Enhanced detection of obfuscated malware in memory dumps:a machine learning approach for advanced cybersecurity  被引量:1

作  者:Md.Alamgir Hossain Md.Saiful Islam 

机构地区:[1]Institute of Information and Communication Technology(IICT),Bangladesh University of Engineering and Technology(BUET),Dhaka,Bangladesh

出  处:《Cybersecurity》2025年第1期103-125,共23页网络空间安全科学与技术(英文)

摘  要:In the realm of cybersecurity,the detection and analysis of obfuscated malware remain a critical challenge,especially in the context of memory dumps.This research paper presents a novel machine learning-based framework designed to enhance the detection and analytical capabilities against such elusive threats for binary and multi type’s malware.Our approach leverages a comprehensive dataset comprising benign and malicious memory dumps,encompassing a wide array of obfuscated malware types including Spyware,Ransomware,and Trojan Horses with their subcategories.We begin by employing rigorous data preprocessing methods,including the normalization of memory dumps and encoding of categorical data.To tackle the issue of class imbalance,a Synthetic Minority Over-sampling Technique is utilized,ensuring a balanced representation of various malware types.Feature selection is meticulously conducted through Chi-Square tests,mutual information,and correlation analyses,refning the model’s focus on the most indicative attributes of obfuscated malware.The heart of our framework lies in the deployment of an Ensemble-based Classifer,chosen for its robustness and efectiveness in handling complex data structures.The model’s performance is rigorously evaluated using a suite of metrics,including accuracy,precision,recall,F1-score,and the area under the ROC curve(AUC)with other evaluation metrics to assess the model’s efciency.The proposed model demonstrates a detection accuracy exceeding 99%across all cases,surpassing the performance of all existing models in the realm of malware detection.

关 键 词:Obfuscated malware detection Memory dump analysis Advanced malware analytics Malware behavioral patterns Advanced malware analytics Machine learning in cybersecurity 

分 类 号:TD7[矿业工程—矿井通风与安全]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象