Stateless Malware Packet Detection by Incorporating Naive Bayes with Known Malware Signatures. (15th April 2014)
- Record Type:
- Journal Article
- Title:
- Stateless Malware Packet Detection by Incorporating Naive Bayes with Known Malware Signatures. (15th April 2014)
- Main Title:
- Stateless Malware Packet Detection by Incorporating Naive Bayes with Known Malware Signatures
- Authors:
- Ismail, Ismahani
Mohd Nor, Sulaiman
Marsono, Muhammad Nadzir - Other Names:
- Ventura Sebastian Academic Editor.
- Abstract:
- Abstract : Malware detection done at the network infrastructure level is still an open research problem, considering the evolution of malwares and high detection accuracy needed to detect these threats. Content based classification techniques have been proven capable of detecting malware without matching for malware signatures. However, the performance of the classification techniques depends on observed training samples. In this paper, a new detection method that incorporates Snort malware signatures into Naive Bayes model training is proposed. Through experimental work, we prove that the proposed work results in low features search space for effective detection at the packet level. This paper also demonstrates the viability of detecting malware at the stateless level (using packets) as well as at the stateful level (using TCP byte stream). The result shows that it is feasible to detect malware at the stateless level with similar accuracy to the stateful level, thus requiring minimal resource for implementation on middleboxes. Stateless detection can give a better protection to end users by detecting malware on middleboxes without having to reconstruct stateful sessions and before malwares reach the end users.
- Is Part Of:
- Applied computational intelligence and soft computing. Volume 2014(2014)
- Journal:
- Applied computational intelligence and soft computing
- Issue:
- Volume 2014(2014)
- Issue Display:
- Volume 2014, Issue 2014 (2014)
- Year:
- 2014
- Volume:
- 2014
- Issue:
- 2014
- Issue Sort Value:
- 2014-2014-2014-0000
- Page Start:
- Page End:
- Publication Date:
- 2014-04-15
- Subjects:
- Computational intelligence -- Periodicals
Soft computing -- Periodicals
006.305 - Journal URLs:
- https://www.hindawi.com/journals/acisc/ ↗
- DOI:
- 10.1155/2014/197961 ↗
- Languages:
- English
- ISSNs:
- 1687-9724
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 14952.xml