عنوان انگلیسی مقاله:
A multi-dimensional machine learning approach to predict advanced malware
ترجمه فارسی عنوان مقاله:
یک روش یادگیری ماشین چند بعدی برای پیش بینی بدافزار پیشرفته
Sciencedirect - Elsevier - Computer Networks, 160 (2019) 118-129: doi:10:1016/j:comnet:2019:06:015
S erif Bahtiyar ∗, Mehmet Barı¸s Yaman 1 , Can Yılmaz Altıni ˘gne 1
The growth of cyber-attacks that are carried out with malware have become more sophisticated on al- most all networks. Furthermore, attacks with advanced malware have the greatest complexity which makes them very hard to detect. Advanced malware is able to obfuscate much of their traces through many mechanisms, such as metamorphic engines. Therefore, predictions and detections of such malware have become significant challenge for malware analyses mechanisms. In this paper, we propose a multi- dimensional machine learning approach to predict Stuxnet like malware from a dataset that consists of malware samples by using five distinguishing features of advanced malware. We define the features by analyzing advanced malware samples in the wild. Our approach uses regression models to predict ad- vanced malware. We create a malware dataset from existing datasets that contain real samples for ex- perimental purposes. Analyses results show that there are high correlations among some features of ad- vanced malware. These provide better predictions scores, such as R 2 = 0 . 8203 score for Stuxnet closeness feature. Experimental analyses show that our approach is able to predict Stuxnet like advanced malware if prediction features defined.
Keywords: Advanced malware | Machine learning | API Call | Prediction | Classification