Exploring Emerging Strategies for Countering Computer Malware Attacks: A Comprehensive Survey of Tools and Techniques

Zainab Saad Karam, Rawaa Hamaz Ali, Baqer Obaiad Al-Nashy
International Journal of Computational and Electronic Aspects in Engineering
Volume 4: Issue 2, April-June 2023, pp 25-37

Author's Information
Zainab Saad Karam1 
Corresponding Author
1Department of Physics, College of Science, University of Misan, Misan, Iraq
zainab-almosawi@uomisan.edu.iq

Rawaa Hamaz Ali2
2Department of Biology,College of Science, University of Misan ,Maysan Iraq

 Baqer Obaiad Al-Nashy3
3Department of Physics, College of Science, University of Misan, Misan, Iraq
Article -- Peer Reviewed
First online on – 30 June 2023

Open Access article under Creative Commons License

Cite this article –Zainab Saad Karam, Rawaa Hamaz Ali “Exploring Emerging Strategies for Countering Computer Malware Attacks: A Comprehensive Survey of Tools and Techniques”, International Journal of Computational and Electronic Aspects in Engineering, RAME Publishers, vol. 4, Issue 2, pp. 25-37, 2023.
https://doi.org/10.26706/ijceae.4.2.20239750

Abstract:-
Currently, the majority of economic, comercial, cultural, social, and governmental activities and interactions between nations, encompassing individuals, non-governmental organisations, and government institutions, are conducted within the realm of cyberspace. Presently, numerous private enterprises and governmental institutions globally are encountering the issue of cyber assaults and the peril of wireless communication technologies. In contemporary society, there is a significant reliance on electronic technology, and safeguarding this information from cyber threats poses a formidable challenge. The objective of cyber-attacks is to cause financial harm to corporations. Cyber-attacks may serve military or political objectives in certain instances. Several types of damages include PC viruses, knowledge breaches, data distribution service (DDS), and other forms of attack vectors. For this purpose, diverse entities employ diverse measures to mitigate the harm inflicted by cyber assaults. The field of cyber security involves the monitoring and analysis of up-to-date information regarding the most recent developments in information technology. To date, scholars worldwide have put forth diverse methodologies aimed at averting cyber-attacks or mitigating their deleterious effects. Several techniques are currently in the operational stage, while others remain in the study phase. The objective of this research is to conduct a comprehensive survey and analysis of the latest developments in the realm of cyber security, with a focus on identifying the strengths, weaknesses, and challenges associated with the proposed methodologies. Various forms of novel descendant attacks are thoroughly examined. The discussion pertains to conventional security frameworks in conjunction with the historical and initial-generation techniques of cyber-security. Furthermore, this paper presents emerging trends and recent developments in the field of cyber security, as well as an overview of security threats and challenges. The presented comprehensive review study is anticipated to be beneficial for researchers in the field of IT and cyber security.
Index Terms:-
Malware Attack, Malware Detection Techniques, Machine Learning, Deep Learning, Malware Types
REFERENCES
  1. M. Ahmadian-Attari, S. M. Bagheri, M. Soltanpour and M. R. Meybodi, "Multi-agent system for malware detection in cloud environment," Journal of Network and Computer Applications, vol. 116, pp. 76-88, 2018.
