This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques achieve an overall accuracy of 90.5% in detecting spyware, performing better than traditional signature-based or heuristic-based methods.
A comprehensive study on classification of passive intrusion and extrusion de...csandit
Cyber criminals compromise Integrity, Availability and Confidentiality of network resources in
cyber space and cause remote class intrusions such as U2R, R2L, DoS and probe/scan system
attacks .To handle these intrusions, Cyber Security uses three audit and monitoring systems
namely Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS). Intrusion
Detection System (IDS) monitors only inbound traffic which is insufficient to prevent botnet
systems. A system to monitor outbound traffic is named as Extrusion Detection System (EDS).
Therefore a hybrid system should be designed to handle both inbound and outbound traffic.
Due to the increased false alarms preventive systems do not suite to an organizational network.
The goal of this paper is to devise a taxonomy for cyber security and study the existing methods
of Intrusion and Extrusion Detection systems based on three primary characteristics. The
metrics used to evaluate IDS and EDS are also presented.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the
warriors of the internet. They attack and do harmful things to compromised system. This paper will show
the methodology use by hackers to gained access to system and the different tools used by them and how
they are group based on their skills. It will identify exploits that can be used to attack a system and find
mitigation to those exploits.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the warriors of the internet. They attack and do harmful things to compromised system. This paper will show the methodology use by hackers to gained access to system and the different tools used by them and how they are group based on their skills. It will identify exploits that can be used to attack a system and find mitigation to those exploits. In addition, the paper discusses the actual implementation of the hacking phases with the virtual machines use in the process. The virtual machines specification is also listed. it will also provide means and insights on how to protect one system from being compromised.
This document describes a proposed artificial neural network based intrusion detection system. It uses a multilayer perceptron neural network architecture trained on the KDD Cup 99 intrusion detection dataset. The system monitors network traffic in real-time, extracts features from network packets, and classifies the traffic into six categories using the neural network. It is able to detect both known and unknown attacks. The system aims to improve upon traditional signature-based intrusion detection systems.
Malicious activities (malcodes) are self replicating
malware and a major security threat in a network environment.
Timely detection and system alert flags are very essential to
prevent rapid malcodes spreading in the network. The difficulty
in detecting malcodes is that they evolve over time. Despite the fact
that signature-based tools, are generally used to secure systems,
signature-based malcode detectors neglect to recognize muddled
and beforehand concealed malcode executables. Automatic signature
generation systems has likewise been use to address the issue
of malcodes, yet there are many works required for good detection.
Base on the behavior way of malcodes, a behavior approach is
required for such detection. Specifically, we require a dynamic
investigation and behavior Rule Base system that distinguishes
malcodes without erroneously block legitimate traffic or increase
false alarms. This paper proposed and discussed the approach
using Machine learning and Indicators of Compromise (IOC) to
analyze intrusion in a network, to identify the cause of the attack
and to provide future detection. This paper proposed the use of
behaviour malware analysis framework to analyze intrusion data,
apply clustering algorithm on the analyzed data and generate IOC
from the clustered data for IOCRule, which will be implemented
into Snort Intrusion Detection System (IDS) for malicious code
detection.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Malware Detection Module using Machine Learning Algorithms to Assist in Centr...IJNSA Journal
Malicious software is abundant in a world of innumerable computer users, who are constantly faced withthese threats from various sources like the internet, local networks and portable drives. Malware is potentially low to high risk and can cause systems to function incorrectly, steal data and even crash. Malware may be executable or system library files in the form of viruses, worms, Trojans, all aimed at breaching the security of the system and compromising user privacy. Typically, anti-virus software is based on a signature definition system which keeps updating from the internet and thus keeping track of known viruses. While this may be sufficient for home-users, a security risk from a new virus could threaten an entire enterprise network. This paper proposes a new and more sophisticated antivirus engine that can not only scan files, but also build knowledge and detect files as potential viruses. This is done by extracting system API calls made by various normal and harmful executable, and using machine learning algorithms to classify and hence, rank files on a scale of security risk. While such a system is processor heavy, it is very effective when used centrally to protect an enterprise network which maybe more prone to such threats.
Current Studies On Intrusion Detection System, Genetic Algorithm And Fuzzy Logicijdpsjournal
This document summarizes a research paper on current studies of intrusion detection systems using genetic algorithms and fuzzy logic. The paper presents an overview of intrusion detection systems, including different techniques like misuse detection and anomaly detection. It discusses using genetic algorithms to generate fuzzy rules to characterize normal and abnormal network behavior in order to reduce false alarms. The paper also outlines the dataset, genetic algorithm approach, and use of fuzzy logic that are proposed for the intrusion detection system.
A comprehensive study on classification of passive intrusion and extrusion de...csandit
Cyber criminals compromise Integrity, Availability and Confidentiality of network resources in
cyber space and cause remote class intrusions such as U2R, R2L, DoS and probe/scan system
attacks .To handle these intrusions, Cyber Security uses three audit and monitoring systems
namely Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS). Intrusion
Detection System (IDS) monitors only inbound traffic which is insufficient to prevent botnet
systems. A system to monitor outbound traffic is named as Extrusion Detection System (EDS).
Therefore a hybrid system should be designed to handle both inbound and outbound traffic.
Due to the increased false alarms preventive systems do not suite to an organizational network.
The goal of this paper is to devise a taxonomy for cyber security and study the existing methods
of Intrusion and Extrusion Detection systems based on three primary characteristics. The
metrics used to evaluate IDS and EDS are also presented.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the
warriors of the internet. They attack and do harmful things to compromised system. This paper will show
the methodology use by hackers to gained access to system and the different tools used by them and how
they are group based on their skills. It will identify exploits that can be used to attack a system and find
mitigation to those exploits.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the warriors of the internet. They attack and do harmful things to compromised system. This paper will show the methodology use by hackers to gained access to system and the different tools used by them and how they are group based on their skills. It will identify exploits that can be used to attack a system and find mitigation to those exploits. In addition, the paper discusses the actual implementation of the hacking phases with the virtual machines use in the process. The virtual machines specification is also listed. it will also provide means and insights on how to protect one system from being compromised.
This document describes a proposed artificial neural network based intrusion detection system. It uses a multilayer perceptron neural network architecture trained on the KDD Cup 99 intrusion detection dataset. The system monitors network traffic in real-time, extracts features from network packets, and classifies the traffic into six categories using the neural network. It is able to detect both known and unknown attacks. The system aims to improve upon traditional signature-based intrusion detection systems.
Malicious activities (malcodes) are self replicating
malware and a major security threat in a network environment.
Timely detection and system alert flags are very essential to
prevent rapid malcodes spreading in the network. The difficulty
in detecting malcodes is that they evolve over time. Despite the fact
that signature-based tools, are generally used to secure systems,
signature-based malcode detectors neglect to recognize muddled
and beforehand concealed malcode executables. Automatic signature
generation systems has likewise been use to address the issue
of malcodes, yet there are many works required for good detection.
Base on the behavior way of malcodes, a behavior approach is
required for such detection. Specifically, we require a dynamic
investigation and behavior Rule Base system that distinguishes
malcodes without erroneously block legitimate traffic or increase
false alarms. This paper proposed and discussed the approach
using Machine learning and Indicators of Compromise (IOC) to
analyze intrusion in a network, to identify the cause of the attack
and to provide future detection. This paper proposed the use of
behaviour malware analysis framework to analyze intrusion data,
apply clustering algorithm on the analyzed data and generate IOC
from the clustered data for IOCRule, which will be implemented
into Snort Intrusion Detection System (IDS) for malicious code
detection.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Malware Detection Module using Machine Learning Algorithms to Assist in Centr...IJNSA Journal
Malicious software is abundant in a world of innumerable computer users, who are constantly faced withthese threats from various sources like the internet, local networks and portable drives. Malware is potentially low to high risk and can cause systems to function incorrectly, steal data and even crash. Malware may be executable or system library files in the form of viruses, worms, Trojans, all aimed at breaching the security of the system and compromising user privacy. Typically, anti-virus software is based on a signature definition system which keeps updating from the internet and thus keeping track of known viruses. While this may be sufficient for home-users, a security risk from a new virus could threaten an entire enterprise network. This paper proposes a new and more sophisticated antivirus engine that can not only scan files, but also build knowledge and detect files as potential viruses. This is done by extracting system API calls made by various normal and harmful executable, and using machine learning algorithms to classify and hence, rank files on a scale of security risk. While such a system is processor heavy, it is very effective when used centrally to protect an enterprise network which maybe more prone to such threats.
Current Studies On Intrusion Detection System, Genetic Algorithm And Fuzzy Logicijdpsjournal
This document summarizes a research paper on current studies of intrusion detection systems using genetic algorithms and fuzzy logic. The paper presents an overview of intrusion detection systems, including different techniques like misuse detection and anomaly detection. It discusses using genetic algorithms to generate fuzzy rules to characterize normal and abnormal network behavior in order to reduce false alarms. The paper also outlines the dataset, genetic algorithm approach, and use of fuzzy logic that are proposed for the intrusion detection system.
