Related papers: Comprehensive Efficiency Analysis of Machine Learning Algorithms for Developing Hardware-Based Cybersecurity Countermeasures

Comprehensive Efficiency Analysis of Machine Learning Algorithms for Developing Hardware-Based Cybersecurity Countermeasures

URL: http://arxiv.org/abs/2201.07654v1
Date: Wed, 5 Jan 2022 22:08:57 GMT
Title: Comprehensive Efficiency Analysis of Machine Learning Algorithms for Developing Hardware-Based Cybersecurity Countermeasures
Authors: Darren Cobian
Abstract summary: Modern computing systems have led cyber adversaries to create more sophisticated malware than was previously available. Modern detection techniques use the machine learning field and hardware to boost the detection rates of malicious software. A problem emerges when malware with no comparable HPC values comes into contact with these new techniques.
Score: 0.0
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Modern computing systems have led cyber adversaries to create more sophisticated malware than was previously available in the early days of technology. Dated detection techniques such as Anti-Virus Software (AVS) based on signature-based methods could no longer keep up with the demand that computer systems required of them. The complexity of modern malware has led to the development of contemporary detection techniques that use the machine learning field and hardware to boost the detection rates of malicious software. These new techniques use Hardware Performance Counters (HPCs) that form a digital signature of sorts. After the models are fed training data, they can reference these HPCs to classify zero-day malware samples. A problem emerges when malware with no comparable HPC values comes into contact with these new techniques. We provide an analysis of several machine learning and deep learning models that run zero-day samples and evaluate the results from the conversion of C++ algorithms to a hardware description language (HDL) used to begin a hardware implementation. Our results present a lack of accuracy from the models when running zero-day malware data as our highest detector, decision tree, was only able to reach 91.2% accuracy and had an F1-Score of 91.5% in the form of a decision tree. Next, through the Receiver Operating Curve (ROC) and area-under-the-curve (AUC), we can also determine that the algorithms did not present significant robustness as the largest AUC was only 0.819. In addition, we viewed relatively high overhead for our ensemble learning algorithm while also only having an 86.3% accuracy and 86% F1-Score. Finally, as an additional task, we adapted the one rule algorithm to fit many rules to make malware classification understandable to everyday users by allowing them to view the regulations while maintaining relatively high accuracy.

Related papers

Challenging Machine Learning Algorithms in Predicting Vulnerable JavaScript Functions [2.243674903279612]
State-of-the-art machine learning techniques can predict functions with possible security vulnerabilities in JavaScript programs. Best performing algorithm was KNN, which created a model for the prediction of vulnerable functions with an F-measure of 0.76. Deep learning, tree and forest based classifiers, and SVM were competitive with F-measures over 0.70.
arXiv Detail & Related papers (2024-05-12T08:23:42Z)
Enhancing Malware Detection by Integrating Machine Learning with Cuckoo Sandbox [0.0]
This study aims to classify and identify malware extracted from a dataset containing API call sequences. Both deep learning and machine learning algorithms achieve remarkably high levels of accuracy, reaching up to 99% in certain cases.
arXiv Detail & Related papers (2023-11-07T22:33:17Z)
Semi-supervised Classification of Malware Families Under Extreme Class Imbalance via Hierarchical Non-Negative Matrix Factorization with Automatic Model Selection [34.7994627734601]
We propose a novel hierarchical semi-supervised algorithm, which can be used in the early stages of the malware family labeling process. With HNMFk, we exploit the hierarchical structure of the malware data together with a semi-supervised setup, which enables us to classify malware families under conditions of extreme class imbalance. Our solution can perform abstaining predictions, or rejection option, which yields promising results in the identification of novel malware families.
arXiv Detail & Related papers (2023-09-12T23:45:59Z)
AI ATAC 1: An Evaluation of Prominent Commercial Malware Detectors [3.0909095595694724]
This work presents an evaluation of six prominent commercial endpoint malware detectors, a network malware detector, and a file-conviction algorithm from a cyber technology vendor. The evaluation was administered as the first of the Artificial Intelligence Applications to Autonomous Cybersecurity (AI ATAC) prize challenges, funded by / completed in service of the US Navy.
arXiv Detail & Related papers (2023-08-28T18:46:12Z)
Using Machine Learning To Identify Software Weaknesses From Software Requirement Specifications [49.1574468325115]
This research focuses on finding an efficient machine learning algorithm to identify software weaknesses from requirement specifications. Keywords extracted using latent semantic analysis help map the CWE categories to PROMISE_exp. Naive Bayes, support vector machine (SVM), decision trees, neural network, and convolutional neural network (CNN) algorithms were tested.
arXiv Detail & Related papers (2023-08-10T13:19:10Z)
A survey on hardware-based malware detection approaches [45.24207460381396]
Hardware-based malware detection approaches leverage hardware performance counters and machine learning prowess. We meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours. The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
arXiv Detail & Related papers (2023-03-22T13:00:41Z)
Harnessing the Speed and Accuracy of Machine Learning to Advance Cybersecurity [0.0]
Traditional signature-based methods of malware detection have limitations in detecting complex threats. In recent years, machine learning has emerged as a promising solution to detect malware effectively. ML algorithms are capable of analyzing large datasets and identifying patterns that are difficult for humans to identify.
arXiv Detail & Related papers (2023-02-24T02:42:38Z)
A Robust and Explainable Data-Driven Anomaly Detection Approach For Power Electronics [56.86150790999639]
We present two anomaly detection and classification approaches, namely the Matrix Profile algorithm and anomaly transformer. The Matrix Profile algorithm is shown to be well suited as a generalizable approach for detecting real-time anomalies in streaming time-series data. A series of custom filters is created and added to the detector to tune its sensitivity, recall, and detection accuracy.
arXiv Detail & Related papers (2022-09-23T06:09:35Z)
Incremental Online Learning Algorithms Comparison for Gesture and Visual Smart Sensors [68.8204255655161]
This paper compares four state-of-the-art algorithms in two real applications: gesture recognition based on accelerometer data and image classification. Our results confirm these systems' reliability and the feasibility of deploying them in tiny-memory MCUs.
arXiv Detail & Related papers (2022-09-01T17:05:20Z)
Robustness Evaluation of Deep Unsupervised Learning Algorithms for Intrusion Detection Systems [0.0]
This paper evaluates the robustness of six recent deep learning algorithms for intrusion detection on contaminated data. Our experiments suggest that the state-of-the-art algorithms used in this study are sensitive to data contamination and reveal the importance of self-defense against data perturbation.
arXiv Detail & Related papers (2022-06-25T02:28:39Z)
Evolving Reinforcement Learning Algorithms [186.62294652057062]
We propose a method for meta-learning reinforcement learning algorithms. The learned algorithms are domain-agnostic and can generalize to new environments not seen during training. We highlight two learned algorithms which obtain good generalization performance over other classical control tasks, gridworld type tasks, and Atari games.
arXiv Detail & Related papers (2021-01-08T18:55:07Z)

This list is automatically generated from the titles and abstracts of the papers in this site.