From ZeuS to Zitmo : trends in banking malware

In the crimeware world, financial botnets are a global threat to banking organizations. Such malware purposely performs financial fraud and steals critical information from clients' computers. A common example of banking malware is the ZeuS botnet. Recently, variants of this malware have targeted mobile platforms, as The-ZeuS-in-the-Mobile or Zitmo. With the rise in mobile systems, platform security is becoming a major concern across the mobile world, with rising incidence of compromising Android devices. In similar vein, there have been mobile botnet attacks on iPhones, Blackberry and Symbian devices. In this setting, we report on trends and developments of ZeuS and its variants

PIGNUS: a deep learning model for IDS in industrial internet-of-things

The heterogeneous nature of the Industrial Internet of Thing (IIoT) has a considerable impact on the development of an effective Intrusion Detection System (IDS). The proliferation of linked devices results in multiple inputs from industrial sensors. IDS faces challenges in analyzing the features of the traffic and identifying anonymous behavior. Due to the unavailability of a comprehensive feature mapping method, the present IDS solutions are non-usable to identify zero-day vulnerabilities. In this paper, we introduce the first comprehensive IDS framework that combines an efficient feature-mapping technique and cascading model to solve the above-mentioned problems. We call our proposed solution deeP learnIG model intrusioN detection in indUStrial internet-of things (PIGNUS). PIGNUS integrates Auto Encoders (AE) to select optimal features and Cascade Forward Back Propagation Neural Network (CFBPNN) for classification and attack detection. The cascading model uses interconnected links from the initial layer to the output layer and determines the normal and abnormal behavior patterns and produces a perfect classification. We execute a set of experiments on five popular IIoT datasets: gas pipeline, water storage tank, NSLKDD+, UNSW-NB15, and X-IIoTID. We compare PIGNUS to the state-of-the-art models in terms of accuracy, False Positive Ratio (FPR), precision, and recall. The results show that PIGNUS provides more than accuracy, which is better on average than the existing models. In the other parameters, PIGNUS shows improved FPR, better recall, and better in precision. Overall, PIGNUS proves its efficiency as an IDS solution for IIoTs. Thus, PIGNUS is an efficient solution for IIoTs

Deep Learning Approach for Intelligent Intrusion Detection System

Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyberattacks at the network-level and the host-level in a timely and automatic manner. However, many challenges arise since malicious attacks are continually changing and are occurring in very large volumes requiring a scalable solution. There are different malware datasets available publicly for further research by cyber security community. However, no existing study has shown the detailed analysis of the performance of various machine learning algorithms on various publicly available datasets. Due to the dynamic nature of malware with continuously changing attacking methods, the malware datasets available publicly are to be updated systematically and benchmarked. In this paper, a deep neural network (DNN), a type of deep learning model, is explored to develop a flexible and effective IDS to detect and classify unforeseen and unpredictable cyberattacks. The continuous change in network behavior and rapid evolution of attacks makes it necessary to evaluate various datasets which are generated over the years through static and dynamic approaches. This type of study facilitates to identify the best algorithm which can effectively work in detecting future cyberattacks. A comprehensive evaluation of experiments of DNNs and other classical machine learning classifiers are shown on various publicly available benchmark malware datasets. The optimal network parameters and network topologies for DNNs are chosen through the following hyperparameter selection methods with KDDCup 99 dataset. All the experiments of DNNs are run till 1,000 epochs with the learning rate varying in the range [0.01–0.5]. The DNN model which performed well on KDDCup 99 is applied on other datasets, such as NSL-KDD, UNSW-NB15, Kyoto, WSN-DS, and CICIDS 2017, to conduct the benchmark. Our DNN model learns the abstract and high-dimensional feature representation of the IDS data by passing them into many hidden layers. Through a rigorous experimental testing, it is confirmed that DNNs perform well in comparison with the classical machine learning classifiers. Finally, we propose a highly scalable and hybrid DNNs framework called scale-hybrid-IDS-AlertNet which can be used in real-time to effectively monitor the network traffic and host-level events to proactively alert possible cyberattacks

Deep Learning Approach for Intelligent Intrusion Detection System

Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyberattacks at the network-level and the host-level in a timely and automatic manner. However, many challenges arise since malicious attacks are continually changing and are occurring in very large volumes requiring a scalable solution. There are different malware datasets available publicly for further research by cyber security community. However, no existing study has shown the detailed analysis of the performance of various machine learning algorithms on various publicly available datasets. Due to the dynamic nature of malware with continuously changing attacking methods, the malware datasets available publicly are to be updated systematically and benchmarked. In this paper, a deep neural network (DNN), a type of deep learning model, is explored to develop a flexible and effective IDS to detect and classify unforeseen and unpredictable cyberattacks. The continuous change in network behavior and rapid evolution of attacks makes it necessary to evaluate various datasets which are generated over the years through static and dynamic approaches. This type of study facilitates to identify the best algorithm which can effectively work in detecting future cyberattacks. A comprehensive evaluation of experiments of DNNs and other classical machine learning classifiers are shown on various publicly available benchmark malware datasets. The optimal network parameters and network topologies for DNNs are chosen through the following hyperparameter selection methods with KDDCup 99 dataset. All the experiments of DNNs are run till 1,000 epochs with the learning rate varying in the range [0.01–0.5]. The DNN model which performed well on KDDCup 99 is applied on other datasets, such as NSL-KDD, UNSW-NB15, Kyoto, WSN-DS, and CICIDS 2017, to conduct the benchmark. Our DNN model learns the abstract and high-dimensional feature representation of the IDS data by passing them into many hidden layers. Through a rigorous experimental testing, it is confirmed that DNNs perform well in comparison with the classical machine learning classifiers. Finally, we propose a highly scalable and hybrid DNNs framework called scale-hybrid-IDS-AlertNet which can be used in real-time to effectively monitor the network traffic and host-level events to proactively alert possible cyberattacks

