Malware is a global risk rife designed to destroy computer systems without the owner's knowledge. It is still regarded as the most popular threat that attacks computer systems. Early recognition of unknown malware remains a problem. swarm intelligence (SI), usually customer societies, communicate locally with their domain and with each other. Clients use very simple rules of behavior and the interactions between them lead to smart appearance, noticeable, individual behavior and optimized solution of problem and SI has been successfully applied in many fields, especially for malware ion tasks. SI also saves a considerable amount of time and enhances the precision of the malware recognition system. This paper introduces a malware recognition system for Hancitor malware using the gray wolf optimization (GWO) algorithm and artificial bee colony (ABC) algorithm, which can effectively recognize Hancitor in networks.
System call frequency analysis-based generative adversarial network model for...IJECEIAES
In today's digital age, mobile applications have become essential in connecting people from diverse domains. They play a crucial role in enabling communication, facilitating business transactions, and providing access to a range of services. Mobile communication is widespread due to its portability and ease of use, with an increasing number of mobile devices projected to reach 18.22 billion by the end of 2025. However, this convenience comes at a cost, as cybercriminals are constantly looking for ways to exploit security vulnerabilities in mobile applications. Among the several varieties of malicious applications, zero-day malware is particularly dangerous since it cannot be removed by antivirus software. To detect zeroday Android malware, this paper introduces a novel approach based on generative adversarial networks (GANs), which generates new frequencies of feature vectors from system calls. In the proposed approach, the generator is fed with a mixture of real samples and noise, and then trained to create new samples, while the discriminator model aims to classify these samples as either real or fake. We assess the performance of our model through different measures, including loss functions, the Frechet Inception distance, and the inception score evaluation metrics.
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSIJNSA Journal
This document summarizes a survey paper on malware detection and analysis tools. It provides an overview of different types of malware like viruses, worms, Trojans, rootkits, spyware and keyloggers. It describes techniques for malware analysis, including static analysis which examines code without execution, and dynamic analysis which analyzes behavior during execution. It also lists some limitations of static analysis and the need for dynamic analysis. Finally, it discusses various tools available for malware detection, analysis, reverse engineering and debugging.
Problems With Battling Malware Have Been Discussed, Moving...Deb Birch
This document discusses several new methods for detecting malware, including CPU analyzers, holography, eigenvirus detection, differential fault analysis, and whitelist protection. It notes that due to a focus on deobfuscation, these ideas have only recently been explored and are still underdeveloped. Specific methods like CPU analyzers and holography are examined in more detail.
Malware Detection Approaches using Data Mining Techniques.pptxAlamgir Hossain
The document discusses malware detection approaches using data mining techniques. It describes signature-based and behavior-based approaches. Signature-based detection identifies malware by matching signatures in a predefined database, but struggles with polymorphic malware. Behavior-based detection analyzes malware behaviors through dynamic analysis, allowing detection of novel malware but having higher computational costs. Both approaches have advantages and limitations for malware detection.
Adware is a software that may be installed on the client machine for displaying advertisements for the
user of that machine with or without consideration of user. Adware can cause unrecoverable threat to the security
and privacy of computer users as there is an increase in number of malicious adware’s. The paper presents an
adware detection approach based on the application of data mining on disassembled code. This is an approach for
an accurate adware detection algorithm with adware data set and machine learning techniques. In this paper, we
disassemble binary files, generate instruction sequences and past his data through different data mining as well as
machine learning algorithms for feature extraction and feature reduction for detection of malicious adware.Then
system accurately detect both novel and known adware instances even though the binary difference between
adware and legitimate software is usually small.
Keywords — Data Mining; Adware Detection; Binary Classification; Static Analysis; Disassembly;
Instruction Sequences
Taxonomy mobile malware threats and detection techniquescsandit
Since last-decade, smart-phones have gained widespr
ead usage. Mobile devices store personal
details such as contacts and text messages. Due to
this extensive growth, smart-phones are
attracted towards cyber-criminals. In this research
work, we have done a systematic review of
the terms related to malware detection algorithms
and have also summarized behavioral
description of some known mobile malwares in tabula
r form. After careful solicitation of all the
possible methods and algorithms for detection of m
obile-based malwares, we give some
recommendations for designing future malware detect
ion algorithm by considering
computational complexity and detection ration of m
obile malwares.
This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques achieve an overall accuracy of 90.5% in detecting spyware, performing better than traditional signature-based or heuristic-based methods.
Utilization Data Mining to Detect Spyware IOSR Journals
This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques perform better than traditional signature-based or heuristic-based detection methods, achieving an overall accuracy of 90.5% at detecting spyware using BFS algorithms.
System call frequency analysis-based generative adversarial network model for...IJECEIAES
In today's digital age, mobile applications have become essential in connecting people from diverse domains. They play a crucial role in enabling communication, facilitating business transactions, and providing access to a range of services. Mobile communication is widespread due to its portability and ease of use, with an increasing number of mobile devices projected to reach 18.22 billion by the end of 2025. However, this convenience comes at a cost, as cybercriminals are constantly looking for ways to exploit security vulnerabilities in mobile applications. Among the several varieties of malicious applications, zero-day malware is particularly dangerous since it cannot be removed by antivirus software. To detect zeroday Android malware, this paper introduces a novel approach based on generative adversarial networks (GANs), which generates new frequencies of feature vectors from system calls. In the proposed approach, the generator is fed with a mixture of real samples and noise, and then trained to create new samples, while the discriminator model aims to classify these samples as either real or fake. We assess the performance of our model through different measures, including loss functions, the Frechet Inception distance, and the inception score evaluation metrics.
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSIJNSA Journal
This document summarizes a survey paper on malware detection and analysis tools. It provides an overview of different types of malware like viruses, worms, Trojans, rootkits, spyware and keyloggers. It describes techniques for malware analysis, including static analysis which examines code without execution, and dynamic analysis which analyzes behavior during execution. It also lists some limitations of static analysis and the need for dynamic analysis. Finally, it discusses various tools available for malware detection, analysis, reverse engineering and debugging.
Problems With Battling Malware Have Been Discussed, Moving...Deb Birch
This document discusses several new methods for detecting malware, including CPU analyzers, holography, eigenvirus detection, differential fault analysis, and whitelist protection. It notes that due to a focus on deobfuscation, these ideas have only recently been explored and are still underdeveloped. Specific methods like CPU analyzers and holography are examined in more detail.
Malware Detection Approaches using Data Mining Techniques.pptxAlamgir Hossain
The document discusses malware detection approaches using data mining techniques. It describes signature-based and behavior-based approaches. Signature-based detection identifies malware by matching signatures in a predefined database, but struggles with polymorphic malware. Behavior-based detection analyzes malware behaviors through dynamic analysis, allowing detection of novel malware but having higher computational costs. Both approaches have advantages and limitations for malware detection.
Adware is a software that may be installed on the client machine for displaying advertisements for the
user of that machine with or without consideration of user. Adware can cause unrecoverable threat to the security
and privacy of computer users as there is an increase in number of malicious adware’s. The paper presents an
adware detection approach based on the application of data mining on disassembled code. This is an approach for
an accurate adware detection algorithm with adware data set and machine learning techniques. In this paper, we
disassemble binary files, generate instruction sequences and past his data through different data mining as well as
machine learning algorithms for feature extraction and feature reduction for detection of malicious adware.Then
system accurately detect both novel and known adware instances even though the binary difference between
adware and legitimate software is usually small.
Keywords — Data Mining; Adware Detection; Binary Classification; Static Analysis; Disassembly;
Instruction Sequences
Taxonomy mobile malware threats and detection techniquescsandit
Since last-decade, smart-phones have gained widespr
ead usage. Mobile devices store personal
details such as contacts and text messages. Due to
this extensive growth, smart-phones are
attracted towards cyber-criminals. In this research
work, we have done a systematic review of
the terms related to malware detection algorithms
and have also summarized behavioral
description of some known mobile malwares in tabula
r form. After careful solicitation of all the
possible methods and algorithms for detection of m
obile-based malwares, we give some
recommendations for designing future malware detect
ion algorithm by considering
computational complexity and detection ration of m
obile malwares.
This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques achieve an overall accuracy of 90.5% in detecting spyware, performing better than traditional signature-based or heuristic-based methods.
Utilization Data Mining to Detect Spyware IOSR Journals
This document discusses using data mining techniques to detect spyware. It begins by defining spyware and artificial intelligence. It then discusses three AI approaches that have been applied to spyware detection: heuristic technology, neural network technology, and data mining techniques. It focuses on using breadth-first search (BFS) within a data mining approach. The document finds that data mining techniques perform better than traditional signature-based or heuristic-based detection methods, achieving an overall accuracy of 90.5% at detecting spyware using BFS algorithms.
With the development and rapid growth in IT infrastructure, malicious code attacks are considered as the
main threat to cybersecurity. Malicious JavaScript’s which are intentionally crafted by the attackers inside the web page
over the web as an emerging security issue affecting millions of users. In past few years, a number of studies have been
conducted based on machine learning for detection of malicious JavaScript code attacks has demonstrated a poor
detection accuracy and increased performance overheads. In this paper, an effective interceptor approach for detection of
multivariate and novel malicious JavaScript’s based on deep learning is proposed and evaluated. Hybrid feature set based
on static and dynamic analysis were used. The dataset which was used in this study consists of 32,000 benign webpages
and 12,900 malicious pages. The experimental results show that this approach was able to detect 99.01% of new malicious
code variants.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
This document discusses machine learning approaches for Android malware detection. It begins with an abstract discussing signature-based and behavior-based malware detection techniques, and how machine learning can be used to detect unknown malware. The document then discusses related work on Android malware detection using machine learning algorithms. It describes detecting malware using file permissions and features extracted from Android applications. Various machine learning algorithms are trained on datasets of benign and malicious applications, and their performance is evaluated based on accuracy, classification reports, and confusion matrices.
Abstract: The exponential growth of the internet and new technology lead today's world in a hectic situation both positive as well as the negative module. Cybercriminals gamble in the dark net using numerous techniques. This leads to cybercrime. Cyber threats like Malware attempt to infiltrate the computer or mobile device offline or internet, chat(online), and anyone can be a potential target. Malware is also known as malicious software is often used by cybercriminals to achieve their goal by tracking internet activity, capturing sensitive information, or blocking computer access. Reverse engineering is one of the best ways to prevent and is a powerful tool to keep the fight against cyber attacks. Most people in the cyber world see it as a black hat—It is said as being used to steal data and intellectual property. But when it is in the hands of cybersecurity experts, reverse engineering dons the white hat of the hero. Looking at the program from the outside in –often by a third party that had no hand in writing the code. It allows those who practice it to understand how a given program or system works when no source code is available. Reverse engineering accomplishing several tasks related to cybersecurity: finding system vulnerabilities, researching malware &analyzing the complexity of restoring core software algorithms that can further protect against theft. It is hard to hack certain software.