Basic survey on malware analysis, tools and techniquesijcsa
The term malware stands for malicious software. It is a program installed on a system without the
knowledge of owner of the system. It is basically installed by the third party with the intention to steal some
private data from the system or simply just to play pranks. This in turn threatens the computer’s security,
wherein computer are used by one’s in day-to-day life as to deal with various necessities like education,
communication, hospitals, banking, entertainment etc. Different traditional techniques are used to detect
and defend these malwares like Antivirus Scanner (AVS), firewalls, etc. But today malware writers are one
step forward towards then Malware detectors. Day-by-day they write new malwares, which become a great
challenge for malware detectors. This paper focuses on basis study of malwares and various detection
techniques which can be used to detect malwares.
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSIJNSA Journal
This document summarizes a survey paper on malware detection and analysis tools. It provides an overview of different types of malware like viruses, worms, Trojans, rootkits, spyware and keyloggers. It describes techniques for malware analysis, including static analysis which examines code without execution, and dynamic analysis which analyzes behavior during execution. It also lists some limitations of static analysis and the need for dynamic analysis. Finally, it discusses various tools available for malware detection, analysis, reverse engineering and debugging.
Intrusion Detection System - False Positive Alert Reduction TechniqueIDES Editor
Intrusion Detection System (IDS) is the most
powerful system that can handle the intrusions of the computer
environments by triggering alerts to make the analysts take
actions to stop this intrusion, but the IDS is triggering alerts
for any suspicious activity which means thousand alerts that
the analysts should take care of it. IDS generate a large
number of alerts and most of them are false positive as the
behavior construe for partial attack pattern or lack of
environment knowledge. These Alerts has different severities
and most of them don’t require big attention because of the
huge number of the false alerts among them. Monitoring and
identifying risky alerts is a major concern to security
administrator. Deleting the false alerts or reducing the
amount of the alerts (false alerts or real alerts) from the
entire amount alerts lead the researchers to design an
operational model for minimization of false positive alarms,
including recurring alarms by security administrator. In this
paper we are proposing a method, which can reduce such kind
of false positive alarms.
This document proposes a new approach to designing and developing a portable high interaction honeypot system. The key aspects are:
1) It implements the honeypot system on a USB device to provide easy installation, high portability, and plug-and-play operation.
2) The complete honeypot system runs as a live USB system, meaning the operating system runs entirely in memory rather than installing to the hard disk. This allows the system to be restored to its original state by rebooting.
3) It aims to reduce the difficulties in configuring and maintaining high interaction honeypots by making the system easy to deploy and restore. The portable design also helps boost security awareness for users.
An Efficient Classification Mechanism For Network Intrusion Detection System Based on Data Mining
Techniques:A Survey..........................................................................................................................1
Subaira A. S. and Anitha P.
Automated Biometric Verification: A Survey on Multimodal Biometrics ..............................................1
Rupali L. Telgad, Almas M. N. Siddiqui and Dr. Prapti D. Deshmukh
Design and Implementation of Intelligence Car Parking Systems ........................................................1
Ogunlere Samson, Maitanmi Olusola and Gregory Onwodi
Intrusion Detection Techniques for Mobile Ad Hoc and Wireless Sensor Networks..............................1
Rakesh Sharma, V. A. Athavale and Pinki Sharma
Performance Evaluation of Sentiment Mining Classifiers on Balanced and Imbalanced Dataset ...........1
G.Vinodhini and R M. Chandrasekaran
Demosaicing and Super-resolution for Color Filter Array via Residual Image Reconstruction and Sparse
Representation..................................................................................................................................1
Jie Yin, Guangling Sun and Xiaofei Zhou
Determining Weight of Known Evaluation Criteria in the Field of Mehr Housing using ANP Approach ..1
Saeed Safari, Mohammad Shojaee, Mohammad Tavakolian and Majid Assarian
Application of the Collaboration Facets of the Reference Model in Design Science Paradigm ...............1
Lukasz Ostrowski and Markus Helfert
Personalizing Education News Articles Using Interest Term and Category Based Recommender
Approaches .......................................................................................................................................1
Network security using data mining conceptsJaideep Ghosh
Network Security is a major part of a network that needs to be maintained because information is being passed between computers etc. and is very vulnerable to attack.
Data Mining is the process of extraction of required/specific information from data in database.
Data mining is integrated with network security and can be used with various security tools as well as hacking tool.
A Study on Data Mining Based Intrusion Detection SystemAM Publications
In recent years security has remained unsecured for computers as well as data network systems. Intrusion detecting
system used to safeguard the data confidentiality, integrity and system availability from various types of attacks. Data mining
techniques that can be applied to intrusion detection system to detect normal and abnormal behavior patterns. This paper studies
nature of network attacks and the current trends of data mining based intrusion detection techniques
Optimised malware detection in digital forensicsIJNSA Journal
On the Internet, malware is one of the most serious threats to system security. Most complex issues and
problems on any systems are caused by malware and spam. Networks and systems can be accessed and
compromised by malware known as botnets, which compromise other systems through a coordinated
attack. Such malware uses anti-forensic techniques to avoid detection and investigation. To prevent systems
from the malicious activity of this malware, a new framework is required that aims to develop an optimised
technique for malware detection. Hence, this paper demonstrates new approaches to perform malware
analysis in forensic investigations and discusses how such a framework may be developed.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
“AI techniques in cyber-security applications”. Flammini lnu susec19Francesco Flammini
The document discusses using artificial intelligence techniques like Bayesian networks and event trees for cybersecurity applications. It describes how these techniques can help address issues with security operations centers being overwhelmed by too much information from various sensors and systems. Bayesian networks and event trees can help fuse data from different sources to detect threats more effectively. The document provides examples of how Bayesian networks can be built using historical threat data and customized for specific organizations. It also discusses how these models can be updated dynamically based on real-time data from systems.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
An Intrusion Detection based on Data mining technique and its intended import...Editor IJMTER
Intrusion detection is a pivotal and essential requirement of today’s era. There are two
major side of Intrusion detection namely, Host based intrusion detection as well as network based
intrusion detection. In Host based intrusion detection system, it monitors the information arrive at the
particular machine or node. While in network based intrusion system, it monitor and analyze whole
traffic of network. Data mining introduce latest technology and methods to handle and categorize
types of attacks using different classification algorithm and matching the patterns of malicious
behavior. Due to the use of this data mining technology, developers extract and analyze the types of
attack in the network.
In addition to this there are two major approach of intrusion detection. First, anomaly based approach,
in which attacks are found with high false alarm rate. However, in signature based approach, false
alarm rate is low with lack of processing of novel attacks. Most of the researchers do their research
based on signature intrusion with the purpose to increase detection rate. Major advantage of this
system, IDS does not require biased assessment and able to identify massive pattern of attacks.
Moreover, capacity to handle large connection records of network. In this paper we try to discover
the features of intrusion detection based on data mining technique.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
This document proposes a hybrid architecture for a distributed intrusion detection system using multiple agents. The key aspects of the architecture include:
- Using multiple independent tracker agents that monitor hosts and generate reports sent to monitors and storage.
- Monitors analyze activity and compare to signatures to detect known attacks, or send data to anomaly detectors.
- Anomaly and misuse detectors use classification and pattern matching to detect known and unknown attacks.
- An inference module coordinates entities across hosts to classify new attacks using a knowledge base and signature generator.
- A countermeasure module alerts administrators and can take actions like dropping packets in response to detected attacks.
Intrusion detection systems aim to detect unauthorized access to computer systems and networks. There are three main types: anomaly-based detection identifies deviations from normal behavior profiles; signature-based detection looks for known threat patterns; and hybrid detection combines the two approaches. Intrusion detection systems are also classified based on their monitoring scope, including network-based systems that monitor network traffic and host-based systems that monitor logs and activities on individual computers. Recent research focuses on developing more effective hybrid systems and methods that can detect both known and unknown threats.
Abstract: The exponential growth of the internet and new technology lead today's world in a hectic situation both positive as well as the negative module. Cybercriminals gamble in the dark net using numerous techniques. This leads to cybercrime. Cyber threats like Malware attempt to infiltrate the computer or mobile device offline or internet, chat(online), and anyone can be a potential target. Malware is also known as malicious software is often used by cybercriminals to achieve their goal by tracking internet activity, capturing sensitive information, or blocking computer access. Reverse engineering is one of the best ways to prevent and is a powerful tool to keep the fight against cyber attacks. Most people in the cyber world see it as a black hat—It is said as being used to steal data and intellectual property. But when it is in the hands of cybersecurity experts, reverse engineering dons the white hat of the hero. Looking at the program from the outside in –often by a third party that had no hand in writing the code. It allows those who practice it to understand how a given program or system works when no source code is available. Reverse engineering accomplishing several tasks related to cybersecurity: finding system vulnerabilities, researching malware &analyzing the complexity of restoring core software algorithms that can further protect against theft. It is hard to hack certain software.
