Home   >   CSC-OpenAccess Library   >    Manuscript Information
Classification of Malware Attacks Using Machine Learning In Decision Tree
Abel Yeboah-Ofori
Pages - 10 - 25     |    Revised - 31-07-2020     |    Published - 31-08-2020
Volume - 11   Issue - 2    |    Publication Date - August 2020  Table of Contents
MORE INFORMATION
KEYWORDS
Cyberattack, Malware, Machine Learning, Smart Grid, Decision Tree.
ABSTRACT
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
1 Google Scholar 
2 refSeek 
3 Doc Player 
4 Scribd 
5 SlideShare 
A. Boschetti. L. Massaron. "Python Data Science Essentials". 2nd Edition. UK. ISBN 978-1-78646-213-8. (2016).
A. Mohasseb, B. Aziz, J. Jung, and J. Lee, "Predicting Cyber Security Incidents Using Machine Learning Algorithms: A case study of Korean SMEs". University of Portsmouth Research Portal. (2019).
A. O. Balogun, R. G. Jimoh. "Anomaly Intrusion Detection Using in Hybrid of Decision Tree And K-Nearest Neighbor". Journal of Advances in Scientific Research & Application. 2015.
A. Yeboah-Ofori, C. Boachie. "Malware Attack Predictive Analytics in a Cyber Supply Chain Context Using Machine Learning" IEEE Explore. CSIoT pp. 66-77 2019, doi: 10.1109/ICSIoT47925.2019.00019.
A. Yeboah-Ofori, S. Islam. "Cyber Security Threat Modeling for Supply Chain Organizational Environments". Future Internet, 11, 63, doi: 10.3390/611030063, (2019).
A. Yeboah-Ofori. Islam, S. Brimicombe A: Detecting Cyber Supply Chain Attacks on Cyber Physical Systems Using Bayesian Belief Network. International Conference on Cyber Security and Internet of Things. (2019). DOI 10.1109/ICSIoT47925.2019.00014.
A.J. Malik, F. A. Khan. "A Hybrid Technique Using Binary Particle Swarm Optimization and Decision Tree Pruning for Network Intrusion Detection". Cluster Computing. 21, 667-680. 2018. doi.org/10.1007/s10586-017-0971-8.
B. Ingre, A. Yadav, A. K. Soni "Decision Tree Based Intrusion Detection System for NSL-KDD Dataset". International Conference on Information and Communication Technology for Intelligent Systems. 25-26, pp. 207-218. 2017.
C. R. B. Hink, J. M. Beaver, M. A.. Bukner, T. Morris, U. Adhikari S. Pan. "Machine Learning for Power System Disturbance and Cyber-attack Discrimination" 7th International Symposium on Resilient Control Systems. IEEE Xplore. 10.1109/ISRCS.2014.6900095. (2014).
C. Tsai, Y. Hsu, C. Lin, W. Lin. "Intrusion detection by machine learning: A review Expert Systems with Applications". 36.10, pp. 11994-12000, (2009).
Controller and Audit General: Investigation. "Wannacry Cyber-attack and The NHS". Department of Health. National Audit Office. UK (2017).
D. Canali, L. Bilge, D. Balzarotti. "On the Effectiveness of Risk Prediction Based on User Browsing Behaviour". ACM 978-1-4503-2800-5/14/06. http://dx.doi.org/10.1145/2590296.2590347. (2014). [Accessed 20/04/2020].
D. Moon, H. Im, I. Kim, J. H. Park. "DTB-IDS: An Intrusion Detection System Based on Decision Tree Using Behavior Analysis for Preventing APT Attacks" Springer, The Journal of Supercomputing 73 2881-2895. 2017. DOI: https://doi.org/10.1007/s11227-015-1604-8.
Duan, E. (2016). FLocker Mobile Ransomware Crosses to Smart TV. Trend Micro. Security Intelligence Blog. https://blog.trendmicro.com/trendlabs-security-intelligence/flocker-ransomware-crosses-smart-tv/ [Accessed 10/03/2020].