  2. M. V. N. Murthy, A. V. Narasimha Rao and M. V. R. Murthy, "A survey on machine learning techniques for malware analysis and detection," Journal of King Saud University - Computer and Information Sciences, vol. 31, no. 3, pp. 345-362, 2019.
  3. Published by Ani Petrosyan and A. 6, “Number of malware attacks per year 2022,” Statista, 06-Apr-2023. [Online]. Available: https://www.statista.com/statistics/873097/malware-attacks-per-year-worldwide/. [Accessed: 02-May-2023].
  4. S. Islam, J. Kim, T. Ahmed and H. Chung, "Malware detection in IoT devices using machine learning: a survey," IEEE Access, vol. 7, pp. 129662-129680, 2019.
  5. S. Kim, Y. Jung and H. Kim, "Malware detection using machine learning algorithms with dynamic analysis," Future Generation Computer Systems, vol. 101, pp. 138-147, 2019.
  6. R. Singh, M. Singh and R. Singh, "Malware detection in android devices using machine learning techniques," Journal of Intelligent & Fuzzy Systems, vol. 35, no. 1, pp. 341-348, 2018.
  7. Al-Haj and M. Al-Kabi, "A novel hybrid machine learning approach for malware detection," International Journal of Advanced Computer Science and Applications, vol. 9, no. 3, pp. 1-9, 2018.
  8. L. N. Anh, T. N. Ha and H. X. Thanh, "A deep learning approach for malware detection using convolutional neural networks," International Journal of Advanced Computer Science and Applications, vol. 9, no. 2, pp. 354-360, 2018.
  9. D. S. Kim, H. S. Kim and J. H. Park, "A novel approach to malware detection using deep neural networks," Journal of Intelligent & Fuzzy Systems, vol. 35, no. 4, pp. 4485-4494, 2018.
  10. N. Ahmed, T. Ahmed, M. R. Islam and M. S. Hossain, "Malware detection using machine learning techniques: a survey," Journal of Ambient Intelligence and Humanized Computing, vol. 9, no. 6, pp. 1817-1838, 2018.
  11. S. A. Ahmad, A. H. Abdullah and N. A. Basari, "A comparative study of malware detection using machine learning," Journal of Telecommunication, Electronic and Computer Engineering, vol. 10, no. 1-14, pp. 43-47, 2018.
  12. Jarrod Grasley, Ayman Diyab Alahmar, "Systematic Mapping of Machine Learning–Based Malware Detection Studies", 2022 International Conference on Electrical, Computer and Energy Technologies (ICECET), pp.1-10, 2022.
  13. A. A. Alazab, R. K. Sharma, S. H. Al-Smadi and S. Z. Al-Sharafat, "A novel framework for cybercriminals detection in online social networks," IEEE Transactions on Emerging Topics in Computing, vol. 7, no. 4, pp. 546-558, 2019.
  14. H. T. Huong, T. N. Khoa and N. T. Tung, "A survey of machine learning techniques for malware detection," Journal of Computer Science and Cybersecurity, vol. 4, no. 1, pp. 1-12, 2020.
  15. J. Li, D. Huang, Y. Li and Q. Li, "Malware behavior analysis using machine learning techniques: a survey," IEEE Access, vol. 8, pp. 34623-34643, 2020.
  16. P. Dutta, A. Das and D. N. K. Jayakody, "Limitations of traditional approaches for malware detection and analysis and their solutions," in Proceedings of the 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Bangalore, India, 2018, pp. 99-103.
  17. F. Saleem, S. S. Haque, M. A. Tahir and M. U. Ilyas, "Limitations of traditional intrusion detection systems for IoT networks: a comprehensive review," IEEE Access, vol. 8, pp. 26265-26281, 2020.
  18. T. Al-Duwairi, R. Jammal and H. Al-Sadi, "Network malware detection using deep learning: a review," in Proceedings of the 2018 10th International Conference on Computer and Automation Engineering (ICCAE), Brisbane, QLD, Australia, 2018, pp. 101-106.