Keywords: Malware, threat, vulnerablity, detection, reverse engineering, analysis.
Title: Malware analysis and detection using reverse Engineering
Author: B.Rashmitha, J. Alwina Beauty Angelin, E.R. Ramesh
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Vol. 10, Issue 2, Month: April 2022 - June 2022
Page: (1-4)
Published Date: 01-April-2022
Research Publish Journals
Available at: www.researchpublish.com
You can Direct download full research paper at given below link:
https://www.researchpublish.com/papers/malware-analysis-and-detection-using-reverse-engineering
Academia Link: https://www.academia.edu/76069664/Malware_analysis_and_detection_using_reverse_Engineering_Available_at_www_researchpublish_com_journal_name_International_Journal_of_Computer_Science_and_Information_Technology_Research
MACHINE LEARNING APPLICATIONS IN MALWARE CLASSIFICATION: A METAANALYSIS LITER...IJCI JOURNAL
With a text mining and bibliometrics approach, this study reviews the literature on the evolution
of malware classification using machine learning. This work takes literature from 2008 to 2022
on the subject of using machine learning for malware classification to understand the impact of
this technology on malware classification. Throughout this study, we seek to answer three main
research questions: RQ1: Is the application of machine learning for malware classification
growing? RQ2: What is the most common machine-learning application for malware
classification? RQ3: What are the outcomes of the most common machine learning
applications? The analysis of 2186 articles resulting from a data collection process from peerreviewed databases shows the trajectory of the application of this technology on malware
classification as well as trends in both the machine learning and malware classification fields of
study. This study performs quantitative and qualitative analysis using statistical and N-gram
analysis techniques and a formal literature review to answer the proposed research questions.
The research reveals methods such as support vector machines and random forests to be
standard machine learning methods for malware classification in efforts to detect maliciousness
or categorize malware by family. Machine learning is a highly researched technology with
many applications, from malware classification and beyond.
Optimised Malware Detection in Digital Forensics IJNSA Journal
This summarizes a research paper that proposes developing a new framework to optimize malware detection in digital forensics investigations. The paper discusses challenges with existing detection methods, such as signature-based approaches requiring extensive manual analysis. Through a market research survey of forensics professionals, the paper finds weaknesses in current skills, tools, and accuracy rates. Most respondents agreed a new customized detection tool is needed that employs both dynamic and static analysis methods. The proposed framework aims to address these issues to more effectively detect and analyze malware.
Review on mobile threats and detection techniquesijdpsjournal
Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details
such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards
cyber-criminals. In this research work, we have done a systematic review of the terms related to malware
detection algorithms and have also summarized behavioral description of some known mobile malwares
in tabular form. After careful solicitation of all the possible methods and algorithms for detection of
mobile-based malwares, we give some recommendations for designing future malware detection algorithm
by considering computational complexity and detection ration of mobile malwares.
Optimised malware detection in digital forensicsIJNSA Journal
On the Internet, malware is one of the most serious threats to system security. Most complex issues and
problems on any systems are caused by malware and spam. Networks and systems can be accessed and
compromised by malware known as botnets, which compromise other systems through a coordinated
attack. Such malware uses anti-forensic techniques to avoid detection and investigation. To prevent systems
from the malicious activity of this malware, a new framework is required that aims to develop an optimised
technique for malware detection. Hence, this paper demonstrates new approaches to perform malware
analysis in forensic investigations and discusses how such a framework may be developed.
This document proposes a deep learning approach for detecting Android malware using autoencoders. It extracts five different feature sets from Android apps, including permissions, intent filters, API calls, additional APK files, and certificate information. These features are used to train an autoencoder model to classify apps as either benign or malicious. The methodology involves decompiling apps, extracting features, constructing the feature sets, training the autoencoder in a semi-supervised manner on labeled and unlabeled data, and testing the trained model. Experimental results show the proposed approach can identify malware with high accuracy.
Malware Risk Analysis on the Campus Network with Bayesian Belief NetworkIJNSA Journal
This document discusses using a Bayesian Belief Network (BBN) to analyze malware risk on a university campus network. It begins by introducing the campus network monitoring tools and SIR epidemiological model used to model malware propagation. It then provides background on BBN principles, including defining nodes, conditional probabilities, and using the network to compute joint probabilities. The document proposes applying a BBN to assess malware prevalence risk by relating threat, vulnerability, and cost impact on network assets. It aims to provide understandable risk assessments to inform decision making.
Malware Risk Analysis on the Campus Network with Bayesian Belief NetworkIJNSA Journal
A security network management system is for providing clear guidelines on risk evaluation and assessment for enterprise networks. The threat and risk assessment is conducted to safeguard enterprise network services to maintain system confidentiality, integrity, and availability through effective control strategies. In this paper, based on our previous work in analyzing integrated information security management and malware propagation on the campus network through mathematical modelling, we proposed Bayesian Belief Network with inference level indicator to enable the decision maker to understand and provide appropriate mitigation decisions on the risks posed. We experimentally placed monitoring sensors on the campus network that gives the threat alert priority levels and magnitude on the vulnerable information assets. These methods will give a direction on the belief inferred due to malware prevalence on the information security assets for better understanding.
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...IJNSA Journal
Malicious software is constantly being developed and improved, so detection and classification of malwareis an ever-evolving problem. Since traditional malware detection techniques fail to detect new/unknown malware, machine learning algorithms have been used to overcome this disadvantage. We present a Convolutional Neural Network (CNN) for malware type classification based on the API (Application Program Interface) calls. This research uses a database of 7107 instances of API call streams and 8 different malware types:Adware, Backdoor, Downloader, Dropper, Spyware, Trojan, Virus,Worm. We used a 1-Dimensional CNN by mapping API calls as categorical and term frequency-inverse document frequency (TF-IDF) vectors and compared the results to other classification techniques.The proposed 1-D CNN outperformed other classification techniques with 91% overall accuracy for both categorical and TF-IDF vectors.
X-ware: a proof of concept malware utilizing artificial intelligenceIJECEIAES
Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures.
Ransomware Attack Detection based on Pertinent System Calls Using Machine Lea...IJCNCJournal
In the last few years, the evolution of information technology has resulted in the development of several interesting and sensitive fields such as the dark Web and cyber-criminality, especially using ransomware attacks. This paper aims to bring out only critical features and make their observation, or not, in software behaviour sufficient to decide whether it is ransomware or not. Therefore, we propose a new solution for ransomware detection based on machine learning algorithms and system calls. First, we introduce our produced dataset of collected system calls of both ransomware and Benignware. Then, we push preprocessing steps deeply to reduce efficiently data dimensionality. After that, we introduce a new technique to select pertinent features. Next, we bring out the critical system calls, their importance and their contribution to the distinction between dataset elements. Finally, we present our model that achieves an overall accuracy of 99.81% after K-Fold cross-validation.
Ransomware Attack Detection Based on Pertinent System Calls Using Machine Lea...IJCNCJournal
In the last few years, the evolution of information technology has resulted in thedevelopmentof several interesting and sensitive fields such as the dark Web and cyber-criminality, especially using ransomware attacks. This paper aims to bring out only critical features and make their observation, or not, in software behaviour sufficient to decide whether it is ransomware or not. Therefore, we propose a new solution for ransomware detection based on machine learning algorithms and system calls. First, we introduce our produced dataset of collected system calls of both ransomware and Benignware. Then, we push pre-processing steps deeply to reduce efficiently data dimensionality. After that, we introduce a new technique to select pertinent features. Next, we bring out the critical system calls, their importance and their contribution to the distinction between dataset elements. Finally, we present our model that achieves an overall accuracy of 99.81% after K-Fold cross-validation.
Malware is a worldwide pandemic. It is designed to damage computer systems without
the knowledge of the owner using the system. Software‟s from reputable vendors also contain
malicious code that affects the system or leaks information‟s to remote servers. Malware‟s includes
computer viruses, spyware, dishonest ad-ware, rootkits, Trojans, dialers etc. Malware detectors are
the primary tools in defense against malware. The quality of such a detector is determined by the
techniques it uses. It is therefore imperative that we study malware detection techniques and
understand their strengths and limitations. This survey examines different types of Malware and
malware detection methods.
Basic survey on malware analysis, tools and techniquesijcsa
The term malware stands for malicious software. It is a program installed on a system without the
knowledge of owner of the system. It is basically installed by the third party with the intention to steal some
private data from the system or simply just to play pranks. This in turn threatens the computer’s security,
wherein computer are used by one’s in day-to-day life as to deal with various necessities like education,
communication, hospitals, banking, entertainment etc. Different traditional techniques are used to detect
and defend these malwares like Antivirus Scanner (AVS), firewalls, etc. But today malware writers are one
step forward towards then Malware detectors. Day-by-day they write new malwares, which become a great
challenge for malware detectors. This paper focuses on basis study of malwares and various detection
techniques which can be used to detect malwares.
IRJET - An Automated System for Detection of Social Engineering Phishing Atta...IRJET Journal
1) The document presents a machine learning approach to detect phishing URLs using logistic regression. It trains a logistic regression model on a dataset of 420,467 URLs that have been classified as either phishing or legitimate.
2) It preprocesses the URLs using tokenization before training the logistic regression model. The trained model is able to classify new URLs with 96% accuracy as either phishing or legitimate based on the URL features.
3) The proposed approach provides an automated way to detect phishing URLs in real-time and help prevent phishing attacks. Future work could involve developing a browser extension using this approach and increasing the dataset size for higher accuracy.
Permission based malware detection by using k means algorithm in Android OSBRNSSPublicationHubI
The document discusses a permission-based method for detecting malware in Android apps using k-means clustering. It extracts permission data from app manifest files, compares it to a database of malicious permissions, and uses k-means to classify apps as benign or malicious based on their permission ratios. The method was able to accurately detect malware in popular apps like WhatsApp and Facebook by identifying suspicious high levels of permissions for activities like SMS/call access.
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
Malware is an application that is harmful to your forensic information. Basically, malware analyses is the process of analysing the behaviours of malicious code and then create signatures to detect and defend against it.Malware, such as Trojan horse, Worms and Spyware severely threatens the forensic security. This research observed that although malware and its variants may vary a lot from content signatures, they share some behaviour features at a higher level which are more precise in revealing the real intent of malware. This paper investigates the various techniques of malware behaviour extraction and analysis. In addition, we discuss the implications of malware analysis tools for malware detection based on various techniques.
