Performing Dynamic Malware Analysis in Software Defined Network using LSTM Technique
Keywords:
Control Plane, Data Plane, POX, Controller, accuracy, LSTM, sigmoid, reluAbstract
Methods for analyzing harmful or benign packets are crucial for enhancing security systems. Those packets can only be detected to a limited extent by current security methods. A malware analysis architecture by incorporating Control Plane and Data plane with the Software-Defined Networking (SDN). This article uses a deep learning model to classify malware in order to perform accurately and effectively. The Long Short-Term Memory (LSTM) model is trained using the system suggested in this work, which extracts a number of properties. We present a Secure SDN Simulation in this research that is controlled by a POX Controller and we propose an improved Long Short-Term Memory (LSTM), to achieve improved accuracy using a Confusion Matrix. To achieve this, we train and test an LSTM model using TensorFlow and Keras package. Long short-term memory (LSTM), which analyses all potential data points that can handle big datasets. The results showed that the sigmoid function performed better than other activation functions and “relu”(Rectified Linear Unit) activation layer that gives a better result with a 97.7% accuracy rate. This work can aid in the detection of malware and enhance security measures.
Downloads
References
Wander Queiroz, Miriam A.M. Capretz, Mario Dantas, An approach for SDN traffic monitoring based on big data techniques, Journal of Network and Computer Applications, Volume 131, 2019, Pages 28-39, ISSN 1084-8045, https://doi.org/10.1016/j.jnca.2019.01.016.
S. Srisawai and P. Uthayopas, "Rapid Building of Software-based SDN Testbed using SDN Owl," 2018 22nd International Computer Science and Engineering Conference (ICSEC), Chiang Mai, Thailand, 2018, pp. 1-4, doi: 10.1109/ICSEC.2018.8712636.
Luca Parisi, Renfei Ma, Narrendar RaviChandran, Matteo Lanzillotta, hyper-sinh: An accurate and reliable function from shallow to deep learning in TensorFlow and Keras, Machine Learning with Applications, Volume 6, 2021, ISSN 2666-8270,
P. M. S. Sánchez, J. M. J. Valero, A. H. Celdrán, G. Bovet, M. G. Pérez and G. M. Pérez, "A Survey on Device Behaviour Fingerprinting: Data Sources, Techniques, Application Scenarios, and Datasets," in IEEE Communications Surveys & Tutorials, vol. 23, no. 2, pp. 1048-1077, Second quarter 2021, https://doi: 10.1109/COMST.2021.3064259.
T. Das, V. Sridharan and M. Gurusamy, "A Survey on Controller Placement in SDN," in IEEE Communications Surveys & Tutorials, vol. 22, no. 1, pp. 472-503, Firstquarter 2020, doi: 10.1109/COMST.2019.2935453.
Muchammad Naseer et al 2021 J. Phys.: Conf. Ser. 1807 012011.
Souri, A., Hosseini, R. A state-of-the-art survey of malware detection approaches using data mining techniques. Hum. Cent. Comput. Inf. Sci. 8, 3 (2018). https://doi.org/10.1186/s13673-018-0125-x
S. Jamalpur, Y. S. Navya, P. Raja, G. Tagore and G. R. K. Rao, "Dynamic Malware Analysis Using Cuckoo Sandbox," 2018 Second International Conference on Inventive Communication and Computational Technologies (ICICCT), 2018, pp. 1056-1060, doi: 10.1109/ICICCT.2018.8473346.
Rouka, Elpida & Birkinshaw, Celyn & Vassilakis, Vassilios. (2020). SDN-based Malware Detection and Mitigation: The Case of ExPetr Ransomware. 10.1109/ICIoT48696.2020.9089514.
Maxat Akbanov, Vassilios G. Vassilakis, Michael D. Logothetis, Ransomware detection and mitigation using software-defined networking: The case of WannaCry, Computers & Electrical Engineering, Volume 76, 2019, Pages 111-121, ISSN 0045-7906, https://doi.org/10.1016/j.compeleceng.2019.03.012.
Irshad A., Dutta M.K. (2021) Identification of Windows-Based Malware by Dynamic Analysis Using Machine Learning Algorithm. In: Gao XZ., Tiwari S., Trivedi M., Mishra K. (eds) Advances in Computational Intelligence and Communication Technology. Advances in Intelligent Systems and Computing, vol 1086. Springer, Singapore. https://doi.org/10.1007/978-981-15-1275-9_18
ie, N., Wang, X., Wang, W. et al. Fingerprinting Android malware families. Front. Comput. Sci. 13, 637–646 (2019). https://doi.org/10.1007/s11704-017-6493-y
. Xiong, Y. Zhang, D. Niyato, R. Deng, P. Wang and L. Wang, "Deep Reinforcement Learning for Mobile 5G and Beyond: Fundamentals, Applications, and Challenges," in IEEE Vehicular Technology Magazine, vol. 14, no. 2, pp. 44-52.