  19. Han, Weijie & Xue, Jingfeng & Wang, Yong & Zhu, Shibing & Kong, Zixiao. (2019). Review: Build a Roadmap for Stepping Into the Field of Anti-Malware Research Smoothly. IEEE Access. PP. 1-1. 10.1109/ACCESS.2019.2945787.
  20. Y. Nagano and R. Uda, “Static analysis with paragraph vector for malware detection,” Proc. 11th Int. Conf. Ubiquitous Inf. Manag. Commun. IMCOM 2017, 2017, doi: 10.1145/3022227.3022306.
  21. M. Al-Badarneh, M. Jarrah, and A. Zeki, "A Dynamic Ensemble of Machine Learning Techniques for Malware Detection," in IEEE Access, vol. 6, pp. 22561-22575, 2018.
  22. L. Ma, Y. Huang, and Q. Zhu, "Malware detection based on machine learning algorithms and API sequences," in IEEE Access, vol. 7, pp. 22915-22923, 2019.
  23. S. H. Ali and S. M. Abdul-Kader, "An Efficient Machine Learning Approach for Malware Detection," in IEEE Transactions on Information Forensics and Security, vol. 14, no. 1, pp. 36-49, Jan. 2019.
  24. S. Khalid and J. Lloret, "Ensemble Learning for Malware Classification," in IEEE Access, vol. 7, pp. 116170-116184, 2019.
  25. M. Esmalifalak and M. R. Meybodi, "A machine learning approach for detecting malicious software behavior based on network traffic analysis," in IEEE Transactions on Information Forensics and Security, vol. 14, no. 4, pp. 993-1008, Apr. 2019.
  26. X. Zhang, W. Zhang, and Z. Liu, "Malware Detection Based on Machine Learning and Convolutional Neural Network," in IEEE Access, vol. 7, pp. 36526-36537, 2019.
  27. L. Wang, C. Chen, and Y. Chen, "Machine Learning-Based Malware Detection: A Comparative Study," in IEEE Access, vol. 8, pp. 22026-22038, 2020.
  28. X. Wei, Q. Xue, and Y. Qiao, "Detecting Advanced Persistent Threats Based on Machine Learning Techniques," in IEEE Access, vol. 8, pp. 197500-197516, 2020.
  29. F. Yang, Y. Wang, and J. Wang, "Dynamic and Static Hybrid Malware Detection Using Machine Learning," in IEEE Access, vol. 9, pp. 29018-29029, 2021.
  30. J. Huang, W. Shi, and G. Yan, "Integrating Static and Dynamic Features for Malware Detection via Machine Learning," in IEEE Access, vol. 10, pp. 18622-18633, 2022.
  31. M. Almukaynizi, M. Z. Reshi, and N. Alajlan, "FlowDL: A Deep Learning Approach for Malware Detection using Flow-based Traffic Analysis," in IEEE Access, vol. 7, pp. 93123-93134, 2019, doi: 10.1109/ACCESS.2019.2923481.
  32. Y. Jiang, X. Lin, and H. Li, "Malware Detection using Deep Learning with Static and Dynamic Feature Engineering," in 2018 IEEE International Conference on Smart Internet of Things (SmartIoT), pp. 103-107, 2018, doi: 10.1109/SmartIoT.2018.00025.
  33. Yuxin, D., & Siyi, Z. (2019). Malware detection based on deep learning algorithm. Neural Computing and Applications, 31(2), 461–472. https://doi.org/10.1007/s00521-017-3077-6
  34. Naseer, S., Saleem, Y., Khalid, S., Bashir, M. K., Han, J., Iqbal, M. M., & Han, K. (2018). Enhanced network anomaly detection based on deep neural networks. IEEE Access, 6, 48231–48246. https://doi.org/10.1109/ACCESS.2018.2863036
  35. Yin, C., Zhang, S., Wang, J., & Xiong, N. N. (2022). Anomaly Detection Based on Convolutional Recurrent Autoencoder for IoT Time Series. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 52(1), 112–122. https://doi.org/10.1109/TSMC.2020.2968516
  36. Cui, Z., Du, L., Wang, P., Cai, X., & Zhang, W. (2019). Malicious code detection based on CNNs and multi-objective algorithm. Journal of Parallel and Distributed Computing, 129, 50–58. https://doi.org/10.1016/j.jpdc.2019.03.010
  37. Xiao, F., Lin, Z., Sun, Y., & Ma, Y. (2019). Malware Detection Based on Deep Learning of Behavior Graphs. Mathematical Problems in Engineering, 2019. https://doi.org/10.1155/2019/8195395