Hybrid model for detection of brain tumor using convolution neural networksCSITiaesprime
The development of aberrant brain cells, some of which may turn cancerous, is known as a brain tumor. Magnetic resonance imaging (MRI) scans are the most common technique for finding brain tumors. Information about the aberrant tissue growth in the brain is discernible from the MRI scans. In numerous research papers, machine learning, and deep learning algorithms are used to detect brain tumors. It takes extremely little time to forecast a brain tumor when these algorithms are applied to MRI pictures, and better accuracy makes it easier to treat patients. The radiologist can make speedy decisions because of this forecast. The proposed work creates a hybrid convolution neural networks (CNN) model using CNN for feature extraction and logistic regression (LR). The pre-trained model visual geometry group 16 (VGG16) is used for the extraction of features. To reduce the complexity and parameters to train we eliminated the last eight layers of VGG16. From this transformed model the features are extracted in the form of a vector array. These features fed into different machine learning classifiers like support vector machine (SVM), naïve bayes (NB), LR, extreme gradient boosting (XGBoost), AdaBoost, and random forest for training and testing. The performance of different classifiers is compared. The CNN-LR hybrid combination outperformed the remaining classifiers. The evaluation measures such as recall, precision, F1-score, and accuracy of the proposed CNN-LR model are 94%, 94%, 94%, and 91% respectively.
Implementing lee's model to apply fuzzy time series in forecasting bitcoin priceCSITiaesprime
Over time, cryptocurrencies like Bitcoin have attracted investor's and speculators' interest. Bitcoin's dramatic rise in value in recent years has caught the attention of many who see it as a promising investment asset. After all, Bitcoin investment is inseparable from Bitcoin price volatility that investors must mitigate. This research aims to use Lee's Fuzzy Time Series approach to forecast the price of Bitcoin. A time series analysis method called Lee's Fuzzy Time Series to get around ambiguity and uncertainty in time series data. Ching-Cheng Lee first introduced this approach in his research on time series prediction. This method is a development of several previous fuzzy time series (FTS) models, namely Song and Chissom and Cheng and Chen. According to most previous studies, Lee's model was stated to be able to convey more precise forecasting results than the classic model from the FTS. This study used first and second orders, where researchers obtained error values from the first order of 5.419% and the second order of 4.042%, which means that the forecasting results are excellent. But of both orders, only the first order can be used to predict the next period's Bitcoin price. In the second order, the resulting relations in the next period do not have groups in their fuzzy logical relationship group (FLRG), so they can not predict the price in the next period. This study contributes to considering investors and the general public as a factor in keeping, selling, or purchasing cryptocurrencies.
More Related Content
Similar to Hancitor malware recognition using swarm intelligent technique
With the development and rapid growth in IT infrastructure, malicious code attacks are considered as the
main threat to cybersecurity. Malicious JavaScript’s which are intentionally crafted by the attackers inside the web page
over the web as an emerging security issue affecting millions of users. In past few years, a number of studies have been
conducted based on machine learning for detection of malicious JavaScript code attacks has demonstrated a poor
detection accuracy and increased performance overheads. In this paper, an effective interceptor approach for detection of
multivariate and novel malicious JavaScript’s based on deep learning is proposed and evaluated. Hybrid feature set based
on static and dynamic analysis were used. The dataset which was used in this study consists of 32,000 benign webpages
and 12,900 malicious pages. The experimental results show that this approach was able to detect 99.01% of new malicious
code variants.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
This document discusses machine learning approaches for Android malware detection. It begins with an abstract discussing signature-based and behavior-based malware detection techniques, and how machine learning can be used to detect unknown malware. The document then discusses related work on Android malware detection using machine learning algorithms. It describes detecting malware using file permissions and features extracted from Android applications. Various machine learning algorithms are trained on datasets of benign and malicious applications, and their performance is evaluated based on accuracy, classification reports, and confusion matrices.
Abstract: The exponential growth of the internet and new technology lead today's world in a hectic situation both positive as well as the negative module. Cybercriminals gamble in the dark net using numerous techniques. This leads to cybercrime. Cyber threats like Malware attempt to infiltrate the computer or mobile device offline or internet, chat(online), and anyone can be a potential target. Malware is also known as malicious software is often used by cybercriminals to achieve their goal by tracking internet activity, capturing sensitive information, or blocking computer access. Reverse engineering is one of the best ways to prevent and is a powerful tool to keep the fight against cyber attacks. Most people in the cyber world see it as a black hat—It is said as being used to steal data and intellectual property. But when it is in the hands of cybersecurity experts, reverse engineering dons the white hat of the hero. Looking at the program from the outside in –often by a third party that had no hand in writing the code. It allows those who practice it to understand how a given program or system works when no source code is available. Reverse engineering accomplishing several tasks related to cybersecurity: finding system vulnerabilities, researching malware &analyzing the complexity of restoring core software algorithms that can further protect against theft. It is hard to hack certain software.
Keywords: Malware, threat, vulnerablity, detection, reverse engineering, analysis.
Title: Malware analysis and detection using reverse Engineering
Author: B.Rashmitha, J. Alwina Beauty Angelin, E.R. Ramesh
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Vol. 10, Issue 2, Month: April 2022 - June 2022
Page: (1-4)
Published Date: 01-April-2022
Research Publish Journals
Available at: www.researchpublish.com
You can Direct download full research paper at given below link:
https://www.researchpublish.com/papers/malware-analysis-and-detection-using-reverse-engineering
Academia Link: https://www.academia.edu/76069664/Malware_analysis_and_detection_using_reverse_Engineering_Available_at_www_researchpublish_com_journal_name_International_Journal_of_Computer_Science_and_Information_Technology_Research
MACHINE LEARNING APPLICATIONS IN MALWARE CLASSIFICATION: A METAANALYSIS LITER...IJCI JOURNAL
With a text mining and bibliometrics approach, this study reviews the literature on the evolution
of malware classification using machine learning. This work takes literature from 2008 to 2022
on the subject of using machine learning for malware classification to understand the impact of
this technology on malware classification. Throughout this study, we seek to answer three main
research questions: RQ1: Is the application of machine learning for malware classification
growing? RQ2: What is the most common machine-learning application for malware
classification? RQ3: What are the outcomes of the most common machine learning
applications? The analysis of 2186 articles resulting from a data collection process from peerreviewed databases shows the trajectory of the application of this technology on malware
classification as well as trends in both the machine learning and malware classification fields of
study. This study performs quantitative and qualitative analysis using statistical and N-gram
analysis techniques and a formal literature review to answer the proposed research questions.
The research reveals methods such as support vector machines and random forests to be
standard machine learning methods for malware classification in efforts to detect maliciousness
or categorize malware by family. Machine learning is a highly researched technology with
many applications, from malware classification and beyond.
Optimised Malware Detection in Digital Forensics IJNSA Journal
This summarizes a research paper that proposes developing a new framework to optimize malware detection in digital forensics investigations. The paper discusses challenges with existing detection methods, such as signature-based approaches requiring extensive manual analysis. Through a market research survey of forensics professionals, the paper finds weaknesses in current skills, tools, and accuracy rates. Most respondents agreed a new customized detection tool is needed that employs both dynamic and static analysis methods. The proposed framework aims to address these issues to more effectively detect and analyze malware.
Review on mobile threats and detection techniquesijdpsjournal
Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details
such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards
cyber-criminals. In this research work, we have done a systematic review of the terms related to malware
detection algorithms and have also summarized behavioral description of some known mobile malwares
in tabular form. After careful solicitation of all the possible methods and algorithms for detection of
mobile-based malwares, we give some recommendations for designing future malware detection algorithm
by considering computational complexity and detection ration of mobile malwares.
Optimised malware detection in digital forensicsIJNSA Journal
On the Internet, malware is one of the most serious threats to system security. Most complex issues and
problems on any systems are caused by malware and spam. Networks and systems can be accessed and
compromised by malware known as botnets, which compromise other systems through a coordinated
attack. Such malware uses anti-forensic techniques to avoid detection and investigation. To prevent systems
from the malicious activity of this malware, a new framework is required that aims to develop an optimised
technique for malware detection. Hence, this paper demonstrates new approaches to perform malware
analysis in forensic investigations and discusses how such a framework may be developed.
This document proposes a deep learning approach for detecting Android malware using autoencoders. It extracts five different feature sets from Android apps, including permissions, intent filters, API calls, additional APK files, and certificate information. These features are used to train an autoencoder model to classify apps as either benign or malicious. The methodology involves decompiling apps, extracting features, constructing the feature sets, training the autoencoder in a semi-supervised manner on labeled and unlabeled data, and testing the trained model. Experimental results show the proposed approach can identify malware with high accuracy.
Malware Risk Analysis on the Campus Network with Bayesian Belief NetworkIJNSA Journal
This document discusses using a Bayesian Belief Network (BBN) to analyze malware risk on a university campus network. It begins by introducing the campus network monitoring tools and SIR epidemiological model used to model malware propagation. It then provides background on BBN principles, including defining nodes, conditional probabilities, and using the network to compute joint probabilities. The document proposes applying a BBN to assess malware prevalence risk by relating threat, vulnerability, and cost impact on network assets. It aims to provide understandable risk assessments to inform decision making.
Malware Risk Analysis on the Campus Network with Bayesian Belief NetworkIJNSA Journal
A security network management system is for providing clear guidelines on risk evaluation and assessment for enterprise networks. The threat and risk assessment is conducted to safeguard enterprise network services to maintain system confidentiality, integrity, and availability through effective control strategies. In this paper, based on our previous work in analyzing integrated information security management and malware propagation on the campus network through mathematical modelling, we proposed Bayesian Belief Network with inference level indicator to enable the decision maker to understand and provide appropriate mitigation decisions on the risks posed. We experimentally placed monitoring sensors on the campus network that gives the threat alert priority levels and magnitude on the vulnerable information assets. These methods will give a direction on the belief inferred due to malware prevalence on the information security assets for better understanding.
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...IJNSA Journal
Malicious software is constantly being developed and improved, so detection and classification of malwareis an ever-evolving problem. Since traditional malware detection techniques fail to detect new/unknown malware, machine learning algorithms have been used to overcome this disadvantage. We present a Convolutional Neural Network (CNN) for malware type classification based on the API (Application Program Interface) calls. This research uses a database of 7107 instances of API call streams and 8 different malware types:Adware, Backdoor, Downloader, Dropper, Spyware, Trojan, Virus,Worm. We used a 1-Dimensional CNN by mapping API calls as categorical and term frequency-inverse document frequency (TF-IDF) vectors and compared the results to other classification techniques.The proposed 1-D CNN outperformed other classification techniques with 91% overall accuracy for both categorical and TF-IDF vectors.
X-ware: a proof of concept malware utilizing artificial intelligenceIJECEIAES
Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures.
Ransomware Attack Detection based on Pertinent System Calls Using Machine Lea...IJCNCJournal
In the last few years, the evolution of information technology has resulted in the development of several interesting and sensitive fields such as the dark Web and cyber-criminality, especially using ransomware attacks. This paper aims to bring out only critical features and make their observation, or not, in software behaviour sufficient to decide whether it is ransomware or not. Therefore, we propose a new solution for ransomware detection based on machine learning algorithms and system calls. First, we introduce our produced dataset of collected system calls of both ransomware and Benignware. Then, we push preprocessing steps deeply to reduce efficiently data dimensionality. After that, we introduce a new technique to select pertinent features. Next, we bring out the critical system calls, their importance and their contribution to the distinction between dataset elements. Finally, we present our model that achieves an overall accuracy of 99.81% after K-Fold cross-validation.
