Li Li^*, Qing Zhang, Youran Kong

CMC-Computers, Materials & Continua, Vol.80, No.1, pp. 801-818, 2024, DOI:10.32604/cmc.2024.051916

Abstract Due to the diversity and unpredictability of changes in malicious code, studying the traceability of variant families remains challenging. In this paper, we propose a GAN-EfficientNetV2-based method for tracing families of malicious code variants. This method leverages the similarity in layouts and textures between images of malicious code variants from the same source and their original family of malicious code images. The method includes a lightweight classifier and a simulator. The classifier utilizes the enhanced EfficientNetV2 to categorize malicious code images and can be easily deployed on mobile, embedded, and other devices. The simulator utilizes… More >

Simona-Vasilica Oprea^*, Adela Bâra

CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 3827-3853, 2024, DOI:10.32604/cmc.2024.051598

Abstract The potential of text analytics is revealed by Machine Learning (ML) and Natural Language Processing (NLP) techniques. In this paper, we propose an NLP framework that is applied to multiple datasets to detect malicious Uniform Resource Locators (URLs). Three categories of features, both ML and Deep Learning (DL) algorithms and a ranking schema are included in the proposed framework. We apply frequency and prediction-based embeddings, such as hash vectorizer, Term Frequency-Inverse Dense Frequency (TF-IDF) and predictors, word to vector-word2vec (continuous bag of words, skip-gram) from Google, to extract features from text. Further, we apply more… More >

So-Eun Jeon¹, Ye-Sol Oh¹, Yeon-Ji Lee¹, Il-Gu Lee^1,2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.140, No.2, pp. 1669-1687, 2024, DOI:10.32604/cmes.2024.047239

Abstract With the advancement of wireless network technology, vast amounts of traffic have been generated, and malicious traffic attacks that threaten the network environment are becoming increasingly sophisticated. While signature-based detection methods, static analysis, and dynamic analysis techniques have been previously explored for malicious traffic detection, they have limitations in identifying diversified malware traffic patterns. Recent research has been focused on the application of machine learning to detect these patterns. However, applying machine learning to lightweight devices like IoT devices is challenging because of the high computational demands and complexity involved in the learning process. In… More >

Xiaonan Li^1,2, Qiang Wang¹, Conglai Fan^2,3, Wei Zhan¹, Mingliang Zhang^4,*

Computer Systems Science and Engineering, Vol.48, No.3, pp. 773-792, 2024, DOI:10.32604/csse.2024.039849

Abstract The field of finance heavily relies on cybersecurity to safeguard its systems and clients from harmful software. The identification of malevolent code within financial software is vital for protecting both the financial system and individual clients. Nevertheless, present detection models encounter limitations in their ability to identify malevolent code and its variations, all while encompassing a multitude of parameters. To overcome these obstacles, we introduce a lean model for classifying families of malevolent code, formulated on Ghost-DenseNet-SE. This model integrates the Ghost module, DenseNet, and the squeeze-and-excitation (SE) channel domain attention mechanism. It substitutes the… More >

Abeer Abdullah Alsadhan¹, Abdullah A. Al-Atawi², Hanen karamti³, Abid Jameel⁴, Islam Zada⁵, Tan N. Nguyen^6,*

Intelligent Automation & Soft Computing, Vol.39, No.2, pp. 135-155, 2024, DOI:10.32604/iasc.2023.041130

Abstract IoT (Internet of Things) devices are being used more and more in a variety of businesses and for a variety of tasks, such as environmental data collection in both civilian and military situations. They are a desirable attack target for malware intended to infect specific IoT devices due to their growing use in a variety of applications and their increasing computational and processing power. In this study, we investigate the possibility of detecting IoT malware using recurrent neural networks (RNNs). RNN is used in the proposed method to investigate the execution operation codes of ARM-based More >

Jiehao Ye, Wen Cheng, Xiaolong Liu, Wenyi Zhu, Xuan’ang Wu, Shigen Shen^*

CMC-Computers, Materials & Continua, Vol.79, No.2, pp. 2743-2769, 2024, DOI:10.32604/cmc.2024.049985

Abstract The Internet of Things (IoT) has characteristics such as node mobility, node heterogeneity, link heterogeneity, and topology heterogeneity. In the face of the IoT characteristics and the explosive growth of IoT nodes, which brings about large-scale data processing requirements, edge computing architecture has become an emerging network architecture to support IoT applications due to its ability to provide powerful computing capabilities and good service functions. However, the defense mechanism of Edge Computing-enabled IoT Nodes (ECIoTNs) is still weak due to their limited resources, so that they are susceptible to malicious software spread, which can compromise… More >

Khaled Soliman^1,*, Mohamed Sobh², Ayman M. Bahaa-Eldin²

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 1419-1439, 2024, DOI:10.32604/cmc.2024.048883

Abstract The continuous development of cyberattacks is threatening digital transformation endeavors worldwide and leads to wide losses for various organizations. These dangers have proven that signature-based approaches are insufficient to prevent emerging and polymorphic attacks. Therefore, this paper is proposing a Robust Malicious Executable Detection (RMED) using Host-based Machine Learning Classifier to discover malicious Portable Executable (PE) files in hosts using Windows operating systems through collecting PE headers and applying machine learning mechanisms to detect unknown infected files. The authors have collected a novel reliable dataset containing 116,031 benign files and 179,071 malware samples from diverse… More >

Hong Huang¹, Xingxing Zhang^1,*, Ye Lu¹, Ze Li¹, Shaohua Zhou²

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 3929-3951, 2024, DOI:10.32604/cmc.2024.047918

Abstract While encryption technology safeguards the security of network communications, malicious traffic also uses encryption protocols to obscure its malicious behavior. To address the issues of traditional machine learning methods relying on expert experience and the insufficient representation capabilities of existing deep learning methods for encrypted malicious traffic, we propose an encrypted malicious traffic classification method that integrates global semantic features with local spatiotemporal features, called BERT-based Spatio-Temporal Features Network (BSTFNet). At the packet-level granularity, the model captures the global semantic features of packets through the attention mechanism of the Bidirectional Encoder Representations from Transformers (BERT)… More >

Li Li^*, Youran Kong, Qing Zhang

CMC-Computers, Materials & Continua, Vol.78, No.1, pp. 551-567, 2024, DOI:10.32604/cmc.2023.045512

Abstract With the growth of the Internet, more and more business is being done online, for example, online offices, online education and so on. While this makes people’s lives more convenient, it also increases the risk of the network being attacked by malicious code. Therefore, it is important to identify malicious codes on computer systems efficiently. However, most of the existing malicious code detection methods have two problems: (1) The ability of the model to extract features is weak, resulting in poor model performance. (2) The large scale of model data leads to difficulties deploying on… More >

Yang Liu^1,2,*, Zhiyuan Lin¹, Yuxi Zhang¹, Lin Jiang^1,*, Xuan Wang^1,3

CMES-Computer Modeling in Engineering & Sciences, Vol.138, No.2, pp. 1713-1729, 2024, DOI:10.32604/cmes.2023.030468

Abstract Ethereum, currently the most widely utilized smart contracts platform, anchors the security of myriad smart contracts upon its own robustness. Its foundational peer-to-peer network facilitates a dependable node connection mechanism, whereas an efficient data-sharing protocol constitutes as the bedrock of Blockchain network security. In this paper, we propose NodeHunter, an Ethereum network detector implemented through the application of simulation technology, which is capable of aggregating all node records within the network and the interconnectedness between them. Utilizing this connection information, NodeHunter can procure more comprehensive insights for network status analysis compared to preceding detection methodologies. More >