Keywords: Malware, threat, vulnerablity, detection, reverse engineering, analysis.
Title: Malware analysis and detection using reverse Engineering
Author: B.Rashmitha, J. Alwina Beauty Angelin, E.R. Ramesh
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Vol. 10, Issue 2, Month: April 2022 - June 2022
Page: (1-4)
Published Date: 01-April-2022
Research Publish Journals
Available at: www.researchpublish.com
You can Direct download full research paper at given below link:
https://www.researchpublish.com/papers/malware-analysis-and-detection-using-reverse-engineering
Academia Link: https://www.academia.edu/76069664/Malware_analysis_and_detection_using_reverse_Engineering_Available_at_www_researchpublish_com_journal_name_International_Journal_of_Computer_Science_and_Information_Technology_Research
Malware is a worldwide pandemic. It is designed to damage computer systems without
the knowledge of the owner using the system. Software‟s from reputable vendors also contain
malicious code that affects the system or leaks information‟s to remote servers. Malware‟s includes
computer viruses, spyware, dishonest ad-ware, rootkits, Trojans, dialers etc. Malware detectors are
the primary tools in defense against malware. The quality of such a detector is determined by the
techniques it uses. It is therefore imperative that we study malware detection techniques and
understand their strengths and limitations. This survey examines different types of Malware and
malware detection methods.
The document describes a proposed integrated honeypot system that aims to detect zero-day attacks, SSH attacks, and keylogger-spyware attacks. The system uses honeypots deployed in virtual machines to log attack behaviors. A separate detection framework then analyzes the honeypot logs to generate new signatures for intrusion detection and prevention systems like Snort. The integrated honeypot includes features for logging details of the targeted attacks. The system is meant to help update defenses against new attack patterns.
Adware is a software that may be installed on the client machine for displaying advertisements for the
user of that machine with or without consideration of user. Adware can cause unrecoverable threat to the security
and privacy of computer users as there is an increase in number of malicious adware’s. The paper presents an
adware detection approach based on the application of data mining on disassembled code. This is an approach for
an accurate adware detection algorithm with adware data set and machine learning techniques. In this paper, we
disassemble binary files, generate instruction sequences and past his data through different data mining as well as
machine learning algorithms for feature extraction and feature reduction for detection of malicious adware.Then
system accurately detect both novel and known adware instances even though the binary difference between
adware and legitimate software is usually small.
Keywords — Data Mining; Adware Detection; Binary Classification; Static Analysis; Disassembly;
Instruction Sequences
A Comprehensive Review On Intrusion Detection System And TechniquesKelly Taylor
This document discusses machine learning techniques for intrusion detection systems (IDS). It provides an overview of the research progress using machine learning to improve intrusion detection in networks. Machine learning and data mining techniques have been widely used to automatically detect network traffic anomalies. The goal is to summarize and compare research contributions of IDS using machine learning, define existing challenges, and discuss anticipated solutions. Commonly used machine learning techniques for IDS are reviewed along with some existing machine learning-based IDS proposed by researchers.
Optimised Malware Detection in Digital Forensics IJNSA Journal
This summarizes a research paper that proposes developing a new framework to optimize malware detection in digital forensics investigations. The paper discusses challenges with existing detection methods, such as signature-based approaches requiring extensive manual analysis. Through a market research survey of forensics professionals, the paper finds weaknesses in current skills, tools, and accuracy rates. Most respondents agreed a new customized detection tool is needed that employs both dynamic and static analysis methods. The proposed framework aims to address these issues to more effectively detect and analyze malware.
Basic survey on malware analysis, tools and techniquesijcsa
The term malware stands for malicious software. It is a program installed on a system without the
knowledge of owner of the system. It is basically installed by the third party with the intention to steal some
private data from the system or simply just to play pranks. This in turn threatens the computer’s security,
wherein computer are used by one’s in day-to-day life as to deal with various necessities like education,
communication, hospitals, banking, entertainment etc. Different traditional techniques are used to detect
and defend these malwares like Antivirus Scanner (AVS), firewalls, etc. But today malware writers are one
step forward towards then Malware detectors. Day-by-day they write new malwares, which become a great
challenge for malware detectors. This paper focuses on basis study of malwares and various detection
techniques which can be used to detect malwares.
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSIJNSA Journal
This document summarizes a survey paper on malware detection and analysis tools. It provides an overview of different types of malware like viruses, worms, Trojans, rootkits, spyware and keyloggers. It describes techniques for malware analysis, including static analysis which examines code without execution, and dynamic analysis which analyzes behavior during execution. It also lists some limitations of static analysis and the need for dynamic analysis. Finally, it discusses various tools available for malware detection, analysis, reverse engineering and debugging.
Intrusion Detection System - False Positive Alert Reduction TechniqueIDES Editor
Intrusion Detection System (IDS) is the most
powerful system that can handle the intrusions of the computer
environments by triggering alerts to make the analysts take
actions to stop this intrusion, but the IDS is triggering alerts
for any suspicious activity which means thousand alerts that
the analysts should take care of it. IDS generate a large
number of alerts and most of them are false positive as the
behavior construe for partial attack pattern or lack of
environment knowledge. These Alerts has different severities
and most of them don’t require big attention because of the
huge number of the false alerts among them. Monitoring and
identifying risky alerts is a major concern to security
administrator. Deleting the false alerts or reducing the
amount of the alerts (false alerts or real alerts) from the
entire amount alerts lead the researchers to design an
operational model for minimization of false positive alarms,
including recurring alarms by security administrator. In this
paper we are proposing a method, which can reduce such kind
of false positive alarms.
This document proposes a new approach to designing and developing a portable high interaction honeypot system. The key aspects are:
1) It implements the honeypot system on a USB device to provide easy installation, high portability, and plug-and-play operation.
2) The complete honeypot system runs as a live USB system, meaning the operating system runs entirely in memory rather than installing to the hard disk. This allows the system to be restored to its original state by rebooting.
3) It aims to reduce the difficulties in configuring and maintaining high interaction honeypots by making the system easy to deploy and restore. The portable design also helps boost security awareness for users.
An Efficient Classification Mechanism For Network Intrusion Detection System Based on Data Mining
Techniques:A Survey..........................................................................................................................1
Subaira A. S. and Anitha P.
Automated Biometric Verification: A Survey on Multimodal Biometrics ..............................................1
Rupali L. Telgad, Almas M. N. Siddiqui and Dr. Prapti D. Deshmukh
Design and Implementation of Intelligence Car Parking Systems ........................................................1
Ogunlere Samson, Maitanmi Olusola and Gregory Onwodi
Intrusion Detection Techniques for Mobile Ad Hoc and Wireless Sensor Networks..............................1
Rakesh Sharma, V. A. Athavale and Pinki Sharma
Performance Evaluation of Sentiment Mining Classifiers on Balanced and Imbalanced Dataset ...........1
G.Vinodhini and R M. Chandrasekaran
Demosaicing and Super-resolution for Color Filter Array via Residual Image Reconstruction and Sparse
Representation..................................................................................................................................1
Jie Yin, Guangling Sun and Xiaofei Zhou
Determining Weight of Known Evaluation Criteria in the Field of Mehr Housing using ANP Approach ..1
Saeed Safari, Mohammad Shojaee, Mohammad Tavakolian and Majid Assarian
Application of the Collaboration Facets of the Reference Model in Design Science Paradigm ...............1
Lukasz Ostrowski and Markus Helfert
Personalizing Education News Articles Using Interest Term and Category Based Recommender
Approaches .......................................................................................................................................1
Network security using data mining conceptsJaideep Ghosh
Network Security is a major part of a network that needs to be maintained because information is being passed between computers etc. and is very vulnerable to attack.
Data Mining is the process of extraction of required/specific information from data in database.
Data mining is integrated with network security and can be used with various security tools as well as hacking tool.
