A Two-stage Malware Detection Architecture Inspired by Human Immune System

Mohammed A.F. Salah, Mohd Fadzli Marhusin, Rossilawati Sulaiman

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Malware sophistication is on the rise and continue being a serious threat against privacy, availability and integrity of information. This paper proposed an architecture which consist of two detectors. The first detector observes for malware in general. It will classify an executable if whether it is benign or malign and updates its Knowledge Base dynamically. The second detector is a specialised one, aiming to detect ransomware via its deep scan capability. This detector will be activated if the first detector senses the presence of ransomware pre-execution activities. The detector will decide whether a program is a ransomware or not and dynamically update its Knowledge Base dynamically.

Original languageEnglish
Title of host publicationProceedings of the 2018 Cyber Resilience Conference, CRC 2018
EditorsKhairul Akram Zainol Abidin, Masnizah Mohd, Zarina Shukur
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538675410
DOIs
Publication statusPublished - 25 Jan 2019
Event2018 Cyber Resilience Conference, CRC 2018 - Putrajaya, Malaysia
Duration: 13 Nov 201815 Nov 2018

Publication series

NameProceedings of the 2018 Cyber Resilience Conference, CRC 2018

Conference

Conference2018 Cyber Resilience Conference, CRC 2018
CountryMalaysia
CityPutrajaya
Period13/11/1815/11/18

Fingerprint

Immune system
privacy
integrity
threat
Detectors
Malware
Availability

Keywords

  • Dynamic analysis
  • Human Immune System
  • Malware
  • Ransomware

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Social Sciences (miscellaneous)
  • Computer Networks and Communications

Cite this

Salah, M. A. F., Fadzli Marhusin, M., & Sulaiman, R. (2019). A Two-stage Malware Detection Architecture Inspired by Human Immune System. In K. A. Z. Abidin, M. Mohd, & Z. Shukur (Eds.), Proceedings of the 2018 Cyber Resilience Conference, CRC 2018 [8626867] (Proceedings of the 2018 Cyber Resilience Conference, CRC 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CR.2018.8626867

A Two-stage Malware Detection Architecture Inspired by Human Immune System. / Salah, Mohammed A.F.; Fadzli Marhusin, Mohd; Sulaiman, Rossilawati.

Proceedings of the 2018 Cyber Resilience Conference, CRC 2018. ed. / Khairul Akram Zainol Abidin; Masnizah Mohd; Zarina Shukur. Institute of Electrical and Electronics Engineers Inc., 2019. 8626867 (Proceedings of the 2018 Cyber Resilience Conference, CRC 2018).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Salah, MAF, Fadzli Marhusin, M & Sulaiman, R 2019, A Two-stage Malware Detection Architecture Inspired by Human Immune System. in KAZ Abidin, M Mohd & Z Shukur (eds), Proceedings of the 2018 Cyber Resilience Conference, CRC 2018., 8626867, Proceedings of the 2018 Cyber Resilience Conference, CRC 2018, Institute of Electrical and Electronics Engineers Inc., 2018 Cyber Resilience Conference, CRC 2018, Putrajaya, Malaysia, 13/11/18. https://doi.org/10.1109/CR.2018.8626867
Salah MAF, Fadzli Marhusin M, Sulaiman R. A Two-stage Malware Detection Architecture Inspired by Human Immune System. In Abidin KAZ, Mohd M, Shukur Z, editors, Proceedings of the 2018 Cyber Resilience Conference, CRC 2018. Institute of Electrical and Electronics Engineers Inc. 2019. 8626867. (Proceedings of the 2018 Cyber Resilience Conference, CRC 2018). https://doi.org/10.1109/CR.2018.8626867
Salah, Mohammed A.F. ; Fadzli Marhusin, Mohd ; Sulaiman, Rossilawati. / A Two-stage Malware Detection Architecture Inspired by Human Immune System. Proceedings of the 2018 Cyber Resilience Conference, CRC 2018. editor / Khairul Akram Zainol Abidin ; Masnizah Mohd ; Zarina Shukur. Institute of Electrical and Electronics Engineers Inc., 2019. (Proceedings of the 2018 Cyber Resilience Conference, CRC 2018).
@inproceedings{697d00d7085a4776b4155aa656808404,
title = "A Two-stage Malware Detection Architecture Inspired by Human Immune System",
abstract = "Malware sophistication is on the rise and continue being a serious threat against privacy, availability and integrity of information. This paper proposed an architecture which consist of two detectors. The first detector observes for malware in general. It will classify an executable if whether it is benign or malign and updates its Knowledge Base dynamically. The second detector is a specialised one, aiming to detect ransomware via its deep scan capability. This detector will be activated if the first detector senses the presence of ransomware pre-execution activities. The detector will decide whether a program is a ransomware or not and dynamically update its Knowledge Base dynamically.",
keywords = "Dynamic analysis, Human Immune System, Malware, Ransomware",
author = "Salah, {Mohammed A.F.} and {Fadzli Marhusin}, Mohd and Rossilawati Sulaiman",
year = "2019",
month = "1",
day = "25",
doi = "10.1109/CR.2018.8626867",
language = "English",
series = "Proceedings of the 2018 Cyber Resilience Conference, CRC 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
editor = "Abidin, {Khairul Akram Zainol} and Masnizah Mohd and Zarina Shukur",
booktitle = "Proceedings of the 2018 Cyber Resilience Conference, CRC 2018",
address = "United States",

}

TY - GEN

T1 - A Two-stage Malware Detection Architecture Inspired by Human Immune System

AU - Salah, Mohammed A.F.

AU - Fadzli Marhusin, Mohd

AU - Sulaiman, Rossilawati

PY - 2019/1/25

Y1 - 2019/1/25

N2 - Malware sophistication is on the rise and continue being a serious threat against privacy, availability and integrity of information. This paper proposed an architecture which consist of two detectors. The first detector observes for malware in general. It will classify an executable if whether it is benign or malign and updates its Knowledge Base dynamically. The second detector is a specialised one, aiming to detect ransomware via its deep scan capability. This detector will be activated if the first detector senses the presence of ransomware pre-execution activities. The detector will decide whether a program is a ransomware or not and dynamically update its Knowledge Base dynamically.

AB - Malware sophistication is on the rise and continue being a serious threat against privacy, availability and integrity of information. This paper proposed an architecture which consist of two detectors. The first detector observes for malware in general. It will classify an executable if whether it is benign or malign and updates its Knowledge Base dynamically. The second detector is a specialised one, aiming to detect ransomware via its deep scan capability. This detector will be activated if the first detector senses the presence of ransomware pre-execution activities. The detector will decide whether a program is a ransomware or not and dynamically update its Knowledge Base dynamically.

KW - Dynamic analysis

KW - Human Immune System

KW - Malware

KW - Ransomware

UR - http://www.scopus.com/inward/record.url?scp=85062724607&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85062724607&partnerID=8YFLogxK

U2 - 10.1109/CR.2018.8626867

DO - 10.1109/CR.2018.8626867

M3 - Conference contribution

T3 - Proceedings of the 2018 Cyber Resilience Conference, CRC 2018

BT - Proceedings of the 2018 Cyber Resilience Conference, CRC 2018

A2 - Abidin, Khairul Akram Zainol

A2 - Mohd, Masnizah

A2 - Shukur, Zarina

PB - Institute of Electrical and Electronics Engineers Inc.

ER -