ", In: P. Peterson, E. Baker, B. McGaw, Eds., Discrimination and Classification in International Encyclopedia of Education, Third Edition Oxford: Elsevier, 2010, pp. 135-141.
 [http://dx.doi.org/10.1016/B978-0-08-044894-7.01312-9]
[27]
L. Breiman, J. Friedman, C.J. Stone,  and R.A. Olshen, Classification and Regression Trees..
[28]
"API Reference — scikit-learn 0.22.1 documentation", https://scikit-learn.org/stable/modules/classes.html#sklearn-metrics-metrics
[29]
"Malimg Dataset", https://www.kaggle.com/afagarap/malimg-dataset
[30]
A. Oliva,  and A. Torralba, "Modeling the Shape of the Scene: A Holistic Representation of the Spatial Envelope", 

Rights & Permissions Print Cite

Article Metrics

15

Journal Information

For Authors

For Editors

For Reviewers

Explore Articles

Open Access

Open Access Articles

For Visitors

DOI https://dx.doi.org/10.2174/2666255813999201117093512	Print ISSN 2666-2558
Publisher Name Bentham Science Publisher	Online ISSN 2666-2566

Recent Advances in Computer Science and Communications

Towards a New Cyberdefense Generation: Proposition of an Intelligent Cybersecurity Framework for Malware Attacks

Abstract Play Pause

Related Journals

Related Books

Abstract