Analyzing Machine Learning Approaches for Online Malware Detection in Cloud

by   Jeffrey C Kimmell, et al.

The variety of services and functionality offered by various cloud service providers (CSP) have exploded lately. Utilizing such services has created numerous opportunities for enterprises infrastructure to become cloud-based and, in turn, assisted the enterprises to easily and flexibly offer services to their customers. The practice of renting out access to servers to clients for computing and storage purposes is known as Infrastructure as a Service (IaaS). The popularity of IaaS has led to serious and critical concerns with respect to the cyber security and privacy. In particular, malware is often leveraged by malicious entities against cloud services to compromise sensitive data or to obstruct their functionality. In response to this growing menace, malware detection for cloud environments has become a widely researched topic with numerous methods being proposed and deployed. In this paper, we present online malware detection based on process level performance metrics, and analyze the effectiveness of different baseline machine learning models including, Support Vector Classifier (SVC), Random Forest Classifier (RFC), KNearest Neighbor (KNN), Gradient Boosted Classifier (GBC), Gaussian Naive Bayes (GNB) and Convolutional Neural Networks (CNN). Our analysis conclude that neural network models can most accurately detect the impact malware have on the process level features of virtual machines in the cloud, and therefore are best suited to detect them. Our models were trained, validated, and tested by using a dataset of 40,680 malicious and benign samples. The dataset was complied by running different families of malware (collected from VirusTotal) in a live cloud environment and collecting the process level features.


page 1

page 4

page 7


Analyzing CNN Based Behavioural Malware Detection Techniques on Cloud IaaS

Cloud Infrastructure as a Service (IaaS) is vulnerable to malware due to...

Online Malware Classification with System-Wide System Calls in Cloud IaaS

Accurately classifying malware in an environment allows the creation of ...

CNN vs ELM for Image-Based Malware Classification

Research in the field of malware classification often relies on machine ...

An Efficient Detection of Malware by Naive Bayes Classifier Using GPGPU

Due to continuous increase in the number of malware (according to AV-Tes...

Towards Deep Federated Defenses Against Malware in Cloud Ecosystems

In cloud computing environments with many virtual machines, containers, ...

MEADE: Towards a Malicious Email Attachment Detection Engine

Malicious email attachments are a growing delivery vector for malware. W...

BotGraph: Web Bot Detection Based on Sitemap

The web bots have been blamed for consuming large amount of Internet tra...

Please sign up or login with your details

Forgot password? Click here to reset