Ransomware Attack Detection Based on Pertinent System Calls Using Machine Lea...IJCNCJournal
In the last few years, the evolution of information technology has resulted in thedevelopmentof several interesting and sensitive fields such as the dark Web and cyber-criminality, especially using ransomware attacks. This paper aims to bring out only critical features and make their observation, or not, in software behaviour sufficient to decide whether it is ransomware or not. Therefore, we propose a new solution for ransomware detection based on machine learning algorithms and system calls. First, we introduce our produced dataset of collected system calls of both ransomware and Benignware. Then, we push pre-processing steps deeply to reduce efficiently data dimensionality. After that, we introduce a new technique to select pertinent features. Next, we bring out the critical system calls, their importance and their contribution to the distinction between dataset elements. Finally, we present our model that achieves an overall accuracy of 99.81% after K-Fold cross-validation.
Malware is a worldwide pandemic. It is designed to damage computer systems without
the knowledge of the owner using the system. Software‟s from reputable vendors also contain
malicious code that affects the system or leaks information‟s to remote servers. Malware‟s includes
computer viruses, spyware, dishonest ad-ware, rootkits, Trojans, dialers etc. Malware detectors are
the primary tools in defense against malware. The quality of such a detector is determined by the
techniques it uses. It is therefore imperative that we study malware detection techniques and
understand their strengths and limitations. This survey examines different types of Malware and
malware detection methods.
Basic survey on malware analysis, tools and techniquesijcsa
The term malware stands for malicious software. It is a program installed on a system without the
knowledge of owner of the system. It is basically installed by the third party with the intention to steal some
private data from the system or simply just to play pranks. This in turn threatens the computer’s security,
wherein computer are used by one’s in day-to-day life as to deal with various necessities like education,
communication, hospitals, banking, entertainment etc. Different traditional techniques are used to detect
and defend these malwares like Antivirus Scanner (AVS), firewalls, etc. But today malware writers are one
step forward towards then Malware detectors. Day-by-day they write new malwares, which become a great
challenge for malware detectors. This paper focuses on basis study of malwares and various detection
techniques which can be used to detect malwares.
IRJET - An Automated System for Detection of Social Engineering Phishing Atta...IRJET Journal
1) The document presents a machine learning approach to detect phishing URLs using logistic regression. It trains a logistic regression model on a dataset of 420,467 URLs that have been classified as either phishing or legitimate.
2) It preprocesses the URLs using tokenization before training the logistic regression model. The trained model is able to classify new URLs with 96% accuracy as either phishing or legitimate based on the URL features.
3) The proposed approach provides an automated way to detect phishing URLs in real-time and help prevent phishing attacks. Future work could involve developing a browser extension using this approach and increasing the dataset size for higher accuracy.
Permission based malware detection by using k means algorithm in Android OSBRNSSPublicationHubI
The document discusses a permission-based method for detecting malware in Android apps using k-means clustering. It extracts permission data from app manifest files, compares it to a database of malicious permissions, and uses k-means to classify apps as benign or malicious based on their permission ratios. The method was able to accurately detect malware in popular apps like WhatsApp and Facebook by identifying suspicious high levels of permissions for activities like SMS/call access.
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
Malware is an application that is harmful to your forensic information. Basically, malware analyses is the process of analysing the behaviours of malicious code and then create signatures to detect and defend against it.Malware, such as Trojan horse, Worms and Spyware severely threatens the forensic security. This research observed that although malware and its variants may vary a lot from content signatures, they share some behaviour features at a higher level which are more precise in revealing the real intent of malware. This paper investigates the various techniques of malware behaviour extraction and analysis. In addition, we discuss the implications of malware analysis tools for malware detection based on various techniques.
Similar to Hancitor malware recognition using swarm intelligent technique (20)
Hybrid model for detection of brain tumor using convolution neural networksCSITiaesprime
The development of aberrant brain cells, some of which may turn cancerous, is known as a brain tumor. Magnetic resonance imaging (MRI) scans are the most common technique for finding brain tumors. Information about the aberrant tissue growth in the brain is discernible from the MRI scans. In numerous research papers, machine learning, and deep learning algorithms are used to detect brain tumors. It takes extremely little time to forecast a brain tumor when these algorithms are applied to MRI pictures, and better accuracy makes it easier to treat patients. The radiologist can make speedy decisions because of this forecast. The proposed work creates a hybrid convolution neural networks (CNN) model using CNN for feature extraction and logistic regression (LR). The pre-trained model visual geometry group 16 (VGG16) is used for the extraction of features. To reduce the complexity and parameters to train we eliminated the last eight layers of VGG16. From this transformed model the features are extracted in the form of a vector array. These features fed into different machine learning classifiers like support vector machine (SVM), naïve bayes (NB), LR, extreme gradient boosting (XGBoost), AdaBoost, and random forest for training and testing. The performance of different classifiers is compared. The CNN-LR hybrid combination outperformed the remaining classifiers. The evaluation measures such as recall, precision, F1-score, and accuracy of the proposed CNN-LR model are 94%, 94%, 94%, and 91% respectively.
Implementing lee's model to apply fuzzy time series in forecasting bitcoin priceCSITiaesprime
Over time, cryptocurrencies like Bitcoin have attracted investor's and speculators' interest. Bitcoin's dramatic rise in value in recent years has caught the attention of many who see it as a promising investment asset. After all, Bitcoin investment is inseparable from Bitcoin price volatility that investors must mitigate. This research aims to use Lee's Fuzzy Time Series approach to forecast the price of Bitcoin. A time series analysis method called Lee's Fuzzy Time Series to get around ambiguity and uncertainty in time series data. Ching-Cheng Lee first introduced this approach in his research on time series prediction. This method is a development of several previous fuzzy time series (FTS) models, namely Song and Chissom and Cheng and Chen. According to most previous studies, Lee's model was stated to be able to convey more precise forecasting results than the classic model from the FTS. This study used first and second orders, where researchers obtained error values from the first order of 5.419% and the second order of 4.042%, which means that the forecasting results are excellent. But of both orders, only the first order can be used to predict the next period's Bitcoin price. In the second order, the resulting relations in the next period do not have groups in their fuzzy logical relationship group (FLRG), so they can not predict the price in the next period. This study contributes to considering investors and the general public as a factor in keeping, selling, or purchasing cryptocurrencies.
Sentiment analysis of online licensing service quality in the energy and mine...CSITiaesprime
The Ministry of Energy and Mineral Resources of the Republic of Indonesia regularly assessed public satisfaction with its online licensing services. User rated their satisfaction at 3.42 on a scale of 4, below the organization's average of 3.53. Evaluating public service performance is crucial for quality improvement. Previous research relied solely on survey data to assess public satisfaction. This study goes further by analyzing user feedback in text form from an online licensing application to identify negative aspects of the service that need enhancement. The dataset spanned September 2019 to February 2023, with 24,112 entries. The choice of classification methods on the highest accuracy values among decision tree, random forest, naive bayes, stochastic gradient descent, logistic regression (LR), and k-nearest neighbor. The text data was converted into numerical form using CountVectorizer and term frequency-inverse document frequency (TF-IDF) techniques, along with unigrams and bigrams for dividing sentences into word segments. LR bigram CountVectorizer ranked highest with 89% for average precision, F1-score, and recall, compared to the other five classification methods. The sentiment analysis polarity level was 36.2% negative. Negative sentiment revealed expectations from the public to the ministry to improve the top three aspects: system, mechanism, and procedure; infrastructure and facilities; and service specification product types.
Trends in sentiment of Twitter users towards Indonesian tourism: analysis wit...CSITiaesprime
This research analyzes the sentiment of Twitter users regarding tourism in Indonesia using the keyword "wonderful Indonesia" as the tourism promotion identity. This study aims to gain a deeper understanding of the public sentiment towards "wonderful Indonesia" through social media data analysis. The novelty obtained provides new insights into valuable information about Indonesian tourism for the government and relevant stakeholders in promoting Indonesian tourism and enhancing tourist experiences. The method used is tweet analysis and classification using the K-nearest neighbor (KNN) algorithm to determine the positive, neutral, or negative sentiment of the tweets. The classification results show that the majority of tweets (65.1% out of a total of 14,189 tweets) have a neutral sentiment, indicating that most tweets with the "wonderful Indonesia" tagline are related to advertising or promoting Indonesian tourism. However, the percentage of tweets with positive sentiment (33.8%) is higher than those with negative sentiment (1.1%). This study also achieved training results with an accuracy rate of 98.5%, precision of 97.6%, recall of 98.5%, and F1-score of 98.1%. However, reassessment is needed in the future as Twitter users' sentiments can change along with the development of Indonesian tourism itself.
The impact of usability in information technology projectsCSITiaesprime
Achieving success in information system and technology (IS/IT) projects is a complex and multifaceted endeavour that has proven difficult. The literature is replete with project failures, but identifying the critical success factors contributing to favourable outcomes remains challenging. The triad of Time-Cost-Quality is widely accepted as key to achieving project success. While time and cost can be quantified and measured, quality is a more complex construct that requires different metrics and measurement approaches. Utilizing the PRISMA Methodology, this study initiated a comprehensive search across literature databases and identified 142 relevant articles pertaining to the specified keywords. A subset of ten articles was deemed suitable for further examination through rigorous screening and eligibility assessments. Notably, a primary finding indicates that despite recognizing usability as a critical element, there is a tendency to neglect usability enhancements due to time and resource constraints. Regarding the influence of usability on project success, the active involvement of end-users emerges as a pivotal factor. Moreover, fostering the enhancement of Human Computer Interaction (HCI) knowledge within the development team is essential. Failure to provide good usability can lead to project failure, undermining user satisfaction and adoption of the technology.
Collecting and analyzing network-based evidenceCSITiaesprime
Since nearly the beginning of the Internet, malware has been a significant deterrent to productivity for end users, both personal and business related. Due to the pervasiveness of digital technologies in all aspects of human lives, it is increasingly unlikely that a digital device is involved as goal, medium or simply ‘witness’ of a criminal event. Forensic investigations include collection, recovery, analysis, and presentation of information stored on network devices and related to network crimes. These activities often involve wide range of analysis tools and application of different methods. This work presents methods that helps digital investigators to correlate and present information acquired from forensic data, with the aim to get a more valuable reconstructions of events or action to reach case conclusions. Main aim of network forensic is to gather evidence. Additionally, the evidence obtained during the investigation must be produced through a rigorous investigation procedure in a legal context.
