Home   >   CSC-OpenAccess Library   >    Manuscript Information
Full Text Available

(712.05KB)
This is an Open Access publication published under CSC-OpenAccess Policy.
Publications from CSC-OpenAccess Library are being accessed from over 74 countries worldwide.
Classification of Malware Attacks Using Machine Learning In Decision Tree
Abel Yeboah-Ofori
Pages - 10 - 25     |    Revised - 31-07-2020     |    Published - 31-08-2020
Volume - 11   Issue - 2    |    Publication Date - August 2020  Table of Contents
MORE INFORMATION
KEYWORDS
Cyberattack, Malware, Machine Learning, Smart Grid, Decision Tree.
ABSTRACT
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
1 Google Scholar 
2 refSeek 
3 Scribd 
1 C. R. B. Hink, J. M. Beaver, M. A.. Bukner, T. Morris, U. Adhikari S. Pan. "Machine Learning for Power System Disturbance and Cyber-attack Discrimination" 7th International Symposium on Resilient Control Systems. IEEE Xplore. 10.1109/ISRCS.2014.6900095. (2014).
2 V. Ford. A. Siraj. "Application of Machine Learning in Cyber Security". Conference Paper. Computer Science Department. Tennessee Tech University. (2014).
3 K. Soska, N. Christin. "Automatically Detecting Vulnerable Websites Before They Turn Malicious. In Proceeding of the 23rd UNENIX Security Symposium. Carnegie Mellon University. ISBN 978-1-931971-15-7 (2014).
4 D. Canali, L. Bilge, D. Balzarotti. "On the Effectiveness of Risk Prediction Based on User Browsing Behaviour". ACM 978-1-4503-2800-5/14/06. http://dx.doi.org/10.1145/2590296.2590347. (2014). [Accessed 20/04/2020].
5 A. Mohasseb, B. Aziz, J. Jung, and J. Lee, "Predicting Cyber Security Incidents Using Machine Learning Algorithms: A case study of Korean SMEs". University of Portsmouth Research Portal. (2019).
6 Microsoft Malware Prediction. Research Prediction. (2019). (https://www.kaggle.com/c/microsoft-malware-prediction/data). [Accessed 26/01/2020].
7 O. Sharma, M. Girolami J. Sventek, "Detecting Worm Variants using Machine Learning". DOI: 10.1145/1364654.1364657 (2007).
8 C. Tsai, Y. Hsu, C. Lin, W. Lin. "Intrusion detection by machine learning: A review Expert Systems with Applications". 36.10, pp. 11994-12000, (2009).
9 G. Wang. T. Wang. H. Zheng, B. Y. Zhao. "Man vs. Machine: Practical Adversarial Detection of Malicious Crowdsourcing Workers". In Proceedings of the 23rd USENIX Security Symposium San Diego, CA, pp. 239-254, (2014).
10 L. Bilge, Y. Han, M. D. Amoco, Risk Teller: Predicting the Risk of Cyber Incidents. ACM ISBN 978-1-4503-4946-8/17/10. https://doi.org/10.1145/3133956.3134022 CCS (2017). [Accessed 14/12/2019].
11 R. C. Barros, A. c. P. L. F. De Carvalho. A. A. Freitas, "Automatic Design of Decision-Tree Induction Algorithms", Springer. Briefs in Computer Science, DOI 10.1007/978-3-319-14231-9_2. (2015).
12 E. G. V. Villano. "Classification of Logs Using Machine Learning". Norwegian University of Science and Technology. (2018).
13 O. Yavanoglu. M. Aydos. "A Review of Cyber Security Dataset for Machine Learning Algorithms". International Conference on Big Data, IEEE Xplore. DOI: 10.1109//BigData.2007.8258167. (2018).
14 A. Boschetti. L. Massaron. "Python Data Science Essentials". 2nd Edition. UK. ISBN 978-1-78646-213-8. (2016).
15 J. R. Quinlan. "C4.5: Programs for Machine Learning". 16, 2333-240 Department of Computer, John Hopkins University, Baltimore. MD21218. (1994).
