Top

Peer-to-Peer Networking and Applications

Published in:

05-01-2022

Developing a novel methodology for virtual machine introspection to classify unknown malware functions

Authors: Rahul N. Vaza, Ramesh Prajapati, Dushyantsinh Rathod, Dineshkumar Vaghela

Published in: Peer-to-Peer Networking and Applications | Issue 1/2022

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In recent years, cloud service security is a crucial task because of several vulnerabilities in Virtual Machine such as malicious activities, viruses, and errors. Therefore detecting malicious activity is essential to improve the security of the cloud and VM. There are many existing techniques are developed to identify malicious attacks but still having the issues of less accuracy of detecting attacks, high false prediction rate and error also the main problem is the complexity to detect malware attacks because of large files. So, this current research proposed a new Adversarial-based Generative Model with African Buffalo (AGM-AB) technique to classify unknown malware functions presented in the VM. Also, AB fitness is initializing in AGM for enhancing the performance of feature extraction and classification. In addition, the developed AGM-AB technique categorizes executable files of benign and malware also improve the accuracy of malware detection. Furthermore, launch the unknown malware in developed technique for validating the efficiency of classification in AGM-AB technique. Thus the developed AGM-AB technique is implemented in python, and the performance metrics are calculated such as accuracy, AUC, False Positive Rate (FPR), recall value, precision, and F-measure.

previous article Joint pricing and task allocation for blockchain empowered crowd spectrum sensing

next article Efficient path-sense transmission based on IoT system in opportunistic social networks

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Dhanya D, Arivudainambi D (2019) Dolphin partner optimization based secure and qualified virtual machine for resource allocation with streamline security analysis. Peer-to-Peer Netw Appl 12:1194–1213. https://doi.org/10.1007/s12083-019-00765-9CrossRef

Ding W, Gu C, Luo F, Chang Y, Rugwiro U, Li X, Wen G (2018) DFA-VMP: An efficient and secure virtual machine placement strategy under cloud environment. Peer-to-Peer Netw Appl 11:318–333. https://doi.org/10.1007/s12083-016-0502-zCrossRef

Kumar P, Kumar AA, Sahayakingsly C, Udayakumar A (2020) Analysis of intrusion detection in cyber-attacks using DEEP learning neural networks. Peer-to-Peer Netw Appl. https://doi.org/10.1007/s12083-020-00999-yCrossRef

Ren Z, Chen G, Lu W (2020) Malware visualization methods based on deep convolution neural networks. Multimed Tools Appl 79:10975–10993. https://doi.org/10.1007/s11042-019-08310-9CrossRef

Yadav RM (2019) Effective analysis of malware detection in cloud computing. Comput Secur 83:14–21. https://doi.org/10.1016/j.cose.2018.12.005CrossRef

Wadkar M, Di Troia F, Stamp M (2020) Detecting malware evolution using support vector machines. Expert Syst Appl 143:113022. https://doi.org/10.1016/j.eswa.2019.113022

Caviglione L, Choraś M, Corona I, Janicki A, Mazurczyk W, Pawlicki M, Wasielewska K (2020) Tight arms race: overview of current malware threats and trends in their detection. IEEE Access. https://doi.org/10.1109/ACCESS.2020.3048319

Spensky C (2020) Analyzing and Securing Embedded Systems. Diss. UC Santa Barbara

Gibert D, Mateu C, Planes J (2020) The rise of machine learning for detection and classification of malware: Research developments, trends and challenges. J. Netw. Comput. Appl. 153:102526. https://doi.org/10.1016/j.jnca.2019.102526CrossRef

10.

Kang J, Jang S, Li S, Jeong YS, Sung Y (2019) Long short-term memory-based malware classification method for information security. Comput. Electr. Eng. 77:366–375. https://doi.org/10.1016/j.compeleceng.2019.06.014CrossRef

11.

Alverti C, Psomadakis S, Karakostas V, Gandhi J, Nikas K, Goumas G, Koziris N (2020) Enhancing and exploiting contiguity for fast memory virtualization. In 2020 ACM/IEEE 47th Annual International Symposium on Computer Architecture (ISCA), pp. 515–528. IEEE. https://doi.org/10.1109/ISCA45697.2020.00050

12.

Murdock K, Oswald D, Garcia FD, Bulck JV, Gruss D, Piessens F (2020) Plundervolt: Software-based fault injection attacks against Intel SGX. In 2020 IEEE Symposium on Security and Privacy (SP) pp 1466–1482. IEEE. https://doi.org/10.1109/SP40000.2020.00057

13.

Aryania A, Aghdasi HS, Khanli LM (2018) Energy-aware virtual machine consolidation algorithm based on ant colony system. J Grid Comput 16(3):477–491. https://doi.org/10.1007/s10723-018-9428-4CrossRef

14.

Gajrani J, Laxmi V, Tripathi M, Gaur MS, Zemmari A, Mosbah M, Conti M (2020) Effectiveness of state-of-the-art dynamic analysis techniques in identifying diverse Android malware and future enhancements. Advances in Computers, 119:73–120. Academic Press Inc.: Cambridge, MA, USA

15.

Halabi T, Bellaiche M (2017) Towards quantification and evaluation of security of Cloud Service Providers. J Inf Secur Appl 33:55–65. https://doi.org/10.1016/j.jisa.2017.01.007CrossRef

16.

Hsiao SW, Sun YS, Chen MC (2020) Hardware-Assisted MMU Redirection for In-Guest Monitoring and API Profiling. IEEE Trans Inf Forensics Secur 15:2402–2416. https://doi.org/10.1109/TIFS.2020.2969514CrossRef

17.