Agile adoption challenges in insurance: a systematic literature and expert re...CSITiaesprime
The drawback of agile is struggled to function in large businesses like banks, insurance companies, and government agencies, which are frequently associated with cumbersome processes. Traditional software development techniques were cumbersome and pay more attention to standardization and industry, this leads to high costs and prolonged costs. The insurance company does not embrace change and agility may find themselves distracted and lose customers to agile competitors who are more relevant and customer-centric. Thus, to investigate the challenges and to recognize the prospect of agile adoption in insurance industry, a systematic literature review (SLR) in this study was organized and validated by expert review from professional with expertise in agile. The project performance domain from project management body of knowledge (PMBOK) was applied to align the challenges and the solution. Academicians and practitioners can acquire the perception and knowledge in having exceeded understanding about the challenge and solution of agile adoption from the results.
Exploring network security threats through text mining techniques: a comprehe...CSITiaesprime
In response to the escalating cybersecurity threats, this research focuses on leveraging text mining techniques to analyze network security data effectively. The study utilizes user-generated reports detailing attacks on server networks. Employing clustering algorithms, these reports are grouped based on threat levels. Additionally, a classification algorithm discerns whether network activities pose security risks. The research achieves a noteworthy 93% accuracy in text classification, showcasing the efficacy of these techniques. The novelty lies in classifying security threat report logs according to their threat levels. Prioritizing high-risk threats, this approach aids network management in strategic focus. By enabling swift identification and categorization of network security threats, this research equips organizations to take prompt, targeted actions, enhancing overall network security.
An LSTM-based prediction model for gradient-descending optimization in virtua...CSITiaesprime
A virtual learning environment (VLE) is an online learning platform that allows many students, even millions, to study according to their interests without being limited by space and time. Online learning environments have many benefits, but they also have some drawbacks, such as high dropout rates, low engagement, and students' self-regulated behavior. Evaluating and analyzing the students' data generated from online learning platforms can help instructors to understand and monitor students learning progress. In this study, we suggest a predictive model for assessing student success in online learning. We investigate the effect of hyperparameters on the prediction of student learning outcomes in VLEs by the long short-term memory (LSTM) model. A hyperparameter is a parameter that has an impact on prediction results. Two optimization algorithms, adaptive moment estimation (Adam) and Nesterov-accelerated adaptive moment estimation (Nadam), were used to modify the LSTM model's hyperparameters. Based on the findings of research done on the optimization of the LSTM model using the Adam and Nadam algorithm. The average accuracy of the LSTM model using Nadam optimization is 89%, with a maximum accuracy of 93%. The LSTM model with Nadam optimisation performs better than the model with Adam optimisation when predicting students in online learning.
Generalization of linear and non-linear support vector machine in multiple fi...CSITiaesprime
Support vector machines (SVMs) are a set of related supervised learning methods used for classification and regression. They belong to a family of generalized linear classifiers. In other terms, SVM is a classification and regression prediction tool that uses machine learning theory to maximize predictive accuracy. In this article, the discussion about linear and non-linear SVM classifiers with their functions and parameters is investigated. Due to the equality type of constraints in the formulation, the solution follows from solving a set of linear equations. Besides this, if the under-consideration problem is in the form of a non-linear case, then the problem must convert into linear separable form with the help of kernel trick and solve it according to the methods. Some important algorithms related to sentimental work are also presented in this paper. Generalization of the formulation of linear and non-linear SVMs is also open in this article. In the final section of this paper, the different modified sections of SVM are discussed which are modified by different research for different purposes.
Designing a framework for blockchain-based e-voting system for LibyaCSITiaesprime
A transition to democratic rule is considered the first step down a long road towards Libya’s recovery and prosperity. Thus, it strives to improve the country’s elections by introducing new technologies. A blockchain is a distributed ledger that is characterised by independence and security. Therefore, it has been widely applied in various fields ranging from credit encryption and digital currency. With the development of internet technology, electronic voting (E-voting) systems have been greatly popularised. However, they suffer from various security threats, which create a sense of distrust among existing systems. Integrating blockchain with online elections is a promising trend, which could lead to make an election transparent, immutable, reliable, and more secure. In this paper, we present a literature review and a case analysis of blockchain technology. Moreover, a framework for an E-voting system based on blockchain is proposed. The methodology is adopted on the basis of three activities, they are identification of the relevant literature about E-voting, system modelling, and the determination of suitable technological tools. The framework is secure and reliable. Thus, it could help increase the number of voters and ensure a high level of participation, as well as facilitate free and fair electoral processes.
Development reference model to build management reporter using dynamics great...CSITiaesprime
The digital technology transformation impacts changes in business patterns that require companies to innovate to act appropriately in making strategic decisions quickly, precisely, and accurately to increase efficiency, be practical company performance, and impacts changes in business patterns that require companies to innovate to act appropriately in making strategic decisions quickly to improve the performance. An enterprise resource planning (ERP) system is one step toward achieving performance. ERP system is one step to achieving performance. ERP system is essential for companies to automate the efficiency of business processes. The decisions from management in implementing the ERP system are necessary for ERP implementation to be successful. However, in practice, companies still experience complexity. For that, it needs to be considered related a business process reference model is essential to enhance efficiency in implementing the ERP used. This research discusses the business process reference model based on the ERP dynamics great plain (GP) application aggregated using management reporter (MR) to help users better understand the practical overview. The methodology utilizes a reference model based on Microsoft Dynamics GP guidelines with a business process redesign approach. This contributes to developing business processes to help users understand using the ERP dynamics GP application.
Social media and optimization of the promotion of Lake Toba tourism destinati...CSITiaesprime
Tourism is one of the largest contributors to Indonesia's foreign exchange earnings, surpassing taxation, energy, and gas. This study seeks to investigate the use of social media to optimize the promotion of Lake Toba as a tourist destination, which has been impacted by the COVID-19 pandemic. Using interview techniques and live field observations, it was discovered that social media, particularly the Instagram platform, play a significant role in promoting Lake Toba tourism. The Department of Culture and Tourism of the North Sumatra Province uses landscape photography as its primary promotion method, which has proved to be more effective and interesting than conventional methods such as the distribution of brochures or the use of manuals. The capture procedure and techniques for landscape photography were carried out by professional photographers in collaboration with the Department of Culture and Tourism of the North Sumatra Province. In addition to providing information, tourism sumut's Instagram account functions as a platform to raise public awareness about Lake Toba tourism and as a promotional medium for North Sumatra's tourist attractions on an international scale. Department of Culture and Tourism of the North Sumatra Province collaborates with travel agencies and local communities to disseminate Lake Toba tourism information.
Caring jacket: health monitoring jacket integrated with the internet of thing...CSITiaesprime
One of the policies that have been made by the World Health Organization (WHO) and the Indonesian government during this COVID-19 pandemic, is to use an oximeter for self-isolation patients. The oximeter is used to monitor the patient if happy hypoxia which is a silent killer, happens to the patient. To maintain body endurance, exercise is needed by COVID-19 patients, but doing too much exercise can also cause decreased immunity. That’s why fatigue level and exercise intensity need to be monitored. When exercising, social distancing protocol should be also reminded because can lower COVID-19 spreading up to 13.6%. To solve this issue, the Caring Jacket is proposed which is a health monitoring jacket integrated with an IoT system. This jacket is equipped with some sensors and the global positioning system (GPS) for tracking. The data from the test showed the temperature reading accuracy is up to 99.38%, the oxygen rate up to 97.31%, the beats per minute (BPM) sensor up to 97.82%, and the precision of all sensors is 97.00% compared with a calibrated device.
Net impact implementation application development life-cycle management in ba...CSITiaesprime
Digital transformation in the banking sector creates a lot of demand for application development, either new development or application enhancement. Continuous demand for reimagining, revamping, and running applications reliably needs to be supported by collaboration tools. Several big banks in Indonesia use Atlassian products, including Jira, Confluence, Bamboo, Bitbucket, and Crowd, to support strategic company projects. We need to measure the net impact of application development life-cycle management (ADLM) as a collaboration tool. Using the deLone and McLean model, process questionnaire data from banks in Indonesia that use ADLM. Processing data using structural equation modeling (SEM), multiple variables are analyzed statistically to establish, estimate, and test the causation model. The conclusions highlight that system quality strongly affected only User Satisfaction (p=0.049 and β=0.39). Information quality strongly affected use (p=0.001 and β=0.84) and strongly affected user satisfaction (p=0.169 and β=0.28). Service quality strongly affected only use (p=0.127 and β=0.31). Conclusion research verifies the information system's achievement approach described by DeLone and McLean. Importantly, it was discovered that system usability and quality were key indicators of ADLM success. To fulfill their objective, ADLM must be developed in a way that is simple to use, adaptable, and functional.
Circularly polarized metamaterial Antenna in energy harvesting wearable commu...CSITiaesprime
When battery powered sensors are spread out in places that are sometimes hard to reach, sustaining them become difficult. Therefore, to develop this technology on a large scale such as in the internet of things (IoT) scenario, it is necessary to figure out how to power them. The proffered solution in this work, is to get energy from the environment using energy harvesting Antennas. This work presents a wearable circular polarized efficient receiving and transmitting sensors for medical, IoT, and communication systems at the frequency range of WLAN, and GSM from 900 MHz up to 6 GHz. Using a cascaded system block of a circularly polarized Antenna, a rectifier and t-matching network, the design was successfully simulated. A DC charging voltage of 2.8V was achieved to power-up batteries of the wearable and IoT sensors. The major contribution of this work is the tri-band Antenna system which is able to harvest reflected Wi-Fi frequencies and also GSM frequencies combined in a miniaturized manner. This innovative configuration is a step forward in building devices with over 80% duty cycle.
An ensemble approach for the identification and classification of crime tweet...CSITiaesprime
Twitter is a famous social media platform, which supports short posts limited to 280 characters. Users tweet about many topics like movie reviews, customer service, meals they just ate, and awareness posts. Tweets carrying information about some crime scenes are crime tweets. Crime tweets are crucial and informative and separate classification is required. Identification and classification of crime tweets is a challenging task and has been the researcher’s latest interest. The researchers used different approaches to identify and classify crime tweets. This research has used an ensemble approach for the identification and classification of crime tweets. Tweepy and Twint libraries were used to collect datasets from Twitter. Both libraries use contrasting methods for extracting tweets from Twitter. This research has applied many ensemble approaches for the identification and classification of crime tweets. Logistic regression (LR), support vector machine (SVM), k-nearest neighbor (KNN), decision tree (DT), and random forest (RF) Classifier assigned with the weights of 1,2,1,1 and 1 respectively ensemble together by a soft weighted Voting classifier along with term frequency – inverse document frequency (TF-IDF) vectorizer gives the best performance with an accuracy of 96.2% on the testing dataset.
National archival platform system design using the microservice-based service...CSITiaesprime
Archives play a vital function concerning the dynamics of people and nations as an instrument to treasure information in diverse domains of politics, society, economics, culture, science, and technology. The acceleration of digital transformation triggers the implementation of a smart government that supports better public services. The smart government encourages a national archival system to facilitate archive producers and users. The four electronic-based government system (SPBE) factors in the archival sector and open archival information system (OAIS) as a data preservation standard are the benchmarks in developing this study's national archival platform system. An improved service computing system engineering (SCSE) framework adapted to the microservice architecture is used to aid the design of the national archival platform system. The proposed design met the four-factor service design validation of coupling, cohesion, complexity, and reusability. Also, the prototype suggests what resources are needed to put the design into action by passing the performance test of availability measurement.
