Please use this identifier to cite or link to this item:
https://rda.sliit.lk/handle/123456789/2081
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Thebeyanthan, K. | - |
dc.contributor.author | Achsuthan, M. | - |
dc.contributor.author | Ashok, S. | - |
dc.contributor.author | Vaikunthan, P. | - |
dc.contributor.author | Senaratne, A. N | - |
dc.contributor.author | Abeywardena, K. Y | - |
dc.date.accessioned | 2022-04-28T05:37:33Z | - |
dc.date.available | 2022-04-28T05:37:33Z | - |
dc.date.issued | 2018-11-02 | - |
dc.identifier.citation | Thebeyanthan, K., Achsuthan, M., Ashok, S., Vaikunthan, P., Senaratne, A.N., Abeywardena, K.Y. (2019). E-Secure: An Automated Behavior Based Malware Detection System for Corporate E-Mail Traffic. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Intelligent Computing. SAI 2018. Advances in Intelligent Systems and Computing, vol 857. Springer, Cham. https://doi.org/10.1007/978-3-030-01177-2_77 | en_US |
dc.identifier.isbn | 978-3-030-01177-2 | - |
dc.identifier.uri | http://rda.sliit.lk/handle/123456789/2081 | - |
dc.description.abstract | Over the year’s cyber-attacks have become much more sophisticated, bringing new challenges to the cyber world. Cyber security is becoming one of the major concerns in the area of network security these days. In recent times attackers have found new ways to bypass the malware detection technologies that are used in the security domain. The static analysis of malware is no longer considered an effective method compared to the propagating rate of malware bypassing static analysis. The first step that has to be followed to protect a system is to have a deep knowledge about existing malware, different types of malware, a method to detect the malware, and the method to bypass the effects caused by the malware. E-Secure is a behavior based malware detection system for corporate e-mail traffic. This paper proposes a malware security system as a solution to detect the malicious file that is passed through the e-mail of corporate network, and externally a file uploaded separately through a website for analysis. Since signature-based methods cannot identify the sophisticated malware effectively, the dynamic analysis is used to identify the malware. The Cuckoo Sandbox plays an important role in analyzing the behavior of malware but has no feature to extract the behavior, cluster it and produce results graphically in a way that is easier to understand. An application programming interface is used to extract the behavior of the malware and to train the machines automatically by feeding the extracted behavior. K-Means algorithm is used to cluster the malware based on the same behaviors. An application programming Interface is developed to illustrate the clusters graphically. After the completion of the training process, when a new malware arrives again an application programming interface is developed to identify the type of the malware. Risk analysis is used to state the criticality of a malware. The output of the whole process can be viewed through the E-Secure web interface which helps even a junior network security administrator to understand the detected malware and how critical the malware is. | en_US |
dc.language.iso | en | en_US |
dc.publisher | SAI 2018: Intelligent Computing | en_US |
dc.relation.ispartofseries | Advances in Intelligent Systems and Comp;Vol. 857,Pages 1056-1071 | - |
dc.subject | Dynamic analysis | en_US |
dc.subject | Malware | en_US |
dc.subject | Behavior analysis | en_US |
dc.subject | Cuckoo sandbox | en_US |
dc.subject | Clustering | en_US |
dc.subject | Identification | en_US |
dc.subject | API calls | en_US |
dc.subject | Risk analysis | en_US |
dc.title | E-Secure: An Automated Behavior Based Malware Detection System for Corporate E-Mail Traffic | en_US |
dc.type | Article | en_US |
dc.identifier.doi | 10.1007/978-3-030-01177-2_77 | en_US |
Appears in Collections: | Department of Computer Systems Engineering-Scopes Research Papers - Dept of Computer Systems Engineering Research Papers - SLIIT Staff Publications |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Intelligent Computing Proceedings of the 2018 Computing Conference, Volume 2 (Kohei Arai, Supriya Kapoor, Rahul Bhatia) (z-lib.org).pdf Until 2050-12-31 | 167.64 MB | Adobe PDF | View/Open Request a copy |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.