Can We Predict the Grade of Clear Cell Renal Cell Carcinoma from Houns-Field Unit of Renal Lesion on Computerized Tomography Scan, a Retrospective Cross-Sectional Study

Mohammad Al-Zubi,1 Khayry Al-Shami,2 Leen Sawalha,3 Heyam Mahmoud Alguzo,2 Saddam Al Demour,4 Asma’a Mohammad Al-Mnayyis,2 Rami Alazab,5 Samer Fathi Al-Rawashdah,6 Lana Talal Alzoubi,7 Sawsan Radi Al-khawaldeh2 1Department of Surgery, Division of Urology, Yarmouk University MEdical SChool, Irbid, 21110, Jodan; 2Department of Clinical Medical Sciences, Yarmouk University Medical school, Irbid, Jordan; 3Department of Clinical Medical Sciences, Jordan University of Science and Technology, Irbid, Jordan; 4Department of Special Surgery, Division of Urology, the University of Jordan medical School, Amman, 11972, Jordan; 5Department of Surgery & Urology, Jordan University of Science & Technology, Irbid, 21110, Jordan; 6Department of Special Surgery, School of Medicine, Mutah University medical School, Karak, 61710, Jordan; 7Department of Dentistry, Private Sector, Amman, JordanCorrespondence: Mohammad Al-Zubi, Tel +962 789724264, Email [email protected]: Renal cell carcinoma (RCC) is a type of urological malignancy that affects approximately 2% of the global population. Imaging modalities, especially computed tomography (CT) scanning, play a critical role in diagnosing RCC. In this study, we investigated whether there is a relationship between tumour grade of clear cell RCC and HU values of renal lesions on CT scan performed before operation.Materials and Methods: We conducted a retrospective analysis of 123 patients who underwent radical or partial (open or laparoscopic) nephrectomy for clear cell RCC between January 2017 and January 2021. Post-operation histopathological grades were recorded according to World Health Organization (WHO)/International Society of Urological Pathology (ISUP) 2016 grading system and divided into low grade (includes grade 1 and 2) and high grade (grade 3 and 4), and their links to age, sex, smoking habits, tumour size, and HUs of renal lesions were evaluated.Results: The mean age of the patients studied was 63.02 years old. About 56.9% of the patients were low grade (grade 1 or grade 2), while 43.1% were high grade (grade 3 or 4). The mean tumour size was 6.31 cm. There were no significant differences in tumour grade according to age, sex, or smoking habits. We found a significant relation between tumour grade and HU in the pre-contrast and nephrogenic phases, with p values of 0.001 and 0.037, respectively. On the other hand, there was no significant relation linking the tumour grade to the difference in HU between these phases, where there was a p value of 0.641.Conclusion: HU in the pre-contrast and nephrogenic phases in addition to tumour size on CT scan have a significant relation to clear cell RCC grade.Keywords: renal cell carcinoma, grade, stage, Hounsfield unit, CT sca

Malicious URL Detection using Deep Learning

Deep learning applications for Malicious URL detection</jats:p

Stegomalware: A Systematic Survey of Malware Hiding and Detection in Images, Machine Learning Models and Research Challenges

&lt;div&gt;Malware distribution to the victim network is commonly performed through file attachments in phishing email or downloading illegitimate files from the internet, when the victim interacts with the source of infection. To detect and prevent the malware distribution in the victim machine, the existing end device security applications may leverage sophisticated techniques such as signature-based or anomaly-based, machine learning techniques. The well-known file formats Portable Executable (PE) for Windows and Executable and Linkable Format (ELF) for Linux based operating system are used for malware analysis and the malware detection capabilities of these files has been well advanced for real time detection. But the malware payload hiding in multimedia like cover images using steganography detection has been a challenge for enterprises, as these are rarely seen and usually act as a stager in sophisticated attacks. In this article, to our knowledge, we are the first to try to address the knowledge gap between the current progress in image steganography and steganalysis academic research focusing on data hiding and the review of the stegomalware (malware payload hiding in images) targeting enterprises with cyberattacks current status. We present the stegomalware history, generation tools, file format specification description. Based on our findings, we perform the detail review of the image steganography techniques including the recent Generative Adversarial Networks (GAN) based models and the image steganalysis methods including the Deep Learning opportunities and challenges in stegomalware generation and detection are presented based on our findings.&lt;/div&gt;</jats:p