A Study on Data Mining Based Intrusion Detection SystemAM Publications
In recent years security has remained unsecured for computers as well as data network systems. Intrusion detecting
system used to safeguard the data confidentiality, integrity and system availability from various types of attacks. Data mining
techniques that can be applied to intrusion detection system to detect normal and abnormal behavior patterns. This paper studies
nature of network attacks and the current trends of data mining based intrusion detection techniques
Optimised malware detection in digital forensicsIJNSA Journal
On the Internet, malware is one of the most serious threats to system security. Most complex issues and
problems on any systems are caused by malware and spam. Networks and systems can be accessed and
compromised by malware known as botnets, which compromise other systems through a coordinated
attack. Such malware uses anti-forensic techniques to avoid detection and investigation. To prevent systems
from the malicious activity of this malware, a new framework is required that aims to develop an optimised
technique for malware detection. Hence, this paper demonstrates new approaches to perform malware
analysis in forensic investigations and discusses how such a framework may be developed.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
“AI techniques in cyber-security applications”. Flammini lnu susec19Francesco Flammini
The document discusses using artificial intelligence techniques like Bayesian networks and event trees for cybersecurity applications. It describes how these techniques can help address issues with security operations centers being overwhelmed by too much information from various sensors and systems. Bayesian networks and event trees can help fuse data from different sources to detect threats more effectively. The document provides examples of how Bayesian networks can be built using historical threat data and customized for specific organizations. It also discusses how these models can be updated dynamically based on real-time data from systems.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
An Intrusion Detection based on Data mining technique and its intended import...Editor IJMTER
Intrusion detection is a pivotal and essential requirement of today’s era. There are two
major side of Intrusion detection namely, Host based intrusion detection as well as network based
intrusion detection. In Host based intrusion detection system, it monitors the information arrive at the
particular machine or node. While in network based intrusion system, it monitor and analyze whole
traffic of network. Data mining introduce latest technology and methods to handle and categorize
types of attacks using different classification algorithm and matching the patterns of malicious
behavior. Due to the use of this data mining technology, developers extract and analyze the types of
attack in the network.
In addition to this there are two major approach of intrusion detection. First, anomaly based approach,
in which attacks are found with high false alarm rate. However, in signature based approach, false
alarm rate is low with lack of processing of novel attacks. Most of the researchers do their research
based on signature intrusion with the purpose to increase detection rate. Major advantage of this
system, IDS does not require biased assessment and able to identify massive pattern of attacks.
Moreover, capacity to handle large connection records of network. In this paper we try to discover
the features of intrusion detection based on data mining technique.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
This document proposes a hybrid architecture for a distributed intrusion detection system using multiple agents. The key aspects of the architecture include:
- Using multiple independent tracker agents that monitor hosts and generate reports sent to monitors and storage.
- Monitors analyze activity and compare to signatures to detect known attacks, or send data to anomaly detectors.
- Anomaly and misuse detectors use classification and pattern matching to detect known and unknown attacks.
- An inference module coordinates entities across hosts to classify new attacks using a knowledge base and signature generator.
- A countermeasure module alerts administrators and can take actions like dropping packets in response to detected attacks.
Intrusion detection systems aim to detect unauthorized access to computer systems and networks. There are three main types: anomaly-based detection identifies deviations from normal behavior profiles; signature-based detection looks for known threat patterns; and hybrid detection combines the two approaches. Intrusion detection systems are also classified based on their monitoring scope, including network-based systems that monitor network traffic and host-based systems that monitor logs and activities on individual computers. Recent research focuses on developing more effective hybrid systems and methods that can detect both known and unknown threats.
Abstract: The exponential growth of the internet and new technology lead today's world in a hectic situation both positive as well as the negative module. Cybercriminals gamble in the dark net using numerous techniques. This leads to cybercrime. Cyber threats like Malware attempt to infiltrate the computer or mobile device offline or internet, chat(online), and anyone can be a potential target. Malware is also known as malicious software is often used by cybercriminals to achieve their goal by tracking internet activity, capturing sensitive information, or blocking computer access. Reverse engineering is one of the best ways to prevent and is a powerful tool to keep the fight against cyber attacks. Most people in the cyber world see it as a black hat—It is said as being used to steal data and intellectual property. But when it is in the hands of cybersecurity experts, reverse engineering dons the white hat of the hero. Looking at the program from the outside in –often by a third party that had no hand in writing the code. It allows those who practice it to understand how a given program or system works when no source code is available. Reverse engineering accomplishing several tasks related to cybersecurity: finding system vulnerabilities, researching malware &analyzing the complexity of restoring core software algorithms that can further protect against theft. It is hard to hack certain software.
Keywords: Malware, threat, vulnerablity, detection, reverse engineering, analysis.
Title: Malware analysis and detection using reverse Engineering
Author: B.Rashmitha, J. Alwina Beauty Angelin, E.R. Ramesh
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Vol. 10, Issue 2, Month: April 2022 - June 2022
Page: (1-4)
Published Date: 01-April-2022
Research Publish Journals
Available at: www.researchpublish.com
You can Direct download full research paper at given below link:
https://www.researchpublish.com/papers/malware-analysis-and-detection-using-reverse-engineering
Academia Link: https://www.academia.edu/76069664/Malware_analysis_and_detection_using_reverse_Engineering_Available_at_www_researchpublish_com_journal_name_International_Journal_of_Computer_Science_and_Information_Technology_Research
Malware is a worldwide pandemic. It is designed to damage computer systems without
the knowledge of the owner using the system. Software‟s from reputable vendors also contain
malicious code that affects the system or leaks information‟s to remote servers. Malware‟s includes
computer viruses, spyware, dishonest ad-ware, rootkits, Trojans, dialers etc. Malware detectors are
the primary tools in defense against malware. The quality of such a detector is determined by the
techniques it uses. It is therefore imperative that we study malware detection techniques and
understand their strengths and limitations. This survey examines different types of Malware and
malware detection methods.
The document describes a proposed integrated honeypot system that aims to detect zero-day attacks, SSH attacks, and keylogger-spyware attacks. The system uses honeypots deployed in virtual machines to log attack behaviors. A separate detection framework then analyzes the honeypot logs to generate new signatures for intrusion detection and prevention systems like Snort. The integrated honeypot includes features for logging details of the targeted attacks. The system is meant to help update defenses against new attack patterns.
Adware is a software that may be installed on the client machine for displaying advertisements for the
user of that machine with or without consideration of user. Adware can cause unrecoverable threat to the security
and privacy of computer users as there is an increase in number of malicious adware’s. The paper presents an
adware detection approach based on the application of data mining on disassembled code. This is an approach for
an accurate adware detection algorithm with adware data set and machine learning techniques. In this paper, we
disassemble binary files, generate instruction sequences and past his data through different data mining as well as
machine learning algorithms for feature extraction and feature reduction for detection of malicious adware.Then
system accurately detect both novel and known adware instances even though the binary difference between
adware and legitimate software is usually small.
Keywords — Data Mining; Adware Detection; Binary Classification; Static Analysis; Disassembly;
Instruction Sequences
A Comprehensive Review On Intrusion Detection System And TechniquesKelly Taylor
This document discusses machine learning techniques for intrusion detection systems (IDS). It provides an overview of the research progress using machine learning to improve intrusion detection in networks. Machine learning and data mining techniques have been widely used to automatically detect network traffic anomalies. The goal is to summarize and compare research contributions of IDS using machine learning, define existing challenges, and discuss anticipated solutions. Commonly used machine learning techniques for IDS are reviewed along with some existing machine learning-based IDS proposed by researchers.
Optimised Malware Detection in Digital Forensics IJNSA Journal
This summarizes a research paper that proposes developing a new framework to optimize malware detection in digital forensics investigations. The paper discusses challenges with existing detection methods, such as signature-based approaches requiring extensive manual analysis. Through a market research survey of forensics professionals, the paper finds weaknesses in current skills, tools, and accuracy rates. Most respondents agreed a new customized detection tool is needed that employs both dynamic and static analysis methods. The proposed framework aims to address these issues to more effectively detect and analyze malware.
A STATIC MALWARE DETECTION SYSTEM USING DATA MINING METHODSijaia
This document presents a static malware detection system using data mining techniques. The system extracts raw features from Windows Portable Executable (PE) files including PE header information, DLLs, and API functions. It then selects important features using Information Gain and reduces dimensions using Principal Component Analysis. Three classifiers (SVM, J48, Naive Bayes) are trained on the transformed feature vectors to classify files as malicious or benign. When evaluated on a dataset of over 247,000 files, the system achieved a detection rate of 99.6%.
Self Evolving Antivirus Based on Neuro-Fuzzy Inference SystemIJRES Journal
With today’s world filled with information and data, it is very important for one to know which information or data is harmless and which is harmful. Right from cellular phones to big MNCs and Server companies require a security system that is as competent and adaptive as its ever-updating and evolving viruses or malware. The paper talks about the development and implementation of a new idea Adaptive anti-virus based on Anfis logic. An adaptive anti-virus system that will catch up to the speed at which the viruses update and evolve.
Malware Detection Approaches using Data Mining Techniques.pptxAlamgir Hossain
The document discusses malware detection approaches using data mining techniques. It describes signature-based and behavior-based approaches. Signature-based detection identifies malware by matching signatures in a predefined database, but struggles with polymorphic malware. Behavior-based detection analyzes malware behaviors through dynamic analysis, allowing detection of novel malware but having higher computational costs. Both approaches have advantages and limitations for malware detection.
A trust system based on multi level virus detectionUltraUploader
This document summarizes a research paper that proposes a new multi-level virus detection system (MDS). The MDS uses three levels of protection: 1) A smart memory monitor that detects virus behavior in real-time, 2) A file checker that analyzes batch files for virus-like code, and 3) An integrity checker that stores file signatures to detect modifications where viruses typically infect. The system was tested and able to detect virus activity through monitoring, file analysis, and integrity checking at different levels simultaneously. The paper concludes the MDS approach provides improved virus detection over single-method systems.