Antispoofing in face biometrics: A comprehensive study on software-based tech...CSITiaesprime
The vulnerability of the face recognition system to spoofing attacks has piqued the biometric community's interest, motivating them to develop anti-spoofing techniques to secure it. Photo, video, or mask attacks can compromise face biometric systems (types of presentation attacks). Spoofing attacks are detected using liveness detection techniques, which determine whether the facial image presented at a biometric system is a live face or a fake version of it. We discuss the classification of face anti-spoofing techniques in this paper. Anti-spoofing techniques are divided into two categories: hardware and software methods. Hardware-based techniques are summarized briefly. A comprehensive study on software-based countermeasures for presentation attacks is discussed, which are further divided into static and dynamic methods. We cited a few publicly available presentation attack datasets and calculated a few metrics to demonstrate the value of anti-spoofing techniques.
The antecedent e-government quality for public behaviour intention, and exten...CSITiaesprime
An The main objective of the study is to identify the antecedent of leadership quality, public satisfaction and public behaviour intention of e-government service. Also, this study integrated e-government quality to expectation-confirmation model. In order to achieve these goals, observational research was then carried out to collect primary information, using the method of data dissemination and obtaining the opinion of 360 from the public using the e-government service and some of the e-government and software quality experts. The results of the study show that the positive association among the e-government services quality and public perceived usefulness, public expectation confirmation, leadership quality and public satisfaction that also play a positive role on the public behavior intention.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Hancitor malware recognition using swarm intelligent technique
1. Computer Science and Information Technologies
Vol. 2, No. 3, November 2021, pp. 103~112
ISSN: 2722-3221, DOI: 10.11591/csit.v2i3.p103-112 103
Journal homepage: http://iaesprime.com/index.php/csit
Hancitor malware recognition using swarm intelligent
technique
Laheeb M. Ibrahim1
, Maisirreem Atheeed Kamal2
, AbdulSattar A. Al-Alusi3
1,2
Department of Software Engineering, College of Computer Science & Math, University of Mosul, Mosul, Iraq
3
College of Security and Global Studies, American University in the Emirates, Dubai, United Arab Emirates
Article Info ABSTRACT
Article history:
Received Jun 6, 2020
Revised Mar 9, 2021
Accepted Apr 18, 2021
Malware is a global risk rife designed to destroy computer systems without the
owner's knowledge. It is still regarded as the most popular threat that attacks
computer systems. Early recognition of unknown malware remains a problem.
swarm intelligence (SI), usually customer societies, communicate locally with
their domain and with each other. Clients use very simple rules of behavior
and the interactions between them lead to smart appearance, noticeable,
individual behavior and optimized solution of problem and SI has been
successfully applied in many fields, especially for malware ion tasks. SI also
saves a considerable amount of time and enhances the precision of the malware
recognition system. This paper introduces a malware recognition system for
Hancitor malware using the gray wolf optimization (GWO) algorithm and
artificial bee colony (ABC) algorithm, which can effectively recognize
Hancitor in networks.
Keywords:
Artificial intelligent technique
Artificial bee colony algorithm
Gray wolves optimization
Hancitor malware
Malware recognition
Swarm intelligence This is an open access article under the CC BY-SA license.
Corresponding Author:
Laheeb M. Ibrahim
Department of Software Engineering
College of Computer Science & Math
University of Mosul
Aljameia, Mosul, Iraq
Email: laheeb_alzubaidy321966@uomosul.edu.iq
1. INTRODUCTION
Malware is recognized as a program created to disable computer operation and access to private
computer systems. When the malware is implemented, the malicious program designer takes advantage of the
benefit of accessing the computer systems of the infected device, and collects personal information and
everything that the device contains without the consent of the computer owner. Currently, malware is used to
steal important commercial and banking information. It is usually used widely against government websites,
corporate sites, and banks to collect protected information or disrupt its operation in general. Malware is usually
used against individuals to obtain personal information, such as bank card numbers. The different types of
malwares create damages due to their removal difficulty upon installation on the prey's machine. The severity
of the software ranges from minor inconvenience to irreparable harm that requires reformatting the hard drive.
Malware is considered a great danger and threats stand up to the world of the Internet and computer
networks today and these malwares usually come in various forms such as Trojan horse, Virus, Worm, Botnet,
Spyware, and Adware [1]. Fire Eye reported that 47% of organizations had encountered breaches of the
malware accident safety. Malware is constantly growing in size, diversity, and speed. Thus, malware has
become complex and uses new and advanced methods to infect computers and smart phones [1].
Many techniques were used in malware classification and recognition [2]. A deep neural network uses
for malware dynamic behavior recognition, in which deep neural network could recognise future malware
2. ISSN: 2722-3221
Comput. Sci. Inf. Technol., Vol. 2, No. 3, November 2021: 103 – 112
104
through the generative adversarial network implementation. A Swarm intelligent technique used for
recognition of malware as in [3], [4] where particle swarm optimization (PSO) is uses to build a system to
recognise malware, in these studies the researcher's refinement the rate of recognition with PSO. Vinod and
Dhanya [5] using PSO in the recognition of the algorithm and to improve the recognition rate. Vinod and
Dhanya [5] recognize malware using statistical approach. Another approach for recognising malware used as
in [6], where the researcher used a data mining method. The other researchers used machine learning for
recognising malware [7]-[11].
Another study used a hybrid approach which enhances the performance to recognise unknown
malware, recognizer proposed in [12]-[17], as [12], where it suggests a malware recognition system for Android
system using concept of hybrid intelligent depended on support vector machine (SVM) with evolutionary
algorithms (genetic algorithm (GA) and PSO) to enhance malware recognition, which is respectively referred
to as Droid-HESVMGA and Droid-HESVMPSO, to increase the precision rate to recognize malware. The
methods based on naive-bayes, SVM, and decision tree used as recognisers, are exhaustibles that boost decision
[13]. Tree is a top method used as a recogniser of malware. A malware recognition method has been proposed
using image processing methods, which depicts malware binary as gray scale images [14]. A K-nearest
neighbor technique with Euclidean distance method is used for malware recognition. Firdausi et al. [15]
proofed a concept of using hybrid intelligent to recognise malware based on 5 recognisers i.e., k-nearest
neighbors (kNN), naive bayes, J48 decision tree, SVM, and multilayer perceptron (MLP) neural network.
Santos et al. [16] built OPEM system, which used 4 algorithms as recognisers, these methods are Decision
Tree, kNN, Bayesian network, and SVM to recognise unknown malware, a similar work is done by [17] to
recognise the malware using SVM, IB1, DT and RF. Anderson et al. [18] proposed a method which used
support vector machine recognizer.
Malware classification and recognition using swarm intelligent technique are significant areas in the
recognition of malicious applications. The method used by malware recognize experts depends on the problem
and dataset regardless of the categorical or numerical output data, therefore swarm intelligent techniques can
be used for recognition, forecasting, and estimation malwares [3]. In this paper swarm intelligent (SI)
algorithms are used to recognise Hancitor malware because SI are familiar in recognition and classification
applications due to, they depended on simple idea and being accurate and easy concepts to implement, do not
require progressive information and it is often used to solve a wide range of problems that cover many
applications [19]. SI algorithms are divided in two categories depending on its type; the first type is the insect-
based category for example, ant colony optimization (ACO), artificial bee colony (ABC) etc. The second
category is animal-based algorithms which include PSO, artificial fish, and grey wolf optimization (GWO) etc
[19], [20]. Two of swarm intelligent algorithms to recognising Hancitor malware uses in this paper depend
on its categories, first for animal-based algorithms is GWO algorithm and second for insect-based category is
ABC algorithm. GWO is used in this paper to recognize Hanictor malware due to the advantages of GWO by
maintaining information on the search space overcome the course of iterations. The works in [19]-[21] uses
memory to store the best solution obtained, contains some parameters to adjust and implemented in easy
way [19] and GWO have capabilities to solve optimization problems [20]-[24] through the social hierarchy of
GWO.
The second SI algorithm used to identify Hancitor malware is the ABC algorithm where ABC
algorithm requires a minimum level of understanding of the problem area as it does not require complex
training data as the bee recruiter better updates himself with the attribute correlation and update directly on the
performance of the classification category than the knowledge of the waggle dance [25], [26]. Therefore, these
types of procedures certainly have a greater potential in improving classification accuracy. In an ABC data
classification, it can be a mimic behavior of insects to find the best food source, and build an ideal nest structure.
The bees distribute the workload among themselves, which does not classify the data incorrectly and are
homogeneous spectrum and spectral interference. Dancing behavior aids in optimal design. The Waggle dance
is one of the mechanisms for sharing the existing food source, which indicates a good candidate for developing
a new smart search for the optimal solution [25], [26]. The rest of the paper is arranged in the following style;
in section two is theoretical background explores malware recognition techniques and Hancitor malware and
its danger, while in section three the swarm intelligent techniques used in malware recognition, GWO and ABC
algorithms are explained. Section four presents the proposed model, followed by the results of the comparison
in section five, in section six the conclusion and future work.
2. MALWARE RECOGNITON TECHNIQUES
Hancitor sometimes called Tordal and Chanitor. The malware has been around since 2014. Hanictor
attack to infect users' devices is malicious spam campaigns; Hancitor mostly gets into devices with Microsoft
Office files. Once the user downloads and opens the malicious file, the malware either uses the lure to trick the
3. Comput. Sci. Inf. Technol.
Hancitor malware recognition using swarm intelligent technique (Laheeb M. Ibrahim)
105
victim into enabling macros or uses an exploit. After that Hancitor will be either downloaded from the C2
server or dropped from an Office file. The next step is its execution during which the malware downloads the
main payload, usually a Trojan such as Pony, Vawtrak, or DELoader. Hancitor method of infecting the victim's
machine using many ways, one of these ways is using .DOC attachments taking advantage of Microsoft’s
dynamic data exchange (DDE) technique. The user must first download the file and then activate macros,
ignoring multiple security warnings [27]. Malware authors use lures to trick users into doing that. Some
phishing emails contain an invoice or a fake payment related document, trying to make the user download it.
In addition, attackers provide instruction to enable macros. If the user complies, malicious macros will
download Hancitor or it will be dropped from the document. In some malspam campaigns, Hancitor was
delivered to victims with .RTF documents which used an exploit to run the PowerShell command which
downloaded the loader to the computer. Another way of Hancitor to infecting the victim's machine is by using
Excel spreadsheets as a trap document since December 17, 2018, the executable file (Hanictor) was instilled
in Excel spreadsheets, then Hancitor declining to a vulnerable Windows host after opening the spreadsheet in
Excel and enabling macros on January 28, 2019. However, the Hancitor campaign changed its decoy document
on February 5, 2019. This campaign went back to using Word documents instead of Excel spreadsheets. The
Hancitor executable was retrieved from a web server hosted on the same IP address (but a different domain)
as the initial Word document after enabling macros. The Hancitor infections on February 5, 2019, is shown in
Figure 1.