E. G. V. Villano. "Classification of Logs Using Machine Learning". Norwegian University of Science and Technology. (2018).
G. Wang. T. Wang. H. Zheng, B. Y. Zhao. "Man vs. Machine: Practical Adversarial Detection of Malicious Crowdsourcing Workers". In Proceedings of the 23rd USENIX Security Symposium San Diego, CA, pp. 239-254, (2014).
H. Patel, P. Prajapati. "Study and Analysis of Decision Tree Based Classification Algorithms" International Journal of Computer Science and Engineering. 2018. DOI: 10.26438/ijcse/v6i10.7478.
I. H. Sarker, Y. B. Abushark, F. Alsolami, A. I. Khan. "IntruDTree: A Machine Learning Based Cyber Security Intrusion Detection Systems" MDPI. Symmetry 12, 754, doi:10.3390/sym12050754.
J. R. Quinlan. "C4.5: Programs for Machine Learning". 16, 2333-240 Department of Computer, John Hopkins University, Baltimore. MD21218. (1994).
K. Rai. M. S. Devi, A. Guleria. "Decision Tree Based Algorithm for Intrusion Detection". International Journal Advanced Networked Applications. Vol 7, Issue 04. Pages: 2828. 2016.
K. Soska, N. Christin. "Automatically Detecting Vulnerable Websites Before They Turn Malicious. In Proceeding of the 23rd UNENIX Security Symposium. Carnegie Mellon University. ISBN 978-1-931971-15-7 (2014).
L. Bilge, Y. Han, M. D. Amoco, Risk Teller: Predicting the Risk of Cyber Incidents. ACM ISBN 978-1-4503-4946-8/17/10. https://doi.org/10.1145/3133956.3134022 CCS (2017). [Accessed 14/12/2019].
Microsoft Malware Prediction. Research Prediction. (2019). (https://www.kaggle.com/c/microsoft-malware-prediction/data). [Accessed 26/01/2020].
N. G. Relan. D. R. Patil. "Implementation of Network Intrusion Detection System Using Variant of Decision Tree Algorithm". IEEE Xplore. International Conference on Nascent Technologies in the Engineering Field. pp. 1-5. 2015. DOI: 10.1109/ICNTE.2015.7029925.
O. Sharma, M. Girolami J. Sventek, "Detecting Worm Variants using Machine Learning". DOI: 10.1145/1364654.1364657 (2007).
O. Yavanoglu. M. Aydos. "A Review of Cyber Security Dataset for Machine Learning Algorithms". International Conference on Big Data, IEEE Xplore. DOI: 10.1109//BigData.2007.8258167. (2018).
R. C. Barros, A. c. P. L. F. De Carvalho. A. A. Freitas, "Automatic Design of Decision-Tree Induction Algorithms", Springer. Briefs in Computer Science, DOI 10.1007/978-3-319-14231-9_2. (2015).
R. Das, T. Morris. "Machine Learning in Cyber Security". IEEE Xplore. International Conference on Computer, Electronic and Communication Engineering. 2018. DOI: 10.1109/ICCECE.2017.8526232.
S. Pournouri, B. Akhgar, P. S. Bayerl. "Cyber Attacks Analysis Using Decision Tree Techniques for Improving Cyber Situational Awareness" International Conference on Global Security, Safety and Sustainability. Springer. Vol.360. 2017. DOI: 10.1007/978-3-319-51064-4_14.
V. Ford. A. Siraj. "Application of Machine Learning in Cyber Security". Conference Paper. Computer Science Department. Tennessee Tech University. (2014).
W. Wang, Z. Lu, "Cyber Security in Smart Grid: Survey and Challenges". Elsevier. (2013).
Dr. Abel Yeboah-Ofori
School of Architecture, Computing & Engineering, University of East London, London, E16 2GA - United Kingdom
u0118547@uel.ac.uk