Autonomic Anomaly Detection System in Computer Networksijsrd.com
This paper describes how you can protect your system from Intrusion, which is the method of Intrusion Prevention and Intrusion Detection .The underlying premise of our Intrusion detection system is to describe attack as instance of ontology and its first need is to detect attack. In this paper, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-governing: self-labeling, self-updating and self-adapting. Our structure employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies.
Detection and prevention of keylogger spyware attacksIAEME Publication
This document summarizes a proposed method for detecting and preventing keylogger spyware attacks. Keylogger spyware poses a serious threat by recording keyboard keystrokes to steal sensitive information like passwords and account numbers. The proposed method uses a detection and prevention system to identify keyloggers and remove them from infected systems. It aims to protect systems from this type of malware in a network. The document provides an overview of different types of malware like adware, spyware, and keyloggers, and describes how keylogger spyware works by logging keystrokes and transmitting the stolen data to malicious users.
MACHINE LEARNING APPLICATIONS IN MALWARE CLASSIFICATION: A METAANALYSIS LITER...IJCI JOURNAL
With a text mining and bibliometrics approach, this study reviews the literature on the evolution
of malware classification using machine learning. This work takes literature from 2008 to 2022
on the subject of using machine learning for malware classification to understand the impact of
this technology on malware classification. Throughout this study, we seek to answer three main
research questions: RQ1: Is the application of machine learning for malware classification
growing? RQ2: What is the most common machine-learning application for malware
classification? RQ3: What are the outcomes of the most common machine learning
applications? The analysis of 2186 articles resulting from a data collection process from peerreviewed databases shows the trajectory of the application of this technology on malware
classification as well as trends in both the machine learning and malware classification fields of
study. This study performs quantitative and qualitative analysis using statistical and N-gram
analysis techniques and a formal literature review to answer the proposed research questions.
The research reveals methods such as support vector machines and random forests to be
standard machine learning methods for malware classification in efforts to detect maliciousness
or categorize malware by family. Machine learning is a highly researched technology with
many applications, from malware classification and beyond.
This document describes a proposed soft-computing system for identifying computer viruses using genetic algorithms, fuzzy logic, and neural networks. It discusses computer viruses and their types/characteristics. Seven key parameters for virus identification are identified: decline in system speed, numerous errors, persistent logoffs, disabled security software, abnormal internet behavior, obvious desktop changes, and continuous hard drive noise. The system would use fuzzy logic to set boundaries for the vague virus identification parameters. Genetic algorithms would optimize the fuzzy sets. Neural networks would provide self-learning abilities. Together this soft-computing approach aims to precisely and optimally recognize computer viruses.
This document discusses different machine learning techniques for malware detection. It introduces malware and its types, then describes using neural networks and naive bayes for detection. The methodology section explains signature-based, behavioral-based, and heuristic-based detection approaches. Advantages of machine learning for malware detection are robustness and ability to detect unknown malware. Applications include data mining and malware recognition. The conclusion states that neural networks provide more accurate malware detection compared to other approaches.
Vulnerability Prevention Using Ethical Hacking.pdfMithunJV
Hello Everyone,
I am MITHUN.J.V currently pursuing my graduate at BSC in the field of INFORMATION TECHNOLOGY at DR.SNS RAJALAKSHMI COLLEGE OF ARTS AND SCIENCE and this is my reseach paper based on ethical hacking,advantages and disadvantages OF HACKING,types of hacking etc...
1Running Head COMPUTER WORMS MALWARE IN CYBER SECURITY14COM.docxdrennanmicah
1
Running Head: COMPUTER WORMS MALWARE IN CYBER SECURITY
14
COMPUTER WORMS MALWARE IN CYBER SECURITY
COMPUTER WORMS MALWARE IN CYBER SECURITY
Praveen Ranghavajhala
201696
Abstract
Generally, there are numerous current research which deals with diverse types of computer worms in both the computing as well as the technological world. This respective report will therefore analyze the current research done on the computer works. In addition, it will reflect on the various malware attacks which may be a subsequent of any given cyber security breach (Sari, 2018). The research conducted will essentially have an integral objective of locating the characteristics of the various computer worms as well as diverse types of computer malware that generally affects the functioning of the computing field.
This prospective research conducted will additionally facilitate the impact of such malware attacks on the computers as well as the networking systems. To effectively analyze these phenomena, the research utilized secondary data collection mechanism in its various navigated data acquisition (Sari, 2018). The research significantly employed the use of exploratory approach as well as the deductive research design which was majorly utilized by the respective researchers who conducted this prospective research. It will conclusively prescribe various methods to hibernate and reduce such malware and worms attack on the computers. This will exclusively minimize the rampant effects of malware attacks on computers hence improving the computer functioning.
Introduction
Cyber security can be described as an inclusion of various tactics that are meant to protect computers, networks, program as well as data from any illicit access or breach hence resulting to malware attacks. Such attacks can be elaborated as an aim for the corruption. Cyber security in addition can be termed to be a protective measure towards the consumption ability, veracity as well as the respective security of the network. There are various parameters that can be put in place to protective massive threats from assessing their intended targets. Such parameters include using the anti-virus as well as anti-spyware. In addition, other measures can be taken such as mounting firewalls to repel or resist any unauthorized admission to the computer system. Other preventive actions that can be essentially utilized include intrusion prevention systems. These intrusion prevention systems generally identify quick affecting risks such as zero-hour attacks hence lessening occurrences of such attacks.
Generally, the protection of personal as well as professional data from cyber threats is basically an urgent necessity in the world today. This is where the cyber security interrupts in for the rescue of such protection of personal information as wel.
System call frequency analysis-based generative adversarial network model for...IJECEIAES
In today's digital age, mobile applications have become essential in connecting people from diverse domains. They play a crucial role in enabling communication, facilitating business transactions, and providing access to a range of services. Mobile communication is widespread due to its portability and ease of use, with an increasing number of mobile devices projected to reach 18.22 billion by the end of 2025. However, this convenience comes at a cost, as cybercriminals are constantly looking for ways to exploit security vulnerabilities in mobile applications. Among the several varieties of malicious applications, zero-day malware is particularly dangerous since it cannot be removed by antivirus software. To detect zeroday Android malware, this paper introduces a novel approach based on generative adversarial networks (GANs), which generates new frequencies of feature vectors from system calls. In the proposed approach, the generator is fed with a mixture of real samples and noise, and then trained to create new samples, while the discriminator model aims to classify these samples as either real or fake. We assess the performance of our model through different measures, including loss functions, the Frechet Inception distance, and the inception score evaluation metrics.
Detecting Unknown Attacks Using Big Data AnalysisEditor IJMTER
Nowadays threat of previously unknown cyber-attacks are increasing because existing security
systems are not able to detect them. Previously, leaking personal information by attacking the PC or
destroying the system was very common cyber attacks . But the goal of recent hacking attacks has changed
from leaking information and destruction of services to attacking large-scale systems such as critical
infrastructures and state agencies. In the other words, existing defence technologies to counter these attacks
are based on pattern matching methods which are very limited. Because of this fact, in the event of new and
previously unknown attacks, detection rate becomes very low and false negative increases. To defend
against these unknown attacks, which cannot be detected with existing technology, a new model based on
big data analysis techniques that can extract information from a variety of sources to detect future attacks is
proposed. The expectation with this model is future Advanced Persistent Threat (APT) detection and
prevention.
This document provides a technical review of secure banking using RSA and AES encryption methodologies. It discusses how RSA and AES are commonly used encryption standards for secure data transmission between ATMs and bank servers. The document first provides background on ATM security measures and risks of attacks. It then reviews related work analyzing encryption techniques. The document proposes using a one-time password in addition to a PIN for ATM authentication. It concludes that implementing encryption standards like RSA and AES can make transactions more secure and build trust in online banking.
This document analyzes the performance of various modulation schemes for achieving energy efficient communication over fading channels in wireless sensor networks. It finds that for long transmission distances, low-order modulations like BPSK are optimal due to their lower SNR requirements. However, as transmission distance decreases, higher-order modulations like 16-QAM and 64-QAM become more optimal since they can transmit more bits per symbol, outweighing their higher SNR needs. Simulations show lifetime extensions up to 550% are possible in short-range networks by using higher-order modulations instead of just BPSK. The optimal modulation depends on transmission distance and balancing the energy used by electronic components versus power amplifiers.
This document provides a review of mobility management techniques in vehicular ad hoc networks (VANETs). It discusses three modes of communication in VANETs: vehicle-to-infrastructure (V2I), vehicle-to-vehicle (V2V), and hybrid vehicle (HV) communication. For each communication mode, different mobility management schemes are required due to their unique characteristics. The document also discusses mobility management challenges in VANETs and outlines some open research issues in improving mobility management for seamless communication in these dynamic networks.
