JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Singh, Avinash
|
|
| dc.contributor.author | Ikuesan, Richard Adeyemi
|
|
| dc.contributor.author | Venter, H.S. (Hein)
|
|
| dc.date.accessioned | 2024-04-29T11:56:13Z | |
| dc.date.available | 2024-04-29T11:56:13Z | |
| dc.date.issued | 2023-10-08 | |
| dc.description | DATA AVAILABILITY : Dataset can be found at (https://malfe.cs.up.ac.za/datasets/view/ Entropy_of_PE_Sections/5, 14 August 2023). | en_US |
| dc.description.abstract | The growing sophistication of malware has resulted in diverse challenges, especially among security researchers who are expected to develop mechanisms to thwart these malicious attacks. While security researchers have turned to machine learning to combat this surge in malware attacks and enhance detection and prevention methods, they often encounter limitations when it comes to sourcing malware binaries. This limitation places the burden on malware researchers to create context-specific datasets and detection mechanisms, a time-consuming and intricate process that involves a series of experiments. The lack of accessible analysis reports and a centralized platform for sharing and verifying findings has resulted in many research outputs that can neither be replicated nor validated. To address this critical gap, a malware analysis data curation platform was developed. This platform offers malware researchers a highly customizable feature generation process drawing from analysis data reports, particularly those generated in sandbox-based environments such as Cuckoo Sandbox. To evaluate the effectiveness of the platform, a replication of existing studies was conducted in the form of case studies. These studies revealed that the developed platform offers an effective approach that can aid malware detection research. Moreover, a real-world scenario involving over 3000 ransomware and benign samples for ransomware detection based on PE entropy was explored. This yielded an impressive accuracy score of 98.8% and an AUC of 0.97 when employing the decision tree algorithm, with a low latency of 1.51 ms. These results emphasize the necessity of the proposed platform while demonstrating its capacity to construct a comprehensive detection mechanism. By fostering community-driven interactive databanks, this platform enables the creation of datasets as well as the sharing of reports, both of which can substantially reduce experimentation time and enhance research repeatability. | en_US |
| dc.description.department | Computer Science | en_US |
| dc.description.librarian | am2024 | en_US |
| dc.description.sdg | SDG-09: Industry, innovation and infrastructure | en_US |
| dc.description.sponsorship | FUNDING : This research was funded in part by the National Research Foundation of South Africa (Grant Number 136239), and the APC was funded by a UCDP Grant. | en_US |
| dc.description.sponsorship | The National Research Foundation of South Africa, and the APC was funded by a UCDP Grant. | en_US |
| dc.description.uri | https://www.mdpi.com/journal/computers | en_US |
| dc.identifier.citation | Singh, A.; Ikuesan, R.A.; Venter, H. MalFe—Malware Feature Engineering Generation Platform. Computers 2023, 12, 201. https://DOI.org/10.3390/computers12100201. | en_US |
| dc.identifier.issn | 2073-431X | |
| dc.identifier.other | 10.3390/computers12100201 | |
| dc.identifier.uri | http://hdl.handle.net/2263/95796 | |
| dc.language.iso | en | en_US |
| dc.publisher | MDPI | en_US |
| dc.rights | © 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license. | en_US |
| dc.subject | Malware | en_US |
| dc.subject | Malware feature engineering | en_US |
| dc.subject | Malware datasets | en_US |
| dc.subject | Malware detection | en_US |
| dc.subject | Machine learning | en_US |
| dc.subject | Artificial intelligence (AI) | en_US |
| dc.subject | SDG-09: Industry, innovation and infrastructure | en_US |
| dc.title | MalFe—malware feature engineering generation platform | en_US |
| dc.type | Article | en_US |