Figure 1. Hancitor malware infection on February 5, 2019
When Hancitor initially infects a system, it sends a POST request to its command and control (C&C)
server with information on the infected system. Figure 2 show the Hancitor malware Infected system.
Figure 2. Hancitor malware
3. WHY SWARM INTELLIGENCE (SI)
SI is a branch of artificial intelligence (AI) branches and is specified by Gerardo Beni and Jing Wang
in 1989. There are many purposes accountable for using SI algorithms based on flexibility, ease of use, speed
in implementation, versatility, the self-learning capability and adaptability to external variations. Also, SI used
4. ISSN: 2722-3221
Comput. Sci. Inf. Technol., Vol. 2, No. 3, November 2021: 103 – 112
106
to solve nonlinear problems in real-world applications in sciences, engineering, in bioinformatics applications,
recognition and classification technologies, and network security [19]-[21].
3.1. Grey wolf optimization (GWO)
GWO algorithm is suggested by [20], [22], [23] relying on social hierarchy and hunting habits for
gray wolves to find victims. There are four hierarchy types of individuals in Community of GWO these types
are alpha, beta, delta, and omega based on their fitness. Where the research process is done by designing a
model to mimic the hunting behavior of gray wolves through searching for prey, attacking the prey and
covering exploitation. In GWO algorithm the hunting method helps to determine the location of prey [20]. The
mathematical simulation of the GWO is explained in [28], and the GWO algorithm for Hancitor infection
malware recognition is presented follows.
GWO algorithm [20]
Initialize the parameters a, A, C
Initialize GWO population GWOi (i = 1, 2... m)
For Each search agent must calculate the fitness for it
GWOα= best search agent
GWOβ= second best search agent
GWOδ= third best search agent
While (i < Maximum No. of iterations)
For each search agent
Upgrade the position of the current search agent by
GWO (i + 1) = (GWO 1+ GWO 2 + ⃗ GWO 3) / 3
End for
Upgrade a, A, and C
Compute the fitness of all search agents
Upgrade GWO α, GWO β, and GWO δ
i++
End while
Return GWO α
3.2. Artificial bee colony (ABC)
The ABC algorithm is an optimization algorithm based on the intelligent foraging behavior of honey
bee swarm, proposed by Derviş Karaboğa in 2005, the colony into the ABC algorithm contain from three types
of bees: employed bees, onlookers and scouts. In ABC they are simulated to only one artificial bee for each
food source, where the numbers of bees used in the colony are equal to the number of food sources around the
hive. In ABC, employed bees go to their food source, return to the hive and dance in this region. Employed
bees whose food source has been abandoned become scouts and begin to search for a new source of food.
Onlookers watch the dances of employed bees and choose food sources according to the dances.
ABC differ from another swarm intelligence algorithms based on the situation that the potential
solutions are appear by the food sources, not the individuals in the population. The quality of the potential
solution is presented as a fitness value; the fitness value is calculated by the value of the objective function of
the problem. In the ABC algorithm onlookers and employed bees carry out the exploitation process in the
search space, while the scouts control the exploration process. The phases of ABC algorithm and mathematical
equations are in [29]. Pseudo-code of the ABC algorithm for constrained optimization problems [30] is:
− Initialize the population of solutions and evaluate the population, where xi (i = 1, 2, SN) is a D-
dimensional vector present the solution, SN represent the size of the population.
− Initialize value of cycle by 1
− Do while cycle not equal MCN
− Calculate new solutions for the employed bees, as in (1)
v𝑖,𝑗 = {
x𝑖,𝑗 + ∅𝑖,𝑗 × (x𝑖,𝑗 − x𝑘,𝑗), R𝑗 < MR
x𝑖,𝑗 𝑜𝑡ℎ𝑒𝑟𝑤𝑖𝑠𝑒
(1)
Where k is a random number (1 - SN/2) and different from i.
− Calculate selection operation depends on Deb’s method [31].
− Constraint violations (CV), as in (2) and calculate the probability values (pi) for xi using fitness of the
solutions, as (3).
5. Comput. Sci. Inf. Technol.
Hancitor malware recognition using swarm intelligent technique (Laheeb M. Ibrahim)
107
𝐶𝑉 = ∑ 𝑔𝑗
𝑔𝑗 >0
(𝑥) + ∑ ℎ𝑗
𝑚
𝑞+1 (𝑥) (2)
𝑃𝑖 = {
0.5 + (
𝑓𝑖𝑡𝑛𝑒𝑠𝑠 𝑖
∑ 𝑓𝑖𝑡𝑛𝑒𝑠𝑠 𝑖
𝑆𝑁
𝑖=1
) × 0.5 𝑖𝑓 𝑠𝑜𝑙𝑢𝑡𝑖𝑜𝑛 𝑖𝑠 𝑓𝑒𝑎𝑠𝑖𝑏𝑙𝑒
(1 −
𝐶𝑉
∑ 𝐶𝑉
𝑆𝑁
𝑖=1
) × 0.5 𝑖𝑓 𝑠𝑜𝑙𝑢𝑡𝑖𝑜𝑛 𝑖𝑠 𝑖𝑛𝑓𝑒𝑎𝑠𝑖𝑏𝑙𝑒
(3)
− Product a new solution vij, as in (1) for each onlooker bee in the neighbourhood of the solution selected
depending on pi and evaluate it
− Calculate selection operation the value between (υi - xi) depended on Deb’s method
− Use “limit” parameter for the scout to decide the disused solutions. if they exist, replace them with new
randomly produced solutions, as in (4)
𝑥𝑖𝑗 = 𝑙𝑏𝑗 + 𝑟𝑎𝑛𝑑(0,1) × (𝑢𝑏𝑗 − 𝑙𝑏𝑗) (4)
− Store the best solution completed up till now
− cycle = cycle+1
− End do
4. PROPOSED MODEL
In this paper a recogniser system is designed to recognise Hancitor traffic from normal traffic, to allow
the network administrator to make the appropriate decision, See Figure 3. In proposed model a Hancitor method
of infecting the victim's machine is using .DOC attachments taking advantage of Microsoft’s dynamic data
exchange (DDE) technique, netflow traffic analyzer (NTA) tool Ver. 9 used to collect network traffics by
capturing them and obtaining the data used in the proposed model. The captured traffics (normal or Hancitor
malware traffics) are then stored in the Hancitor data file. The collected traffics are used for the selection of
some features related to the underlying network traffic to select the following attributes (Source IP, Destination
IP, Protocol, Timeline, and Length), see Table 1. After the selection of attributes, the monitored traffics are
used as input to the recogniser (GWO and ABC algorithms) to recognise the traffic into Hancitor or normal
traffic. GWO and ABC swarm intelligent algorithms are used to recognise Hancitor traffics on the network
using the attributes. The underlying conveyances and the parameters used in the tests are significant. The
parameters of the gray-wolf optimizer are chosen after running a few tests to obtain satisfactory outcomes.
GWO was initialized with:
− Population of GWO: Number of gray wolves = 20.
− Maximum iteration number = 150.
− The values of a = (2 to 0)
The fitness function as given by Euclidean distance, as in (5) is calculated to have best solution after
first iteration as “α-wolf”, and “β” and “δ” wolves, and the second and third best solution are β and δ
𝐷 = √∑ (𝑞𝑖
𝑛
𝑖=1 − 𝑝𝑖) 2 (5)
The parameters of the ABC algorithm are chosen after running a few tests to obtain satisfactory
outcomes. ABC was initialized with:
− Population size of ABC: Employed bees = 30.
− Maximum iteration number = 100.
− Limite = 30
The fitness function as given by Euclidean distance, as in (5) is calculated to have best solution after
first iteration.
To measure the performance of the GWO and ABC algorithms to recognize Hancitor malware two
equations are used. [4], [16], these equations are Accuracy of Recognition packets used to calculate the
percentage of correctly classified packets (normal or Hancitor packet) among the total number of packets is
computed, as in (6) and false alarm rate (FAR) where FAR is referred to as the false positive rate (FPR) or
sensitivity, as in (7):
𝐴𝐶𝐶 =
𝑇𝑁+𝑇𝑃
𝑇𝑁+𝐹𝑃+𝐹𝑁+𝐹𝑃
(6)
6. ISSN: 2722-3221
Comput. Sci. Inf. Technol., Vol. 2, No. 3, November 2021: 103 – 112
108
𝐹𝐴𝑅 =
𝐹𝑃
𝑇𝑁+𝐹𝑃
(7)
where true positive (TP): correctly identified Hancitor malware; true negative (TN): incorrectly identified
Hancitor malware; false positive (FP): correctly rejected Hancitor malware; and false negative (FN):
incorrectly rejected Hancitor malware.
Figure 3. Proposed model
Table 1. Derived statistic attributes from the captured file
Feature name Feature contents
Length Size of the whole packet include header, trailer and data that send on
the packet
Snapshot(length) The amount of data for each frame that actually captured by the
network capturing tool and stored into the capture file
Last packet elapse Capture time and duration of the last packet
Packet The number of protocol packet from the total capture packet
Time span/s Is the time between the first and last packet
Average App Average app: information about NetFlow Traffic Analyzer hardware.
Average size The average size of the header on the packet
Bytes The number of protocol bytes from the total capture packets
Average Byte/s The average number of protocol bytes from the total capture packets
Average Bits/s The average bandwidth of this protocol in relation to the capture time
5. EXPERIMENTAL RESULT
The proposed recognition model for Hancitor malware was implemented in MATLAB version
R2015a. The proposed model performed GWO and ABC algorithms on the set of packets stored in the Hancitor
data file to recognise Hancitor traffics. Two experiments were conducted in the proposed work based on two
types of packets:
− Packets based on statistic attributes (Length, Packet size limit, Elapsed, Packets, Time span(s), Average
ppsmm Average packet size (B), Bytes, Average bytes/s, Average bits/s), see Table 2, the size of packets
based on statistic attributes are 3000 packets.
− Packets based on IPv4 characteristics, see Tables 3 and 4, the size of packets based on IPv4 characteristics
are 3000 packets.
8. ISSN: 2722-3221
Comput. Sci. Inf. Technol., Vol. 2, No. 3, November 2021: 103 – 112
110
Table 5. Accuracy of GWO and ABC Algorithms for recognition Hancitor malware, After performing
experiments on two types of data packets using the GWO algorithm to recognise Hancitor malware, the
Experimental result shows that using data based on attributes is better than using data based on IPv4
characteristics to recognise Hancitor malware, see Figure 4, and also after performing experiments using ABC
algorithm on two types of data packets to recognise Hancitor malware, the Experimental result also show that
using data based on attributes is better than using data based on IPv4 characteristics to recognise Hancitor
malware, see Figure 5.