This document provides a review of different techniques for segmenting brain MRI images to detect tumors. It compares the K-means and Fuzzy C-means clustering algorithms. K-means is an exclusive clustering algorithm that groups data points into distinct clusters, while Fuzzy C-means is an overlapping clustering algorithm that allows data points to belong to multiple clusters. The document finds that Fuzzy C-means requires more time for brain tumor detection compared to other methods like hierarchical clustering or K-means. It also reviews related work applying these clustering algorithms to segment brain MRI images.
1) The document simulates and compares the performance of AODV and DSDV routing protocols in a mobile ad hoc network under three conditions: when users are fixed, when users move towards the base station, and when users move away from the base station.
2) The results show that both protocols have higher packet delivery and lower packet loss when users are either fixed or moving towards the base station, since signal strength is better in those scenarios. Performance degrades when users move away from the base station due to weaker signals.
3) AODV generally has better performance than DSDV, with higher throughput and packet delivery rates observed across the different user mobility conditions.
This document describes the design and implementation of 4-bit QPSK and 256-bit QAM modulation techniques using MATLAB. It compares the two techniques based on SNR, BER, and efficiency. The key steps of implementing each technique in MATLAB are outlined, including generating random bits, modulation, adding noise, and measuring BER. Simulation results show scatter plots and eye diagrams of the modulated signals. A table compares the results, showing that 256-bit QAM provides better performance than 4-bit QPSK. The document concludes that QAM modulation is more effective for digital transmission systems.
The document proposes a hybrid technique using Anisotropic Scale Invariant Feature Transform (A-SIFT) and Robust Ensemble Support Vector Machine (RESVM) to accurately identify faces in images. A-SIFT improves upon traditional SIFT by applying anisotropic scaling to extract richer directional keypoints. Keypoints are processed with RESVM and hypothesis testing to increase accuracy above 95% by repeatedly reprocessing images until the threshold is met. The technique was tested on similar and different facial images and achieved better results than SIFT in retrieval time and reduced keypoints.
This document studies the effects of dielectric superstrate thickness on microstrip patch antenna parameters. Three types of probes-fed patch antennas (rectangular, circular, and square) were designed to operate at 2.4 GHz using Arlondiclad 880 substrate. The antennas were tested with and without an Arlondiclad 880 superstrate of varying thicknesses. It was found that adding a superstrate slightly degraded performance by lowering the resonant frequency and increasing return loss and VSWR, while decreasing bandwidth and gain. Specifically, increasing the superstrate thickness or dielectric constant resulted in greater changes to the antenna parameters.
This document describes a wireless environment monitoring system that utilizes soil energy as a sustainable power source for wireless sensors. The system uses a microbial fuel cell to generate electricity from the microbial activity in soil. Two microbial fuel cells were created using different soil types and various additives to produce different current and voltage outputs. An electronic circuit was designed on a printed circuit board with components like a microcontroller and ZigBee transceiver. Sensors for temperature and humidity were connected to the circuit to monitor the environment wirelessly. The system provides a low-cost way to power remote sensors without needing battery replacement and avoids the high costs of wiring a power source.
1) The document proposes a model for a frequency tunable inverted-F antenna that uses ferrite material.
2) The resonant frequency of the antenna can be significantly shifted from 2.41GHz to 3.15GHz, a 31% shift, by increasing the static magnetic field placed on the ferrite material.
3) Altering the permeability of the ferrite allows tuning of the antenna's resonant frequency without changing the physical dimensions, providing flexibility to operate over a wide frequency range.
This document summarizes a research paper that presents a speech enhancement method using stationary wavelet transform. The method first classifies speech into voiced, unvoiced, and silence regions based on short-time energy. It then applies different thresholding techniques to the wavelet coefficients of each region - modified hard thresholding for voiced speech, semi-soft thresholding for unvoiced speech, and setting coefficients to zero for silence. Experimental results using speech from the TIMIT database corrupted with white Gaussian noise at various SNR levels show improved performance over other popular denoising methods.
This document reviews the design of an energy-optimized wireless sensor node that encrypts data for transmission. It discusses how sensing schemes that group nodes into clusters and transmit aggregated data can reduce energy consumption compared to individual node transmissions. The proposed node design calculates the minimum transmission power needed based on received signal strength and uses a periodic sleep/wake cycle to optimize energy when not sensing or transmitting. It aims to encrypt data at both the node and network level to further optimize energy usage for wireless communication.
This document discusses group consumption modes. It analyzes factors that impact group consumption, including external environmental factors like technological developments enabling new forms of online and offline interactions, as well as internal motivational factors at both the group and individual level. The document then proposes that group consumption modes can be divided into four types based on two dimensions: vertical (group relationship intensity) and horizontal (consumption action period). These four types are instrument-oriented, information-oriented, enjoyment-oriented, and relationship-oriented consumption modes. Finally, the document notes that consumption modes are dynamic and can evolve over time.
The document summarizes a study of different microstrip patch antenna configurations with slotted ground planes. Three antenna designs were proposed and their performance evaluated through simulation: a conventional square patch, an elliptical patch, and a star-shaped patch. All antennas were mounted on an FR4 substrate. The effects of adding different slot patterns to the ground plane on resonance frequency, bandwidth, gain and efficiency were analyzed parametrically. Key findings were that reshaping the patch and adding slots increased bandwidth and shifted resonance frequency. The elliptical and star patches in particular performed better than the conventional design. Three antenna configurations were selected for fabrication and measurement based on the simulations: a conventional patch with a slot under the patch, an elliptical patch with slots
1) The document describes a study conducted to improve call drop rates in a GSM network through RF optimization.
2) Drive testing was performed before and after optimization using TEMS software to record network parameters like RxLevel, RxQuality, and events.
3) Analysis found call drops were occurring due to issues like handover failures between sectors, interference from adjacent channels, and overshooting due to antenna tilt.
4) Corrective actions taken included defining neighbors between sectors, adjusting frequencies to reduce interference, and lowering the mechanical tilt of an antenna.
5) Post-optimization drive testing showed improvements in RxLevel, RxQuality, and a reduction in dropped calls.
This document describes the design of an intelligent autonomous wheeled robot that uses RF transmission for communication. The robot has two modes - automatic mode where it can make its own decisions, and user control mode where a user can control it remotely. It is designed using a microcontroller and can perform tasks like object recognition using computer vision and color detection in MATLAB, as well as wall painting using pneumatic systems. The robot's movement is controlled by DC motors and it uses sensors like ultrasonic sensors and gas sensors to navigate autonomously. RF transmission allows communication between the robot and a remote control unit. The overall aim is to develop a low-cost robotic system for industrial applications like material handling.
This document reviews cryptography techniques to secure the Ad-hoc On-Demand Distance Vector (AODV) routing protocol in mobile ad-hoc networks. It discusses various types of attacks on AODV like impersonation, denial of service, eavesdropping, black hole attacks, wormhole attacks, and Sybil attacks. It then proposes using the RC6 cryptography algorithm to secure AODV by encrypting data packets and detecting and removing malicious nodes launching black hole attacks. Simulation results show that after applying RC6, the packet delivery ratio and throughput of AODV increase while delay decreases, improving the security and performance of the network under attack.
The document describes a proposed modification to the conventional Booth multiplier that aims to increase its speed by applying concepts from Vedic mathematics. Specifically, it utilizes the Urdhva Tiryakbhyam formula to generate all partial products concurrently rather than sequentially. The proposed 8x8 bit multiplier was coded in VHDL, simulated, and found to have a path delay 44.35% lower than a conventional Booth multiplier, demonstrating its potential for higher speed.
This document discusses image deblurring techniques. It begins by introducing image restoration and focusing on image deblurring. It then discusses challenges with image deblurring being an ill-posed problem. It reviews existing approaches to screen image deconvolution including estimating point spread functions and iteratively estimating blur kernels and sharp images. The document also discusses handling spatially variant blur and summarizes the relationship between the proposed method and previous work for different blur types. It proposes using color filters in the aperture to exploit parallax cues for segmentation and blur estimation. Finally, it proposes moving the image sensor circularly during exposure to prevent high frequency attenuation from motion blur.
This document describes modeling an adaptive controller for an aircraft roll control system using PID, fuzzy-PID, and genetic algorithm. It begins by introducing the aircraft roll control system and motivation for developing an adaptive controller to minimize errors from noisy analog sensor signals. It then provides the mathematical model of aircraft roll dynamics and describes modeling the real-time flight control system in MATLAB/Simulink. The document evaluates PID, fuzzy-PID, and PID-GA (genetic algorithm) controllers for aircraft roll control and finds that the PID-GA controller delivers the best performance.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/how-axelera-ai-uses-digital-compute-in-memory-to-deliver-fast-and-energy-efficient-computer-vision-a-presentation-from-axelera-ai/
Bram Verhoef, Head of Machine Learning at Axelera AI, presents the “How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-efficient Computer Vision” tutorial at the May 2024 Embedded Vision Summit.