  38. Li, S., Zhou, Q., Zhou, R., & Lv, Q. (2022). Intelligent malware detection based on graph convolutional network. Journal of Supercomputing, 78(3), 4182–4198. https://doi.org/10.1007/s11227-021-04020-y
  39. S. Kim, S. Kim, and H. Kim, "Deep Learning-Based Malware Detection Using Two-Dimensional Binary Program Features," in IEEE Access, vol. 6, pp. 38513-38522, 2018.
  40. R. Chauhan, S. Rai, S. S. Bhatia, and S. Singh, "Detecting Malware with Convolutional Neural Networks and Dynamic Analysis," in IEEE Access, vol. 7, pp. 60979-60989, 2019.
  41. J. Zhu, J. Wang, C. Zhang, and M. Liu, "A Malware Detection Method Based on Deep Learning and GAN," in IEEE Access, vol. 7, pp. 163933-163943, 2019.
  42. J. Huang, W. Yang, S. Xie, and Y. Zhang, "Malware Detection Based on Deep Learning and Static Analysis," in IEEE Access, vol. 7, pp. 82567-82574, 2019.
  43. S. Wang, Y. Zhu, W. Zhou, and H. Li, "Malware Detection Based on Deep Learning and Dynamic Analysis," in IEEE Access, vol. 8, pp. 34548-34555, 2020.
  44. A. Hasan, R. Islam, and A. H. M. Zahirul Alam, "Malware Detection Using Recurrent Neural Networks," in IEEE Access, vol. 8, pp. 34313-34320, 2020.
  45. M. Elhoseny, M. M. Hassanien, A. M. Salem, and E. El-Masry, "Deep Neural Networks for Botnet Detection," in IEEE Access, vol. 7, pp. 139648-139659, 2019.
  46. M. Atapour-Abarghouei and D. Stupples, "Deep Learning for Detecting Cryptographic Malware," in IEEE Access, vol. 7, pp. 183347-183357, 2019.
  47. J. Zhang, H. Liu, Z. Jiang, and H. Xie, "Deep Learning for Advanced Threat Detection," in IEEE Access, vol. 7, pp. 145157-145169, 2019.
  48. C. Zhao, W. Zhang, and H. Wang, "Malware Detection Based on Deep Learning with Feature Fusion," in IEEE Access, vol. 7, pp. 97620-97628, 2019.
  49. H. Zou, J. Li, J. Li, and M. Li, "A Novel Method for Detecting Malware Using a Deep Learning Approach with Hybrid Features," in IEEE Access, vol. 8, pp. 109239-109251, 2020.
  50. X. Zhang, L. Ding, X. Feng, and Y. Zhang, "Detecting Malicious Activities through Deep Learning in Industrial Control Systems," in IEEE Access, vol. 7, pp. 105316-105324, 2019.
  51. N. Elhadary, M. Tolba, A. S. Salem and S. B. Elsayed, "SDN-Based Malware Detection in Large-Scale Networks Using Multimodal Deep Learning," in IEEE Access, vol. 8, pp. 206250-206262, 2020, doi: 10.1109/ACCESS.2020.3031378.
  52. R. N. Nair, N. R. Prasad and P. V. N. Rao, "An SDN-based Solution for Efficient Malware Mitigation in Cloud Infrastructure," in 2018 IEEE 8th International Conference on Cloud Computing, pp. 1-8, 2018, doi: 10.1109/CLOUD.2018.00010.
  53. R. S. Ibrahim, S. F. Hassen, and A. L. Gomaa, "Malware Detection in Software-Defined Networks Using Ensemble Learning," in IEEE Access, vol. 8, pp. 147021-147033, 2020, doi: 10.1109/ACCESS.2020.3014621.
  54. S. K. Jana, S. Roy, and D. K. Bhattacharyya, "SDN-Based Malware Detection System for IoT Networks," in 2020 IEEE International Conference on Communication and Signal Processing (ICCSP), Melmaruvathur, India, Apr. 2020, pp. 174-179.
  55. W. Zhang, Y. Li, and W. Zhang, "An SDN-Based Malware Detection System Using Machine Learning," IEEE Access, vol. 8, pp. 227-235, 2020
  56. Y. Song, J. Liu, and Q. Wu, "A Dynamic SDN-Based Malware Detection System for Cloud Computing Networks," in 2021 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA), Hefei, China, Jan. 2021, pp. 272-276.
  57. J. Kim, J. Jeon, and H. Kim, "SDN-Based Malware Detection and Mitigation Framework Using Flow Correlation Analysis," IEEE Transactions on Network and Service Management, vol. 18, no. 1, pp. 333-345, Mar. 2021.