Figure 4. Recognition accuracy result for Hancitor
using the GWO algorithm
Figure 5. Recognition accuracy result for Hancitor
using the ABC algorithm
From Table 5 and Figure 6, we note that the accuracy rate of the recognition of Hancitor malware using
ABC algorithm is better than GWO algorithm in the two types of data Packets based on statistic attributes and Packets
based on IPv4 characteristics, and also the False Alarm Rate in ABC algorithm is lower than GWO for two types of
data. ABC algorithm is better than GWO algorithm to recognise Hancitor malware in spite of our use of an equal
number of packets and the same data because ABC algorithm does not require a complex data training, whether it is
simple or complex training data, but rather requires an understanding of the minimum understanding of the problem
area that helped in accuracy and speed of discrimination.
Using SI in recognise Hancitor Malware have big advantages, becuase SI presents similar intelligent
collective behavior, where SI provides intelligent solutions to problems by the self-organization and
communication between individuals in the swarm, and the seamless coordination of all individual activities
does not require supervisor. GWO and ABC algorithms used to detect correctly a Hancitor malware in a fast
and high recognition rate because GWO and ABC swarm intelligence algorithms have a big advantage, where
ABC algorithm is a simplest swarm intelligence algorithm and delivers highly accurate results for optimization
problems with levels ranging from simplicity to complexity, and it proved that the ABC algorithm is the best
choice for solving Hanictor malware problems and can be applied to many applications, also GWO was
identified to be sufficient competitive with other state-of-the-art met heuristic methods to recognised Hanictor
malware, it achieves better performance.
Figure 6. Recognition accuracy result for Hancitor using the GWO and ABC algorithms
9. Comput. Sci. Inf. Technol.
Hancitor malware recognition using swarm intelligent technique (Laheeb M. Ibrahim)
111
6. CONCLUSION
A new model uses GWO and ABC to recognise Hancitor malware behaviors is proposed. It can
protect users from Hancitor malware attacks. In this research GWO and ABC have ability to recognise correctly
a Hancitor malware in a fast and precision recognition rate. ABC and GWO gives good results for recognize
the existence of Hancitor in the network with accuracy of 79.2% by using ABC and 95.8% using GWO for
data depend on static attributes, for the second type of data depend on IPv4 characteristics the recognition rate
is 94.3% by using ABC and 92% by using GWO. The prediction of percentage of infection has good
performance using ABC better than GWO with data depend on static attributes better than data depend on IPv4
characteristics.
REFERENCES
[1]. E. Gandotra, D. Bansal, and S. Sofat, “Malware Analysis and Classification: A Survey,” in Journal of Information
Security, vol. 5, no. 2, pp. 56-64, 2014, doi: 10.4236/jis.2014.52006.
[2]. S. Lu et al., “New Era of Deep learning Based Malware Intrusion: The Malware Detection and Prediction Based on
Deep Learning,” Computer Science, Cryptography and Security, 2019. [online] Available:
https://arxiv.org/abs/1907.08356
[3]. O.S. Adebayo and N. A. Aziz, “Improved Malware Detection Model with A priori Association Rule and Particle
Swarm Optimization,” Hindawi Security and Communication Networks, vol. 2019, pp. 1-13, 2019, doi:
10.1155/2019/2850932.
[4]. T. S. Sobh, “Hybrid Swarm Intelligence and Artificial Neural Network for Mitigating Malware Effects,” Recent
Patents on Computer Science, vol. 7, no. 1, pp. 38-53, 2014.
[5]. M. V. Varsha, P. Vinod and K. A. Dhanya, “Identification of Malicious Android App using Manifest and Op-code
Features,” Journal of Computer Virology and Hacking Techniques, vol. 13, no. 2, pp. 125-138, 2017, doi:
10.1007/s11416-016-0277-z.
[6]. W. W. Cohen, “Fast Effective Rule Induction,” in Proceedings of 12th International Conference on Machine
Learning, San Francisco, 1995, pp. 115-123, doi: 10.1016/B978-1-55860-377-6.50023-2.
[7]. M. Hall, E. Frank, G. Holmes, B. Pfahringer, P. Reutemann, and I. H. Witten, “The WEKA Data Mining Software:
An Update,” ACM SIGKDD Explorations Newsletter, vol. 11, no. 1, pp.10-18, 2009, doi: 10.1145/1656274.1656278.
[8]. I. Santos, J. Nieves, and P. G. Bringas, “Semi-Supervised Learning for Unknown Malware Detection,” International
Symposium on Distributed Computing and Artificial Intelligence Advances in Intelligent and Soft Computing, 2011,
vol. 91, pp. 415-422, doi: 10.1007/978-3-642-19934-9_53.
[9]. M. Siddiqui, M. C. Wang, and J. Lee, “Detecting Internet Worms Using Data Mining Techniques,” Journal of
Systemic, Cybernetics and Informatics, vol. 6, no. 6, pp. 48-53, 2009.
[10]. K. Rieck, P. Trinius, C. Willems, and T. Holz, “Automatic Analysis of Malware Behavior Using Machine Learning,”
Journal of Computer Security, vol. 19, no. 4, pp. 639-668, 2011, doi: 10.3233/JCS-2010-0410.
[11]. T. Lee, “Behavioral Classification,” Proceedings of the European Institute for Computer Antivirus Research
Conference (EICAR’06), 2006.
[12]. W. Ali, “Hybrid Intelligent Android Malware Detection Using Evolving Support Vector Machine Based on Genetic
Algorithm and Particle Swarm Optimization,” IJCSNS International Journal of Computer Science and Network
Security, vol. 19, no. 9, pp. 15-28, 2019.
[13]. J. Z. Kolter, and M. A. Maloof, “Learning to Detect Malicious Executable in the Wild,” in Proceedings of the 10th
ACMSIGKDD International Conference on Knowledge Discovery and Data Mining, 2004, pp. 470-478, doi:
10.1145/1014052.1014105.
[14]. L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath “Malware Images: Visualization and Automatic
Classification,” Proceedings of the 8th International Symposium on Visualization for Cyber Security, 2011, pp. 1-7,
doi: 10.1145/2016904.2016908.
[15]. I. Firdausi, C. lim, A. Erwin and A. S. Nugroho, “Analysis of Machine Learning Techniques Used in Behavior Based
Malware Detection,” 2010 Second International Conference on Advances in Computing, Control, and
Telecommunication Technologies, 2010, pp. 201-203, doi: 10.1109/ACT.2010.33.
[16]. I. Santos, J. Devesa, F. Brezo, J. Nieves, and P. G. Bringas “OPEM: A Static-Dynamic Approach for Machine
Learning Based Malware Detection,” Proceedings of International Conference CISIS’12-ICEUTE’12, Special
Sessions Advances in Intelligent Systems and Computing, 2013, vol. 189, pp. 271-280, doi: 10.1007/978-3-642-
33018-6_28.
[17]. R. Islam, R. Tian, L. M. Batten, and S. Versteeg, “Classification of Malware Based on Integrated Static and Dynamic
Features,” Journal of Network and Computer Application, vol. 36, no. 2, pp. 646-556, 2013, doi:
10.1016/j.jnca.2012.10.004.
[18]. B. Anderson, C. Storlie, ans T. Lane, “Improving Malware Classification: Bridging the Static/Dynamic Gap,”
Proceedings of 5th ACM Workshop on Security and Artificial Intelligence (AISec), 2012, pp. 3-14, doi:
10.1145/2381896.2381900.
[19]. H. Faris, I. Aljarah, M. A. Al-Betar, and S. Mirjalili, “Grey wolf optimizer: a review of recent variants and
applications,” Neural Computing & Applications, vol. 30, pp. 413-435, 2018, doi: 10.1007/s00521-017-3272-5.
[20]. S. Mirjalili, S. M. Mirjalili, and A. Lewis, “A. Grey Wolf Optimizer,” Adv. Eng. Softw., vol. 69, pp. 46–61, 2014,
doi: 10.1016/j.advengsoft.2013.12.007
10. ISSN: 2722-3221
Comput. Sci. Inf. Technol., Vol. 2, No. 3, November 2021: 103 – 112
112
[21]. A. Chakraborty and A. K. Kar, “Swarm Intelligence, A Review of Algorithms,” Nature-Inspired Computing and
Optimization, vol. 10, pp. 475-494, 2017, doi: 10.1007/978-3-319-50920-4_19.
[22]. R.-E. Precup, R.-C. David, A.-I. Szedlak-Stinean, E. M. Petriu, and F. Dragan, “An Easily Understandable Grey Wolf
Optimizer and Its Application to Fuzzy Controller Tuning,” Algorithms, vol. 10, no. 2, pp. 1-15, 2017, doi:
10.3390/a10020068.
[23]. K. Murali and J. T., “Automated Image Enhancement Using Grey-Wolf Optimizer Algorithm,” IIOAB Journal, vol.
7, no. 3, pp. 77-84, 2016.
[24]. Y. Tan and Y. Shi, “Advances in Swarm Intelligence,” 10th International Conference, ICSI 2019, Chiang Mai,
Thailand, July 26–30, 2019, Proceedings, 2019.
[25]. C. Zhang, D. Ouyang, and J. Ning, “An artificial bee colony approach for clustering,” Expert Syst. Appl. vol. 37, no.
7, pp. 4761-4767, 2010, doi: 10.1016/j.eswa.2009.11.003.
[26]. C. Xu, H. Duan, and F. Liu, “Chaotic artificial bee colony approach to uninhabited combat air vehicle (UCAV) path
planning,” Aerosp. Sci. Technol., vol. 14, no. 8, pp. 535-541, 2010, doi: 10.1016/j.ast.2010.04.008.
[27]. Hancitor malspam and infection traffic from Tuesday 2019-02-05, February 6th
, 2019. [Online]. Available:
https://isc.sans.edu/forums/diary/Hancitor+malspam+and+infection+traffic+from+Tuesday+20190205/24616/
[28]. L. Qiang et al., “An Enhanced Grey Wolf Optimization Based Feature Selection Wrapped Kernel Extreme Learning
Machine for Medical Diagnosis,” Computational and Mathematical Methods in Medicine, vol. 2017, pp. 1-15, 2017,
doi: 10.1155/2017/9512741 020068.
[29]. S. Sharma and P. Bhambu, “Artificial Bee Colony Algorithm: A Survey,” International Journal of Computer
Applications, vol. 149, no. 4, pp. 11-19, 2016.
[30]. D. Karaboga and B. Basturk, “Artificial Bee Colony (ABC) Optimization Algorithm for Solving Constrained
Optimization Problems,” Proc. IFSA 2007, LNAI 4529, 2007, pp. 789-798, doi: 10.1007/978-3-540-72950-1_77.
[31]. K. Deb, “An Efficient Constraint Handling Method for Genetic Algorithms,” Computer Methods in Applied
Mechanics and Engineering, vol. 186, no. 2-4, pp. 311-338, 2000, doi: 10.1016/S0045-7825(99)00389-8.