As artificial intelligence inference transitions from cloud environments to edge locations, computer vision applications achieve heightened responsiveness, reliability and privacy. This migration, however, introduces the challenge of operating within the stringent confines of resource constraints typical at the edge, including small form factors, low energy budgets and diminished memory and computational capacities. Axelera AI addresses these challenges through an innovative approach of performing digital computations within memory itself. This technique facilitates the realization of high-performance, energy-efficient and cost-effective computer vision capabilities at the thin and thick edge, extending the frontier of what is achievable with current technologies.
In this presentation, Verhoef unveils his company’s pioneering chip technology and demonstrates its capacity to deliver exceptional frames-per-second performance across a range of standard computer vision networks typical of applications in security, surveillance and the industrial sector. This shows that advanced computer vision can be accessible and efficient, even at the very edge of our technological ecosystem.
1. IOSR Journal of Computer Engineering (IOSRJCE)
ISSN: 2278-0661 Volume 4, Issue 3 (Sep.-Oct. 2012), PP 01-04
www.iosrjournals.org
www.iosrjournals.org 1 | Page
Utilization Data Mining to Detect Spyware
1
Parisa Bahraminikoo, 2
Mehdi Samiei yeganeh, 3
G.Praveen Babu
1, 2
(M.Tech.(S/w. Eng.), 3
(Associate Professor School of Information Technology, Jawaharlal Nehru
Technological University, Iran)
Abstract: Malicious software (malware) is any software that gives partial to full control of your computer to
do whatever the malware creator wants. Malware can be a virus, worm, Trojan, adware, spyware, root kit,
etc.Spyware is a type of malware (malicious software) installed on computers that collects information about
users without their knowledge. In the year 1956, Artificial Intelligence (AI) was established at Dartmuth College
during a conference. The technology developed so much that it started involving many other branches of
engineering such as electronics, robotics etc. This eventually led to much more complex and smart machinery
involving Artificial Intelligence. With the development of malware detection systems and Artificial Intelligence,
as a new technology for them, Artificial Intelligence has been applied in anti-virus engines. There are several AI
approaches that applied in spyware detection systems such as Artificial Neural Networks, Heuristic Technology
and Data Mining (DM) Technique. Heuristic-based Detection performs well against known Spyware but has not
been proven to be successful at detecting new spyware. In this paper we focus on DM-based malicious code
detectors using Breadth-First Search (BFS) approach, which are known to work well for detecting viruses and
similar software. BFS is a strategy for searching in a tree when search is limited to essentially two operations:
(a) visit and inspect a node of a tree; (b) gain access to visit the nodes that are neighbor to currently visited
node. The BFS begins at a root node and inspect all the neighboring nodes. Then for each of those neighbor
nodes in turn, it inspects their neighbor nodes which were unvisited, and so on.
Keywords: Spyware, Artificial intelligence, Data mining, Breadth-First Search.
I. Introduction
As the application of computer and Internet is more popular, it provides a convenient way to share the
information among different people; however it also gives chances to malware activities, such as propagating
malicious programs, including computer viruses [1]. Programs that have the potential to break the privacy and
security of a system can be labeled as Privacy Invasive Software [2]. These programs include: spyware, adware,
Trojans, greyware and backdoors [3]. Spyware is a type of malware (malicious software) installed
on computers that collects information about users without their knowledge. The presence of spyware is
typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be
installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users. While
the term spyware suggests software that monitors a user's computing, the functions of spyware can extend
beyond simple monitoring. Spyware can collect almost any type of data, including personal
information like Internet surfing habits, user logins, and bank or credit account information. Spyware can also
interfere with user control of a computer by installing additional software or redirecting Web browsers. Some
spyware can change computer settings, which can result in slow Internet connection speeds, un-authorized
changes in browser settings, or changes to software settings.
The goal of spyware is generally not to cause damage or to spread to other systems. Instead, spyware
programs monitor the behavior of users and steal private information, such as keystrokes and browsing patterns.
This information is then sent back to the spyware distributors and used as a basis for targeted advertisement
(e.g., pop-up ads) or marketing analysis [4]. AI is the science and engineering of making intelligent machines,
especially intelligent computer programs [1]. AI is set to play an important role in our lives. Researchers
produce new products which duplicate intelligence, understand speech, beat the opponent chess player, and
acting in complex conditions. The major problems of Artificial Intelligence include qualities such as knowledge,
planning, learning, reasoning, communication, perception and capability to move and control the objects [6].The
aim of Artificial Intelligence is to develop the machines to perform the tasks in a better way than the humans
[5]. As following we will describe the main application of artificial intelligence that is applied in spyware
detection systems. The rest of this paper is organized as follows: section 2 briefly describes the Heuristic
Technology, Section 3 explains Data mining Technique and section 4 briefly describes the Neural Network
Technology.
2. Utilization Data Mining to Detect Spyware
www.iosrjournals.org 2 | Page
II. Heuristic Technology
At the present, the first and main application for spam filtering technique based on artificial
intelligence is Heuristic Technology. Current anti-spyware tools make use of signature-based methods by using
specific features or unique strings extracted from binaries or heuristic-based methods by using on the basis of
rules written by experts who define behavioral patterns as approaches against spyware. These approaches are
often considered ineffective against new malicious code [7, 8].
Heuristic Technology means "the ability of self-discovery" or "the knowledge and skills that use some
methods to determine", and intelligently analyze codes to detect the unknown virus by some rules while
scanning [9].Heuristics are used quite often in Artificial Intelligence based research. They are new and
constantly being refined by most antivirus companies over the last five years or so. Computational they are
much faster than signature based techniques. Heuristics look for a set of characteristics within a file in order to
determine whether or not it may be a potential threat. In a sense, heuristic anti-malware attempts to apply the
processes of human analysis to an object. In the same way that a human malware analyst would try to determine
the process of a given program and its actions, heuristic analysis performs the same intelligent decision-making
process, effectively acting as a virtual malware researcher. As the human malware analyst learns more from and
about emerging threats he or she can apply that knowledge to the heuristic analyzer through programming, and
improve future detection rates. Antivirus software may use one or several techniques to proactively detect
malware. The main essence of each method is to analyze the suspicious file’s characteristics and behavior to
determine if it is indeed malware.
The main concern with heuristic detection is that it often increases false positives. False positives are
when the antivirus software determines a file is malicious (and quarantines or deletes it) when in reality it is
perfectly fine and/or desired. Because some files may look like viruses but really aren’t, they are restricted and
stopped from working on your computer. In Heuristics based detection we can use Generic Signature, This
technique is particularly designed to locate variations of viruses. Several viruses are re-created and make
themselves known by a variety of names, but essentially come from the same family (or classification). Genetic
detection uses previous antivirus definitions to locate these similar “cousins” even if they use a slightly different
name or include some unusual characters. The best way to illustrate this idea is with identical twins. They may
have slightly different fingerprints, but their DNA is identical.
III. Neural Network Technology
An Artificial Neural Network (ANN) (Bishop, 1995) is an information processing paradigm that is
inspired by the way biological nervous systems (i.e., the brain) are modeled with regard to information
processing [13]. A neural network is designed to simulate a set of neurons, usually connected by synapses. In
the nervous system, a synapse is a structure that permits a neuron to pass an electrical or chemical signal to
another cell. Just as in biological systems, learning involves adjustments to the synaptic connections that exist
between the neurons. Neural networks can differ on: the way their neurons are connected; the specific kinds of
computations their neurons do; the way they transmit patterns of activity throughout the network; and the way
they learn including their learning rate. Neural networks are being applied to an increasing large number of real
world problems [14].
The neural network is configured for a specific application, such as data classification or pattern
recognition, through a learning process called training [15]. In [16] has introduced how to use Single layer
neural classifier to detection boot viruses, and the generic virus detector was incorporated into IBM Antivirus in
May, 1994.Its structure has been shown in Fig 1.
Figure 1: Single layer neural classifier
William Arnold and Gerald Tesauro constructed multiple neural network classifiers which can detect
unknown Win32 viruses by combining the individual classifier outputs using a voting procedure, following a
technique described in previous work (Kephart et al, 1995) on boot virus heuristics [17]. And the system has
508 achieved effectively.Authors of [18] presented a new rule generation method from neural networks formed
using a genetic algorithm (GA) with virus infection and deterministic mutation. This method can extract rules
(regularities) for a pattern classification and chaotic system identification by using the same system [1].
3. Utilization Data Mining to Detect Spyware
www.iosrjournals.org 3 | Page
IV. Data mining Technique
With the rapid development of Information Technology, the rapid growth of data has exceeded the
ability of the manual processing of data. So how to help people to extract the general knowledge from the mass
of data has become more and more important. In order to implement it, data mining technique is put forward and
soon becomes an active research direction. Data mining analyzes the observed sets to discover the unknown
relation and sum up the results of data analysis to make the owner of data to understand. Data Mining Algorithm
that is from Statistics, Pattern Identification, Machine Learning [5, 11], and Database and so on, has developed
comprehensive [1].
