Yazar "Al-Khshali, Hasan H." seçeneğine göre listele

Listeleniyor 1 - 3 / 3
  • [ X ]
    Öğe
    Effect of PE file header features on accuracy
    (Institute of Electrical and Electronics Engineers Inc., 2020) Al-Khshali, Hasan H.; Ilyas, Muhammad; Uçan, Osman Nuri
    Malware programmers look for ways to attack computers and networks. They try to find entry points that bypass security and enable them to slip into the system. One of these ways is through Portable Executable (PE) files. On the other hand, methods are devised to discover this danger and take action against it. Artificial Intelligence (AI) can play an important role in the process of discovering malwares inside PE files. Using AI as a tool, this work aims to study the features of PE file headers as a means of detecting malware and assess the effect of these features on the level of accuracy. The study uses various numbers of PE features. Two different algorithms are used, each with two options, in order to discover their relative effectiveness. Tests are carried out using a specified control data set so that relative performance can be assessed. The criterion used is the level of accuracy obtained with a large number and variation of groups of studies. Each study starts with a collection of features, then features are progressively added to study the impact of these features on accuracy. This was important in showing that not all the features have a positive impact on accuracy. Also, there were some indications that using a large number of features will not always improve the accuracy. Using graphs, it was shown that accuracy will be enhanced after adding a certain number of features. Graphs also show that, along the way of adding the features, accuracy sometimes improves and, in some other times, it goes down, so not all added features are useful. More than 100 runs were made, using a total of 29 features. The highest accuracy obtained with Decision Tree was 0.987, and 0.979 in Neural Networks-Multi-layer Perceptron (NN-MLPC). © 2020 IEEE.
  • [ X ]
    Öğe
    Impact of Portable Executable Header Features on Malware Detection Accuracy
    (Tech Science Press, 2023) Al-Khshali, Hasan H.; Ilyas, Muhammad
    One aspect of cybersecurity, incorporates the study of Portable Exe-cutables (PE) files maleficence. Artificial Intelligence (AI) can be employed in such studies, since AI has the ability to discriminate benign from malicious files. In this study, an exclusive set of 29 features was collected from trusted implementations, this set was used as a baseline to analyze the presented work in this research. A Decision Tree (DT) and Neural Network Multi -Layer Perceptron (NN-MLPC) algorithms were utilized during this work. Both algorithms were chosen after testing a few diverse procedures. This work implements a method of subgrouping features to answer questions such as, which feature has a positive impact on accuracy when added? Is it possible to determine a reliable feature set to distinguish a malicious PE file from a benign one? when combining features, would it have any effect on malware detection accuracy in a PE file? Results obtained using the proposed method were improved and carried few observations. Generally, the obtained results had practical and numerical parts, for the practical part, the number of features and which features included are the main factors impacting the calculated accuracy, also, the combination of features is as crucial in these calculations. Numerical results included, finding accuracies with enhanced values, for example, NN_MLPC attained 0.979 and 0.98; for DT an accuracy of 0.9825 and 0.986 was attained.
  • Küçük Resim
    Öğe
    Malware detection with subspace learning-based one-class classification
    (Institute of Electrical and Electronics Engineers Inc., 2024) Al-Khshali, Hasan H.; Ilyas, Muhammad; Sohrab, Fahad; Gabbouj, Moncef
    Detecting malware is crucial for ensuring the security of computer systems. Traditional machine learning models face challenges in effectively detecting malware, mainly due to the class imbalance problem, where the number of malware samples is significantly smaller than that of non-malware samples. Additionally, malware's dynamic and evolving nature, continuously altering its structure and tactics, presents a substantial challenge for conventional artificial intelligence algorithms, further complicating the detection task. In pursuing an optimized malware detection technique, researchers initially explored traditional machine learning algorithms, focusing on the features of Portable Executable (PE) file headers. However, the inherent issues, such as imbalanced datasets and the deceptive nature of malware, have raised concerns about the credibility of the attained results. This can result in misclassifying malware as non-malware, leading to security vulnerabilities. One-Class Classification (OCC) methods have emerged as a promising approach to improve the detection of unknown malware. However, traditional OCC approaches face the challenge of the curse of dimensionality. This research proposes adapting subspace learning-based OCC methods to overcome the curse of dimensionality and effectively handle the class imbalance problem. We propose a pipeline for detecting malware using methods that jointly optimize a subspace and data description for OCC. We evaluate the performance of various one-class classifiers on three different datasets. We observed that the subspace-learning-based OCC is a promising approach. Evaluating various classifiers on three datasets reveals promising results, with a True Positive Rate (TPR) of 100 % for subspace-learning-based OCC. The proposed pipeline can serve as a valuable tool for improving the security of computer systems by accurately detecting malware and protecting against potential attacks.