Shamshirband S, Fathi M, Chronopoulos AT, Montieri A, Palumbo F, Pescape A (2020) Computational intelligence intrusion detection techniques in mobile cloud computing environments: Review, taxonomy, and open research issues. J Inf Secur Appl 55:102582. https://doi.org/10.1016/j.jisa.2020.102582

18.

Ueki K, Kourai K (2020) Fine-grained Autoscaling with In-VM Containers and VM Introspection. 2020 IEEE/ACM 13th International Conference on Utility and Cloud Computing (UCC), IEEE. https://doi.org/10.1109/UCC48980.2020.00034

19.

Tang F, Ma B, Li J, Zhang F, Su J, Ma J (2020) RansomSpector: An introspection-based approach to detect crypto ransomware. Comput Secur 97:101997. https://doi.org/10.1016/j.cose.2020.101997

20.

Tank D, Aggarwal A, Chaubey N (2020) A Method for Malware Detection in Virtualization Environment. International Conference on Computing Science, Communication and Security, Springer, Singapore. https://doi.org/10.1007/978-981-15-6648-6_21

21.

Mishra P, Verma I, Gupta S (2020) KVMInspector: KVM Based introspection approach to detect malware in cloud environment. J Inf Secur Appl 51:102460. https://doi.org/10.1016/j.jisa.2020.102460

22.

Kumara MAA, Jaidhar CD (2017) Leveraging virtual machine introspection with memory forensics to detect and characterize unknown malware using machine learning techniques at hypervisor. Digital Investigation 23:99–123. https://doi.org/10.1016/j.diin.2017.10.004CrossRef

23.

Patil R, Dudeja H, Modi C (2020) Designing in-VM-assisted lightweight agent-based malware detection framework for securing virtual machines in cloud computing. Int J Inf Secur 19(2):147–162. https://doi.org/10.1007/s10207-019-00447-wCrossRef

24.

Zhang J, Gao C, Gong L, Gu Z, Man D, Yang W, Li W (2020) Malware Detection Based on Multi-level and Dynamic Multi-feature Using Ensemble Learning at Hypervisor. Mob Netw Appl 1–18. https://doi.org/10.1007/s11036-019-01503-4

25.

Kumara A, Jaidhar CD (2018) Automated multi-level malware detection system based on reconstructed semantic view of executables using machine learning techniques at VMM. Future Gener Comput Syst 79:431–446. https://doi.org/10.1016/j.future.2017.06.002CrossRef

26.

Alweshah M, Rababa L, Ryalat MH, Momani AA, Ababneh MF (2020) African Buffalo algorithm: training the probabilistic neural network to solve classification problems. J King Saud Univ Comp Info Sci. https://doi.org/10.1016/j.jksuci.2020.07.004

27.

Abou-Assaleh T, Cercone N, Keselj V, Sweidan R(2004) Detection of new malicious code using n-grams signatures. In: PST, pp 193–196

28.

Rieck K, Trinius P, Willems C, Holz T (2011) Automatic analysis of malware behavior using machine learning. J Comput Secur 19(4):639–668. https://doi.org/10.3233/JCS-2010-0410CrossRef

29.

Kordestani M, Safavi AA, Saif M (2021) Recent survey of large-scale systems: Architectures, controller strategies, and industrial applications. IEEE Syst J 1–14. https://doi.org/10.1109/JSYST.2020.3048951

30.

Kordestani M, Saif M (2021) Observer-Based Attack Detection and Mitigation for Cyberphysical Systems: A Review. IEEE Systems, Man, and Cybernetics Magazine 7(2):35–60. https://doi.org/10.1109/MSMC.2020.3049092CrossRef

31.

Kiperberg M (2021) Preventing malicious communication using virtualization. J Inf Secur Appl 61:102871. https://doi.org/10.1016/j.jisa.2021.102871

32.

Hussain, SJ, Ahmed U, Liaquat H, Mir S, Jhanjhi NZ, Humayun M (2019) IMIAD: intelligent malware identification for android platform. 2019 International Conference on Computer and Information Sciences (ICCIS), IEEE. https://doi.org/10.1109/ICCISci.2019.8716471

33.

Wang X, Zhang J, Zhang A (2019) TKRD: Trusted kernel rootkit detection for cybersecurity of VMs based on machine learning and memory forensic analysis. Math Biosci Eng 16(4):2650–2667. https://doi.org/10.3934/mbe.2019132MathSciNetCrossRef

34.

Dash SK, Suarez-Tangil G, Khan S, Tam K, Ahmadi M, Kinder J, Cavallaro L (2016) Droidscribe: Classifying android malware based on runtime behavior. 2016 IEEE Security and Privacy Workshops (SPW), IEEE. https://doi.org/10.1109/SPW.2016.25

Title: Developing a novel methodology for virtual machine introspection to classify unknown malware functions
Authors: Rahul N. Vaza
Ramesh Prajapati
Dushyantsinh Rathod
Dineshkumar Vaghela
Publication date: 05-01-2022
Publisher: Springer US
Published in: Peer-to-Peer Networking and Applications / Issue 1/2022
Print ISSN: 1936-6442
Electronic ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-021-01281-5

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2022

Decentralized access control technique with multi-tier authentication of user for cloud storage

An improved secure certificateless public-key searchable encryption scheme with multi-trapdoor privacy

Double agents-DQL based D2D computing-offloading for SHVC

Efficient path-sense transmission based on IoT system in opportunistic social networks

Analytical modelling of false blocking problem in wireless ad hoc networks

An efficient and privacy-preserving mutual authentication with key agreement scheme for telecare medicine information system

Premium Partner