In [10] presented a data-mining framework that detects new, previously unseen malicious executables
accurately and automatically. The 2001 data mining study of malicious code [8] used. Three types of features,
i.e., Dynamic-link Library resource information, consecutive printable characters (strings) and byte sequences.In
[12] presented a network virus precaution system based on data mining shown in Fig 2.It can detect the
abnormal connecting behavior of network in real-time to discover the trace of worm virus, especially the
precaution action to the new worm virus to make administrator to adopt corresponding measure to avoid
tremendous loss.
Figure 2: The structure of warning system
Data mining techniques perform better than traditional techniques such as signature-base detection and
Heuristic-based detection. The focus of our analysis is executable files for the Windows platform. We use the
Waikato Environment for Knowledge Analysis (Weka) to perform the experiments. Weka is a suite of machine
learning algorithms and analysis tools, which is used in practice for solving data mining problems, first, we
extract features from the binary files We extract the features by using the Common Feature-based Extraction
(CFBE). The purpose of employing this approach is to evaluate two different techniques that use different types
of data representation, i.e., the occurrence of a feature and the frequency of a feature. CFBE method are used to
obtain Reduced Feature Sets (RFSs) which are then used to generate the ARFF files and includes instances from
the frequency range of 50-80. And we then apply a feature reduction method in order to reduce data set
complexity. In experiments for the detection of malware, sequences of bytes extracted from the hexadecimal
dump of the binary files have been represented by n-grams [3]. Finally, we convert the reduced feature set into
the Attribute-Relation File Format (ARFF). ARFF files are ASCII text files that include a set of data instances,
each described by a set of features [3].
Data mining base malicious approach have proven to be successful in detecting viruses and worms.
Overall accuracy of 90.5% is achieved with the BF-tree algorithms.
We evaluate each learning algorithm by performing cross-validation tests to ensure that the generated
classifiers are not tested on the training data. From the response of the classifiers the relevant confusion matrices
were created. Four metrics define the elements of the matrix: True Positives (TP), False Positives (FP), True
Negatives (TN) and False Negatives (FN).
Metric Abbreviation Meaning
True Positives TP Number of correctly identified benign programs.
False Positives FP Number of wrongly identified Spyware programs.
True Negatives TN Number of correctly identified Spyware programs.
False Negatives FN Number of wrongly identified benign programs.
Table 1 Evaluation metrics
We shall now demonstrate how multi-criteria metrics can be used as an approach to trade-off some of
the important aspects of EULA (End User License Agreement) classification [19]. The performance of each
classifier was evaluated using the true positive rate, false positive rate and overall accuracy which are defined as
follows:
True Positive Rate (TPR): Percentage of correctly identified benign programs (TP / TP+FN)
False Positive Rate (FPR): Percentage of wrongly identified Spyware programs (FP / TN+FP)
Overall Accuracy (ACC): Percentage of correctly identified programs (TP+TN / TP+TN+FP+FN)
4. Utilization Data Mining to Detect Spyware
www.iosrjournals.org 4 | Page
Table 2 show that Using the feature set produced by the CFBE feature selection method for n = 4, the BFT
decision tree classifier achieves the highest accuracy results in Frequency Range 50-80.
Table 2 Comparison of Algorithms for N-gram size = 4
V. Conclusion
Spyware technique has become the most important Prevention technique. With this technologies, the
system can detect virus invasion in real-time, and enlarge security management capacity of system
administrators to enhance the integrity of the infrastructure of information security.
With development of Artificial Intelligence technology has provided new methods and ideas for
spyware detection system. Intergraded spyware detection with AI will greatly improve the performance of the
existing spyware detection system, promote more effective artificial intelligence algorithms to be proposed, and
be applied in the popular detection field .The main objective of the present work is to establish a method in
Spyware detection research using data mining techniques. These techniques are used for information retrieval
and classification. Data mining-based malicious code detectors have been proven to be successful in detecting
clearly malicious code, e.g., like viruses and worms. Results from different studies have indicated that data
mining techniques perform better than traditional techniques against malicious code. However, spyware has not
received the same attention from researchers but it is spreading rapidly on both home and business computers.
Overall accuracy of 90.5% is achieved with the BF-tree algorithms.
References
[1]. Review on the application of Artificial Intelligence in Antivirus Detection System”, Xiao-bin Wang Guang-yuan Yang Yi-chao
Li Dan Liu.
[2]. M. Boldt and B. Carlsson, “Privacy-invasive software and preventive mechanisms,” 2nd International Conference on Systems and
Networks Communications, (ICSNC 2006), Oct. 28- Nov.2, IEEE Computer Society.
[3]. Detection of Spyware by Mining Executable Files” Raja Khurram Shazhad, Syed Imran Haider, Niklas Lavesson, 2010International
Conference onAvailability,Reliability and Security.
[4]. Behavior-based Spyware Detection” Engin Kirda and Christopher Kruegel, Greg Banks, Giovanni Vigna, and Richard A.
Kemmerer.
[5]. Review on use of Reinforcement Learning in Artificial Intelligence” Mehdi Samieiyeganeh , Parisa Bahraminikoo ,G.Praveen Babu
,12th
International Conference of Science and Technology Impact on Development and Justice held at Maulana Azad National Urdu
University, Hyderabad, India, on 7th
& 8th
February, 2012.
[6]. Chuck Williams. “A BRIEF INTRODUCTION TO ARTIFICIAL INTELLIGENCE”, 10.0 109 83 IEEE.
[7]. C. D. Bozagac, “Application of Data Mining based Malicious Code Detection Techniques for Detecting new Spyware”, White
paper, Bilkent University, 2005.
[8]. M. Schultz, E. Eskin, F. Zadok, and S. Stolfo, “Data mining methods for detection of new malicious executables,” Proceedings of
IEEE Symposium on Security and Privacy, 14-16 May 2001, Los Alamitos,
[9]. Xianwei Zeng, Zhijun Zhang, and Zhi Zhang, “Heuristic skill of computer virus analysis based on virtual machine,” Computer
Applications and Software, Vol. 22(9), 2005, pp. 125-126.
[10]. Matthew G. Schultz, Eleazar Eskin, Erez Zadok, and Salvatore I. Stolfo, “Data Mining Methods for Detection of New Malicious
Executables,” The 2001 IEEE Symposium on Security and Privacy, Oakland. CA, 2001, pp.38-49.
[11]. I.H. Witten, E. Frank, Data Mining: Practical Machine Learning Tools and Techniques, 2nd ed. Morgan.
[12]. Yufeng Yang, “The Network Virus Precaution System Based on Data Mining,” Journal of Shaoguan University, Vol. 26(12), 2005,
pp. 31-33.
[13]. Detection of Unknown Computer Worms based on Behavioral Classification of the Host”, Robert Moskovitch, Yuval Elovici, Lior
Rokach.
[14]. Review on Artificial Intelligence and Artificial neural networks” Mehdi Samieiyeganeh , ParisaBahraminikoo,G.PraveenBabu,
International Conference on Computing,Communications, Systems & Aeronautics (ICCCSA-12) , Organized by Malla Reddy
College of Engineering & Technology From March 30-31,2012. Hyderabad, India.
[15]. Artificial Intelligence: Neural Networks Simplified “Indranarain Ramlall1 University of Technology, Mauritius.
[16]. Kephart, J.O., "Biologically inspired defenses against computer viruses," Proceedings of International Joint Conference on Artificial
Intelligence, 1995, pp. 985-96.
[17]. R. Moskovitch, C. Feher, N. Tzachar, E. Berger, M. Gitelman, S. Dolev, and Y. Elovici, “Unknown malcode detection using
OPCODE representation,” 1st European Conference on Intelligence and Security Informatics, (EuroISI 2008), 3-5 Dec., Berlin,
Germany: Springer-Verlag, pp. 204-215.
[18]. Y. Elovici, A. Shabtai, R. Moskovitch, G. Tahan, and C. Glezer., “Applying Machine Learning Techniques for Detection of
Malicious Code in Network Traffic”, Proceedings of the 30th annual German conference on Advances in Artificial Intelligence, KI
2007, 10-13.
[19]. Niklas Lavesson , Martin Boldt , Paul Davidsson ,Andreas Jacobsson, “Learning to detect spyware using end user license
agreements”, Springer-Verlag London Limited 2009.
Algorithm Type TPR FPR ACC
BFT Frequency Range
50-80
Trees 0.992 0.977 0.731 0.730
89.896 (5.104)
88.5222 (5.899)
Random Forest
Frequency Range 50-80
Trees 0.979 0.960 0.665 0.720
89.489 (5.520)
87.077 (6.477)
Naive Bayes
Frequency Range 50-80
Bayes 0.973 0.916 0.730 0.705
88.209 (6.174)
83.703 (8.202)
SMO Frequency Range
50-80
Function 0.935 0.946
0.665
0.515
86.566 (8.130)
88.5222 (7.530)