Cao, J.; Wang, D.; Qu, Z.; Sun, H.; Li, B.; Chen, C.-L. An Improved Network Traffic Classification Model Based on a Support Vector Machine. Symmetry 2020, 12, 301. https://doi.org/10.3390/sym12020301.
Alzaharani, A.O.; Alazani, M.J.F. Designing a Network Intrusion Detection System Based on Machine Learning for Software Defined Networks. Future Internet 2021, 13, 111. https://doi.org/10.3390/fi13050111
Benjamin Lindeman, Benjamin Maschler, Nada Sahlab, Michael Weyrich, A survey on anomaly detection for technical systems using LSTM networks, Computers in Industry, Volume 131, 2021, ISSN 0166-3615, https://doi.org/10.1016/j.compind.2021.103498.
Chu-Heng Lee, Shang-Juh Kao, Fu-Min Chang, LSTM-based ACB scheme for machine type communications in LTE-A networks, Computer Communications, Volume 152, 2020, Pages 296-304,ISSN 0140-3664, https://doi.org/10.1016/j.comcom.2020.01.047.
Thapa, K.N.K., Duraipandian, N. Malicious Traffic Classification Using Long Short-Term Memory (LSTM) Model. WirelessPers Commun 119, 2707–2724(2021). https://doi.org/10.1007/s11277-021-08359-6
McDole, A., Abdelsalam, M., Gupta, M., Mittal, S. (2020). Analyzing CNN Based Behavioural Malware Detection Techniques on Cloud IaaS. In: Zhang, Q., Wang, Y., Zhang, LJ. (eds) Cloud Computing – CLOUD 2020. CLOUD 2020. Lecture Notes in Computer Science(), vol 12403. Springer, Cham. https://doi.org/10.1007/978-3-030-59635-4_5
W. -J. Eom, Y. -J. Song, C. -H. Park, J. -K. Kim, G. -H. Kim and Y. -Z. Cho, "Network Traffic Classification Using Ensemble Learning in Software-Defined Networks," 2021 International Conference on Artificial Intelligence in Information and Communication (ICAIIC), 2021, pp. 089-092,
Hatma Suryotrisongko and Yasuo Musashi, “Hybrid Quantum Deep Learning and Variational Quantum Classifier-BasedModel for Botnet DGA Attack Detection” in International Journal of Intelligent Engineering and Systems, Vol.15, No.3, 2022
J. Xie et al., “A Survey of Machine Learning Techniques Applied to Software Defined Networking(SDN): Research Issues and Challenges,” IEEE Communications & Tutorials, Vol 21, n0 1, pp. 393-430, Firstquarter 2019.
Mishra, A., Gupta, N. & Gupta, B.B. Defence mechanisms against DDoS attack based on entropy in SDN-cloud using POX controller. Telecommun Syst 77,47–62(2021). https://doi.org/10.1007/s11235-020-00747-w
Wang, Tao & Li, Jingcong. (2019). An improved support vector machine and its application in P2P lending personal credit scoring. IOP Conference Series: Materials Science and Engineering. 490. 062041. 10.1088/1757-899X/490/6/062041.
Zhang, Zhaoqi & Qi, Panpan & Wang, Wei. (2020). Dynamic Malware Analysis with Feature Engineering and Feature Learning. Proceedings of the AAAI Conference on Artificial Intelligence. 34. 1210-1217. 10.1609/aaai.v34i01.5474.
Eduardo de O. Andrade a , Jos ́e Viterbo a , Cristina N. Vasconcelos a , Joris Gu ́erin a , Flavia
Cristina Bernardinia, “A Model Based on LSTM Neural Networks to Identify Five Different types of Malwares”, Universidade Federal Fluminense, Gal. Milton Tavares de Souza Av., Niter ́oi-RJ 24210-346, Brazi Procedia Computer Science pp-182-191(2022)
Omondi, P., Rosenberg, D., Almeida, G., Soo-min, K., & Kato, Y. A Comparative Analysis of Deep Learning Models for Image Classification. Kuwait Journal of Machine Learning, 1(3). Retrieved from http://kuwaitjournals.com/index.php/kjml/article/view/128
Indira, D., Alekhya, Y. S. ., Kishore, V. S. ., Ram, M. S. ., Namratha, S. ., & Kishore, B. N. . (2023). Color Image Encryption using Chaotic Algorithm and 2D Sin-Cos Henon Map for High Security . International Journal on Recent and Innovation Trends in Computing and Communication, 11(3), 263–272. https://doi.org/10.17762/ijritcc.v11i3.6346
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.