東華大學圖書館 |

語系: 繁體中文

說明(常見問題)

回圖書館首頁

手機版館藏查詢

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

FindBook

Google Book

Amazon

博客來

Cyber Attack Detection Using Machine Learning Techniques.

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Cyber Attack Detection Using Machine Learning Techniques./
作者:	Panpan, Qi.
面頁冊數:	1 online resource (136 pages)
附註:	Source: Dissertations Abstracts International, Volume: 84-09, Section: A.
Contained By:	Dissertations Abstracts International84-09A.
標題:	Software. -
電子資源:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=30339986click for full text (PQDT)
ISBN:	9798374479775

Cyber Attack Detection Using Machine Learning Techniques.
Panpan, Qi.

Cyber Attack Detection Using Machine Learning Techniques. - 1 online resource (136 pages)

Source: Dissertations Abstracts International, Volume: 84-09, Section: A.

Thesis (Ph.D.)--National University of Singapore (Singapore), 2022.

Includes bibliographical references

Cyber attack detection remains an urgent and challenging problem as a rising number of incidents related to cyber attacks have imposed substantial economic costs all over the world. As the cyber space continues to expand with increasing adoption of digital technologies, the cyber threat landscape is also constantly changing. In particular, malicious software (or malware) on computer systems has remained the most common and biggest threat to cyber security, while cyber attack on Cyber Physical Systems (CPSs) is becoming a rising concern as many mission-critical systems are CPSs, especially with the rapid development of the Internet of Things (IoT) systems. In this thesis, we therefore focus on cyber attack detection from two aspects: supervised detection for malicious software on computer systems and unsupervised anomaly detection for attacks in CPSs.To build a supervised malware detection model, one key phase is feature engineering, in which an input software is transformed via dynamic or static analysis to a set of features. Dynamic analysis executes each software in an isolated environment (e.g., a sandbox) to collect its run-time behaviour information, while static analysis methods scan the binary byte-streams of the software to create features. For dynamic analysis, existing works typically only consider the API name while ignoring the API arguments, or require complex feature engineering operations and expert knowledge to process the arguments. To this end, we propose a novel feature extraction approach to encode the API arguments associated with the API name and API category into a homogeneous and lowcost representation and devise a deep neural network architecture to mine the sequential correlation among API calls. Static analysis is important for protection against malware as it allows malicious files to be detected prior to execution. Recent deep learning models for static malware detection do not rely on the expert knowledge and read the binary files directly to do the classification, but they treat all the parts of the file equally and fail to utilize all the information decently. To tackle these issues, we propose an end-to-end malware detection framework that learns the features from multiple domains without feature engineering. Malware programs are known to evolve rapidly and malware detection models trained on the source domain (training data) often fail to generalize to the target domain, i.e., the deployed environment, due to the underlying distribution drifts. Recently, gradient boosting decision trees (GBDT) models, e.g., LightGBM, have shown outstanding performance for malware detection. To handle the data distribution drifts in malware detection, we adapt the adversarial learning framework for unsupervised domain adaptation to GBDT to alleviate performance degradation in the target domain.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2023

Mode of access: World Wide Web

ISBN: 9798374479775Subjects--Topical Terms:

619355
Software.
Index Terms--Genre/Form:

542853
Electronic books.

Cyber Attack Detection Using Machine Learning Techniques.
LDR:04134nmm a2200361K 4500 001 2358941
005 20230830051526.5
006 m o d
007 cr mn ---uuuuu
008 241011s2022 xx obm 000 0 eng d
020 $a 9798374479775
035 $a (MiAaPQ)AAI30339986
035 $a (MiAaPQ)USingapore230819
035 $a AAI30339986
040 $a MiAaPQ $b eng $c MiAaPQ $d NTU
100 1 $a Panpan, Qi. $3 3699492
245 1 0 $a Cyber Attack Detection Using Machine Learning Techniques.
264 0 $c 2022
300 $a 1 online resource (136 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertations Abstracts International, Volume: 84-09, Section: A.
500 $a Advisor: NG, See-Kiong.
502 $a Thesis (Ph.D.)--National University of Singapore (Singapore), 2022.
504 $a Includes bibliographical references
520 $a Cyber attack detection remains an urgent and challenging problem as a rising number of incidents related to cyber attacks have imposed substantial economic costs all over the world. As the cyber space continues to expand with increasing adoption of digital technologies, the cyber threat landscape is also constantly changing. In particular, malicious software (or malware) on computer systems has remained the most common and biggest threat to cyber security, while cyber attack on Cyber Physical Systems (CPSs) is becoming a rising concern as many mission-critical systems are CPSs, especially with the rapid development of the Internet of Things (IoT) systems. In this thesis, we therefore focus on cyber attack detection from two aspects: supervised detection for malicious software on computer systems and unsupervised anomaly detection for attacks in CPSs.To build a supervised malware detection model, one key phase is feature engineering, in which an input software is transformed via dynamic or static analysis to a set of features. Dynamic analysis executes each software in an isolated environment (e.g., a sandbox) to collect its run-time behaviour information, while static analysis methods scan the binary byte-streams of the software to create features. For dynamic analysis, existing works typically only consider the API name while ignoring the API arguments, or require complex feature engineering operations and expert knowledge to process the arguments. To this end, we propose a novel feature extraction approach to encode the API arguments associated with the API name and API category into a homogeneous and lowcost representation and devise a deep neural network architecture to mine the sequential correlation among API calls. Static analysis is important for protection against malware as it allows malicious files to be detected prior to execution. Recent deep learning models for static malware detection do not rely on the expert knowledge and read the binary files directly to do the classification, but they treat all the parts of the file equally and fail to utilize all the information decently. To tackle these issues, we propose an end-to-end malware detection framework that learns the features from multiple domains without feature engineering. Malware programs are known to evolve rapidly and malware detection models trained on the source domain (training data) often fail to generalize to the target domain, i.e., the deployed environment, due to the underlying distribution drifts. Recently, gradient boosting decision trees (GBDT) models, e.g., LightGBM, have shown outstanding performance for malware detection. To handle the data distribution drifts in malware detection, we adapt the adversarial learning framework for unsupervised domain adaptation to GBDT to alleviate performance degradation in the target domain.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2023
538 $a Mode of access: World Wide Web
650 4 $a Software. $2 gtt. $3 619355
650 4 $a Malware. $3 3562952
650 4 $a Explicit knowledge. $3 3682762
650 4 $a Neural networks. $3 677449
650 4 $a Computer science. $3 523869
650 4 $a Information technology. $3 532993
650 4 $a Web studies. $3 2122754
655 7 $a Electronic books. $2 lcsh $3 542853
690 $a 0800
690 $a 0984
690 $a 0489
690 $a 0646
710 2 $a ProQuest Information and Learning Co. $3 783688
710 2 $a National University of Singapore (Singapore). $3 3352228
773 0 $t Dissertations Abstracts International $g 84-09A.
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=30339986 $z click for full text (PQDT)