16 W. Wang, Z. Lu, "Cyber Security in Smart Grid: Survey and Challenges". Elsevier. (2013).
17 A. Yeboah-Ofori, S. Islam. "Cyber Security Threat Modeling for Supply Chain Organizational Environments". Future Internet, 11, 63, doi: 10.3390/611030063, (2019).
18 Controller and Audit General: Investigation. "Wannacry Cyber-attack and The NHS". Department of Health. National Audit Office. UK (2017).
19 A. Yeboah-Ofori. Islam, S. Brimicombe A: Detecting Cyber Supply Chain Attacks on Cyber Physical Systems Using Bayesian Belief Network. International Conference on Cyber Security and Internet of Things. (2019). DOI 10.1109/ICSIoT47925.2019.00014.
20 Duan, E. (2016). FLocker Mobile Ransomware Crosses to Smart TV. Trend Micro. Security Intelligence Blog. https://blog.trendmicro.com/trendlabs-security-intelligence/flocker-ransomware-crosses-smart-tv/ [Accessed 10/03/2020].
21 S. Pournouri, B. Akhgar, P. S. Bayerl. "Cyber Attacks Analysis Using Decision Tree Techniques for Improving Cyber Situational Awareness" International Conference on Global Security, Safety and Sustainability. Springer. Vol.360. 2017. DOI: 10.1007/978-3-319-51064-4_14.
22 H. Patel, P. Prajapati. "Study and Analysis of Decision Tree Based Classification Algorithms" International Journal of Computer Science and Engineering. 2018. DOI: 10.26438/ijcse/v6i10.7478.
23 D. Moon, H. Im, I. Kim, J. H. Park. "DTB-IDS: An Intrusion Detection System Based on Decision Tree Using Behavior Analysis for Preventing APT Attacks" Springer, The Journal of Supercomputing 73 2881-2895. 2017. DOI: https://doi.org/10.1007/s11227-015-1604-8.
24 I. H. Sarker, Y. B. Abushark, F. Alsolami, A. I. Khan. "IntruDTree: A Machine Learning Based Cyber Security Intrusion Detection Systems" MDPI. Symmetry 12, 754, doi:10.3390/sym12050754.
25 R. Das, T. Morris. "Machine Learning in Cyber Security". IEEE Xplore. International Conference on Computer, Electronic and Communication Engineering. 2018. DOI: 10.1109/ICCECE.2017.8526232.
26 A. O. Balogun, R. G. Jimoh. "Anomaly Intrusion Detection Using in Hybrid of Decision Tree And K-Nearest Neighbor". Journal of Advances in Scientific Research & Application. 2015.
27 A.J. Malik, F. A. Khan. "A Hybrid Technique Using Binary Particle Swarm Optimization and Decision Tree Pruning for Network Intrusion Detection". Cluster Computing. 21, 667-680. 2018. doi.org/10.1007/s10586-017-0971-8.
28 K. Rai. M. S. Devi, A. Guleria. "Decision Tree Based Algorithm for Intrusion Detection". International Journal Advanced Networked Applications. Vol 7, Issue 04. Pages: 2828. 2016.
29 A. Yeboah-Ofori, C. Boachie. "Malware Attack Predictive Analytics in a Cyber Supply Chain Context Using Machine Learning" IEEE Explore. CSIoT pp. 66-77 2019, doi: 10.1109/ICSIoT47925.2019.00019.
30 B. Ingre, A. Yadav, A. K. Soni "Decision Tree Based Intrusion Detection System for NSL-KDD Dataset". International Conference on Information and Communication Technology for Intelligent Systems. 25-26, pp. 207-218. 2017.
31 N. G. Relan. D. R. Patil. "Implementation of Network Intrusion Detection System Using Variant of Decision Tree Algorithm". IEEE Xplore. International Conference on Nascent Technologies in the Engineering Field. pp. 1-5. 2015. DOI: 10.1109/ICNTE.2015.7029925.
Dr. Abel Yeboah-Ofori
School of Architecture, Computing & Engineering, University of East London, London, E16 2GA - United Kingdom
u0118547@uel.ac.uk