A Novel Method for Managing System Vulnerability using Machine Learning Algorithms
Downloads
The extensive sharing of personal information over networks has given rise to an emerging malware industry. This has widened the scope of the organizations being vulnerable to malware - driven cybercrime. Such organized and distributed cyber-attacks can compromise the confidentiality, integrity and availability of any organization’s valuable data and resources. The endpoints (Desktops, Laptops, Mobiles, Servers, etc.) are more vulnerable and hence mainly targeted by the cyber criminals. The aim of this study is to determine the probability of such endpoints being affected by cybersecurity threats, based upon certain characteristics of the particular endpoint. Using the machine learning techniques applied in this study, like missing data analysis and imputation (Multiple Imputation), ensemble learning algorithms (Bagging and Boosting), it can be predicted that which devices/systems in an organization are likely to be infected by malwares, ransomwares or other such threats. Based on such findings, proactive measures can be taken, and cyber security strategies can be devised which can help organizations prevent losses to the tune of millions of dollars and become cyber resilient.
Journal homepage:
www.elsevier.com/locate/compeleceng
Duc-Ly Vu1 Trong-Kha Nguyen2 Tam V. Nguyen3 Tu N. Nguyen4 Fabio Massacci1 Phu H. Phung “HIT4Mal: Hybrid image transformation for malware classification”,2019.
Journal homepage: www.elsevier.com/locate/cose
“A Convolutional Transformation Network for Malware Classification”,2019 6th NAFOSTED Conference on Information and Computer Science.
Baoguo Yuana , Junfeng Wang “Byte-level malware classification based on markov images and deep learning”,2020.
Abdurrahman Pektaş1, Tankut Acarman “Malware classification based on API calls and behaviour analysis”, The Institution of Engineering and Technology,2017.
Xiaopeng TIAN, Di TANG, “A Distributed Vulnerability Scanning on Machine Learning”, 2019 6th International Conference on Information Science and Control Engineering.
J. Cano, "Cyberattacks-The Instability of Security and Control Knowledge", ISACA Journal, vol. 5, pp. 1-5, 2016.
C. Hollingsworth, "Auditing from FISMA and HIPAA: Lessons Learned Performing an In-House Cybersecurity Audit", ISACA Journal, vol. 5, pp. 1-6, 2016.
Li X, Wang J, Zhang X, “Botnet Detection Technology Based on DNS”, J. Future Internet, 2017.
Y J Hu, Z H Ling, "DBN-based Spectral Feature Representation for Statistical Parametric Speech Synthesis", IEEE Signal Processing Letters, vol. 23, no. 3, pp. 21-325, 2016.
Dinil Mon Divakaran et al., "Evidence gathering for network security and forensics", Digital Investigation, pp. 56-65, 2017.
S Fong, R Wong, A V Vasilakos, "Accelerated PSO Swarm Search Feature Selection for Data Stream Mining Big Data", IEEE Transactions on Services Computing, vol. 9, no. 1, pp. 33-45.
M. Khan, "Managing Data Protection and Cyber security Audit's Role", ISACA Journal, vol. 1, pp. 1-3.
Bharadwaj R. K. Mantha, Borja Garcia de Soto, “Cyber security challenges and vulnerability assessment in the construction industry”, Accepted 7 June 2020.
