An AI powered system call analysis with bag of word approaches for the detection of intrusions and malware in Australian Defence Force Academy and virtual machine monitor malware attack data set.

Saved in:
Bibliographic Details
Title: An AI powered system call analysis with bag of word approaches for the detection of intrusions and malware in Australian Defence Force Academy and virtual machine monitor malware attack data set.
Authors: Melvin, Appu Alfred Raja1 (AUTHOR) alfredraja@karunya.edu.in, Kathrine, Gnanaraj Jaspher W.1 (AUTHOR), Pasupathi, Subbulakshmi2 (AUTHOR), Shanmuganathan, Vimal3 (AUTHOR), Naganathan, Rajalingam4 (AUTHOR)
Source: Expert Systems. Jun2024, Vol. 41 Issue 6, p1-13. 13p.
Subjects: Australia. Australian Defence Force, Hypervisor (Computer software), Intrusion detection systems (Computer security), Machine learning, Artificial intelligence, Malware, False alarms
Abstract: This study propose the use of AI enabled machine learning algorithms with the Bag‐of‐Word (BoW) methods for the detection of intrusions by analysing the system call patterns. Host based Intrusion Detection System can make use of system call patterns to differentiate between normal and anomalous program behaviours. First, the system call patterns are pre‐processed with different approaches like BoW, BoW with Boolean value, BoW with Probability value and BoW with TF‐IDF. Next machine learning algorithms are used to evaluate the performance of classifier models. We used J48 (C4.5), Random Forrest, RIPPER, KNN, SVM, and NaiveBayes ML algorithms. This process was carried out on ADFA‐LD and on our proposed virtual machine monitor (VMM) malware attack data set for analysis. The proposed work is evaluated based on detection accuracy and false alarm rate metrics. Random Forrest algorithm performs better compared with other ML algorithms in terms of intrusion detection accuracy and false alarm rate on ADFA and VMM malware data set. The proposed data set provide better results compared with ADFA‐LD analysed using ML algorithms. The classifier model trained with ADFA and VMM malware system call data sets may do predictive analytics in detecting security issues for Industry 4.0 systems. [ABSTRACT FROM AUTHOR]
Copyright of Expert Systems is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Full text is not displayed to guests.
FullText Links:
  – Type: pdflink
Text:
  Availability: 1
Header DbId: egs
DbLabel: Engineering Source
An: 176989636
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: An AI powered system call analysis with bag of word approaches for the detection of intrusions and malware in Australian Defence Force Academy and virtual machine monitor malware attack data set.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Melvin%2C+Appu+Alfred+Raja%22">Melvin, Appu Alfred Raja</searchLink><relatesTo>1</relatesTo> (AUTHOR)<i> alfredraja@karunya.edu.in</i><br /><searchLink fieldCode="AR" term="%22Kathrine%2C+Gnanaraj+Jaspher+W%2E%22">Kathrine, Gnanaraj Jaspher W.</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Pasupathi%2C+Subbulakshmi%22">Pasupathi, Subbulakshmi</searchLink><relatesTo>2</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Shanmuganathan%2C+Vimal%22">Shanmuganathan, Vimal</searchLink><relatesTo>3</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Naganathan%2C+Rajalingam%22">Naganathan, Rajalingam</searchLink><relatesTo>4</relatesTo> (AUTHOR)
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22Expert+Systems%22">Expert Systems</searchLink>. Jun2024, Vol. 41 Issue 6, p1-13. 13p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Australia%2E+Australian+Defence+Force%22">Australia. Australian Defence Force</searchLink><br /><searchLink fieldCode="DE" term="%22Hypervisor+%28Computer+software%29%22">Hypervisor (Computer software)</searchLink><br /><searchLink fieldCode="DE" term="%22Intrusion+detection+systems+%28Computer+security%29%22">Intrusion detection systems (Computer security)</searchLink><br /><searchLink fieldCode="DE" term="%22Machine+learning%22">Machine learning</searchLink><br /><searchLink fieldCode="DE" term="%22Artificial+intelligence%22">Artificial intelligence</searchLink><br /><searchLink fieldCode="DE" term="%22Malware%22">Malware</searchLink><br /><searchLink fieldCode="DE" term="%22False+alarms%22">False alarms</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: This study propose the use of AI enabled machine learning algorithms with the Bag‐of‐Word (BoW) methods for the detection of intrusions by analysing the system call patterns. Host based Intrusion Detection System can make use of system call patterns to differentiate between normal and anomalous program behaviours. First, the system call patterns are pre‐processed with different approaches like BoW, BoW with Boolean value, BoW with Probability value and BoW with TF‐IDF. Next machine learning algorithms are used to evaluate the performance of classifier models. We used J48 (C4.5), Random Forrest, RIPPER, KNN, SVM, and NaiveBayes ML algorithms. This process was carried out on ADFA‐LD and on our proposed virtual machine monitor (VMM) malware attack data set for analysis. The proposed work is evaluated based on detection accuracy and false alarm rate metrics. Random Forrest algorithm performs better compared with other ML algorithms in terms of intrusion detection accuracy and false alarm rate on ADFA and VMM malware data set. The proposed data set provide better results compared with ADFA‐LD analysed using ML algorithms. The classifier model trained with ADFA and VMM malware system call data sets may do predictive analytics in detecting security issues for Industry 4.0 systems. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of Expert Systems is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=176989636
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1111/exsy.13029
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 13
        StartPage: 1
    Subjects:
      – SubjectFull: Australia. Australian Defence Force
        Type: general
      – SubjectFull: Hypervisor (Computer software)
        Type: general
      – SubjectFull: Intrusion detection systems (Computer security)
        Type: general
      – SubjectFull: Machine learning
        Type: general
      – SubjectFull: Artificial intelligence
        Type: general
      – SubjectFull: Malware
        Type: general
      – SubjectFull: False alarms
        Type: general
    Titles:
      – TitleFull: An AI powered system call analysis with bag of word approaches for the detection of intrusions and malware in Australian Defence Force Academy and virtual machine monitor malware attack data set.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Melvin, Appu Alfred Raja
      – PersonEntity:
          Name:
            NameFull: Kathrine, Gnanaraj Jaspher W.
      – PersonEntity:
          Name:
            NameFull: Pasupathi, Subbulakshmi
      – PersonEntity:
          Name:
            NameFull: Shanmuganathan, Vimal
      – PersonEntity:
          Name:
            NameFull: Naganathan, Rajalingam
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 06
              Text: Jun2024
              Type: published
              Y: 2024
          Identifiers:
            – Type: issn-print
              Value: 02664720
          Numbering:
            – Type: volume
              Value: 41
            – Type: issue
              Value: 6
          Titles:
            – TitleFull: Expert Systems
              Type: main
ResultId 1