  58. S. Sahoo, A. Misra, and J. Pradhan, "Malware Detection System Using Hybrid Machine Learning and SDN-Based Traffic Analysis," in 2021 11th International Conference on Cloud Computing, Data Science & Engineering (Confluence), Noida, India, Mar. 2021, pp. 182-186.
  59. S. H. Kim, S. Y. Ahn, and K. W. Kim, "An Efficient SDN-Based Malware Detection System Using Machine Learning Techniques," in 2021 IEEE Conference on Dependable and Secure Computing (DSC), Honolulu, HI, USA, Aug. 2021, pp. 1-8.
  60. P. H. Nguyen, H. P. Nguyen and W. Zhou, "Using Software-Defined Networking for Intrusion Detection in IoT Networks," in IEEE Internet of Things Journal, vol. 7, no. 1, pp. 342-351, Jan. 2020, doi: 10.1109/JIOT.2019.2931407.
  61. M. N. Hassan and N. Noman, "A Software-Defined Networking (SDN) Approach for Network Security Management: A Review," in 2018 IEEE 5th Intl Conf on Soft Computing & Machine Intelligence (ISCMI), pp. 19-24, 2018, doi: 10.1109/ISCMI.2018.8678621.
  62. S. M. Tharwat and H. A. Tawfik, "Software-Defined Networking for Enhancing the Security of the Internet of Things," in IEEE Access, vol. 8, pp. 110547-110559, 2020, doi: 10.1109/ACCESS.2020.3006422.
  63. Y. Gao, X. Li, H. Peng, B. Fang, and P. S. Yu, "HinCTI: A Cyber Threat Intelligence Modeling and Identification System Based on Heterogeneous Information Network," IEEE Transactions on Knowledge and Data Engineering, vol. 34, no. 2, pp. 708–722, 2022, doi: 10.1109/TKDE.2020.2987019.
  64. [1] J. Zhao, Q. Yan, X. Liu, B. Li, and G. Zuo, “Cyber threat intelligence modeling based on heterogeneous graph convolutional network,” RAID 2020 Proc. - 23rd Int. Symp. Res. Attacks, Intrusions Defenses, pp. 241–256, 2020.
  65. K. Oosthoek and C. Doerr, "Cyber Threat Intelligence: A Product Without a Process?" in International Journal of Intelligence and CounterIntelligence, pp. 1-16, 2020, doi: 10.1080/08850607.2020.1780062.
  66. J. Zhao, Q. Yan, J. Li, M. Shao, Z. He, and B. Li, "TIMiner: Automatically Extracting and Analyzing Categorized Cyber Threat Intelligence from Social Data," Computers and Security, vol. 95, 2020, doi: 10.1016/j.cose.2020.101867.
  67. [1] N. Rastogi, S. Dutta, M. J. Zaki, A. Gittens, and C. Aggarwal, “MALOnt: An Ontology for Malware Threat Intelligence,” Commun. Comput. Inf. Sci., vol. 1271 CCIS, pp. 28–44, 2020, doi: 10.1007/978-3-030-59621-7_2.
  68. A. Khodabakhsh, A. Azmoodeh, M. R. Meybodi, and A. Dehghantanha, "Detecting sophisticated cyber threats: A survey on cyber threat intelligence techniques," Journal of Network and Computer Applications, vol. 158, p. 102793, 2020.
  69. S. Li, Y. Li, S. Li, and S. Wu, "Ensemble of machine learning classifiers for cyber threat intelligence," Journal of Ambient Intelligence and Humanized Computing, vol. 11, no. 2, pp. 461–473, 2020.
  70. H. Han, J. Song, S. Kim, and J. Chung, "An effective cyber threat intelligence system based on deep learning and dynamic analysis," Future Generation Computer Systems, vol. 119, pp. 17–25, 2021.
  71. S. Saeed, S. S. Malik, and M. A. Jaffar, "A comprehensive review on machine learning based cyber threat intelligence," Computers and Security, vol. 106, p. 102323, 2021.
  72. A. M. M. Abad, H. M. S. Salleh, S. A. S. Suhaimi, and N. A. Zakaria, "Cyber threat intelligence: A survey of machine learning and deep learning techniques," Journal of Ambient Intelligence and Humanized Computing, vol. 12, no. 9, pp. 8825–8841, 2021.

    73. To view full paper, Download here

For authors

Author's guidelines Publication Ethics Publication Policies Artical Processing Charges Call for paper Frequently Asked Questions(FAQS) View All Volumes and Issues

Publishing with