Network-Level Behavioral Malware Analysis Model based on Bayesian Network

• Published in: 2021 International Conference on Computer & Information Sciences (ICCOINS) pp. 316 - 321
• Main Authors: Yusof, Mohammad Hafiz Mohd, Zin, Abdullah Mohd
• Format: Conference Proceeding
• Language: English
• Published: IEEE 13.07.2021
• Subjects: Analytical models; Bayesian; Behavioral Malware Analysis; Feature extraction; Intrusion Detection System; Malware; Medical services; Predictive models; Production; Support vector machines
• ISBN: 9781728171517; 1728171512
• DOI: 10.1109/ICCOINS49721.2021.9497140

Signature-based analysis is no longer sufficient to solve polymorphic and stealth nature of malware attacks. Therefore, a behavioral or anomalous analysis will provide a more dynamic approach for the solution. However, recent studies have shown that current behavioral analysis methods at network-level have several issues and been categorized into its common characteristics which are reduced parameters, θ and lack of prior information, p(θ). Therefore, this study aims to determine Feature Selection and Distribution Density model to select optimized features, then to design Predictive Analytics Model based on Bayesian Network to improve the analysis prediction. Finally, the aim is to evaluate detection, accuracy and false alarm rate of the model against the subject matter expert model, SVM, k-NN and Lease Squared using standard and ground-truth dataset of production traffic from the healthcare provider in Malaysia. Results have shown that the proposed model consistently outperformed other models.