Data augmentation based malware detection using convolutional neural networks

Due to advancements in malware competencies, cyber-attacks have been broadly observed in the digital world. Cyber-attacks can hit an organization hard by causing several damages such as data breach, financial loss, and reputation loss. Some of the most prominent examples of ransomware attacks in history are WannaCry and Petya, which impacted companies’ finances throughout the globe. Both WannaCry and Petya caused operational processes inoperable by targeting critical infrastructure. It is quite impossible for anti-virus applications using traditional signature-based methods to detect this type of malware because they have different characteristics on each contaminated computer. The most important feature of this type of malware is that they change their contents using their mutation engines to create another hash representation of the executable file as they propagate from one computer to another. To overcome this method that attackers use to camouflage malware, we have created three-channel image files of malicious software. Attackers make different variants of the same software because they modify the contents of the malware. In the solution to this problem, we created variants of the images by applying data augmentation methods. This article aims to provide an image augmentation enhanced deep convolutional neural network (CNN) models for detecting malware families in a metamorphic malware environment. The main contributions of the article consist of three components, including image generation from malware samples, image augmentation, and the last one is classifying the malware families by using a CNN model. In the first component, the collected malware samples are converted into binary file to 3-channel images using the windowing technique. The second component of the system create the augmented version of the images, and the last part builds a classification model. This study uses five different deep CNN model for malware family detection. The results obtained by the classifier demonstrate accuracy up to 98%, which is quite satisfactory.

Download Full-text

Intrusion Detection in Critical Infrastructures: A Literature Review

Smart Cities ◽

10.3390/smartcities4030061 ◽

2021 ◽

Vol 4 (3) ◽

pp. 1146-1157

Author(s):

Fountas Panagiotis ◽

Kouskouras Taxiarxchis ◽

Kranas Georgios ◽

Leandros Maglaras ◽

Mohamed Amine Ferrag

Keyword(s):

Machine Learning ◽

Systematic Review ◽

Literature Review ◽

Intrusion Detection ◽

Critical Infrastructure ◽

Cyber Attacks ◽

Critical Infrastructures ◽

System Behavior ◽

Digital World ◽

Multiple Levels

Over the years, the digitization of all aspects of life in modern societies is considered an acquired advantage. However, like the terrestrial world, the digital world is not perfect and many dangers and threats are present. In the present work, we conduct a systematic review on the methods of network detection and cyber attacks that can take place in a critical infrastructure. As is shown, the implementation of a system that learns from the system behavior (machine learning), on multiple levels and spots any diversity, is one of the most effective solutions.

Download Full-text

An efficient technique for CT scan images classification of COVID-19

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-201985 ◽

2020 ◽

pp. 1-14

Author(s):

Esraa Hassan ◽

Noha A. Hikal ◽

Samir Elmuogy

Keyword(s):

Neural Network ◽

Diagnostic Tool ◽

Deep Neural Network ◽

Data Augmentation ◽

Performance Metrics ◽

Classification Model ◽

Data Set ◽

Training Models ◽

The Earth ◽

Diagnostic Time

Nowadays, Coronavirus (COVID-19) considered one of the most critical pandemics in the earth. This is due its ability to spread rapidly between humans as well as animals. COVID_19 expected to outbreak around the world, around 70 % of the earth population might infected with COVID-19 in the incoming years. Therefore, an accurate and efficient diagnostic tool is highly required, which the main objective of our study. Manual classification was mainly used to detect different diseases, but it took too much time in addition to the probability of human errors. Automatic image classification reduces doctors diagnostic time, which could save human’s life. We propose an automatic classification architecture based on deep neural network called Worried Deep Neural Network (WDNN) model with transfer learning. Comparative analysis reveals that the proposed WDNN model outperforms by using three pre-training models: InceptionV3, ResNet50, and VGG19 in terms of various performance metrics. Due to the shortage of COVID-19 data set, data augmentation was used to increase the number of images in the positive class, then normalization used to make all images have the same size. Experimentation is done on COVID-19 dataset collected from different cases with total 2623 where (1573 training,524 validation,524 test). Our proposed model achieved 99,046, 98,684, 99,119, 98,90 In terms of Accuracy, precision, Recall, F-score, respectively. The results are compared with both the traditional machine learning methods and those using Convolutional Neural Networks (CNNs). The results demonstrate the ability of our classification model to use as an alternative of the current diagnostic tool.

Download Full-text

Image Classification for the Automatic Feature Extraction in Human Worn Fashion Data

Mathematics ◽

10.3390/math9060624 ◽

2021 ◽

Vol 9 (6) ◽

pp. 624

Author(s):

Stefan Rohrmanstorfer ◽

Mikhail Komarov ◽

Felix Mödritscher

Keyword(s):

Neural Networks ◽

Feature Extraction ◽

Image Classification ◽

Convolutional Neural Networks ◽

Data Augmentation ◽

State Of The Art ◽

Image Data ◽

Classification Model ◽

Upper Body ◽

Automatic Feature Extraction

With the always increasing amount of image data, it has become a necessity to automatically look for and process information in these images. As fashion is captured in images, the fashion sector provides the perfect foundation to be supported by the integration of a service or application that is built on an image classification model. In this article, the state of the art for image classification is analyzed and discussed. Based on the elaborated knowledge, four different approaches will be implemented to successfully extract features out of fashion data. For this purpose, a human-worn fashion dataset with 2567 images was created, but it was significantly enlarged by the performed image operations. The results show that convolutional neural networks are the undisputed standard for classifying images, and that TensorFlow is the best library to build them. Moreover, through the introduction of dropout layers, data augmentation and transfer learning, model overfitting was successfully prevented, and it was possible to incrementally improve the validation accuracy of the created dataset from an initial 69% to a final validation accuracy of 84%. More distinct apparel like trousers, shoes and hats were better classified than other upper body clothes.

Download Full-text

Addressing Cyber-Attacks on Agriculture Critical Infrastructure: Could the Defense Production Act be Used to Take Over Private Cybersecurity Operations

SSRN Electronic Journal ◽

10.2139/ssrn.3845752 ◽

2021 ◽

Author(s):

Rachel Barr

Keyword(s):

Critical Infrastructure ◽

Cyber Attacks ◽

Defense Production

Download Full-text

Text Mining Drug-Protein Interactions using an Ensemble of BERT, Sentence BERT and T5 models

10.1101/2021.10.26.465944 ◽

2021 ◽

Author(s):

Xin Sui ◽

Wanjing Wang ◽

Jinfeng Zhang

Keyword(s):

Protein Interactions ◽

Clustering Algorithm ◽

Data Augmentation ◽

Majority Vote ◽

Classification Model ◽

Ensemble Model ◽

K Nearest Neighbors ◽

Test Dataset ◽

Improved Performance ◽

Using Data

In this work, we trained an ensemble model for predicting drug-protein interactions within a sentence based on only its semantics. Our ensembled model was built using three separate models: 1) a classification model using a fine-tuned BERT model; 2) a fine-tuned sentence BERT model that embeds every sentence into a vector; and 3) another classification model using a fine-tuned T5 model. In all models, we further improved performance using data augmentation. For model 2, we predicted the label of a sentence using k-nearest neighbors with its embedded vector. We also explored ways to ensemble these 3 models: a) we used the majority vote method to ensemble these 3 models; and b) based on the HDBSCAN clustering algorithm, we trained another ensemble model using features from all the models to make decisions. Our best model achieved an F-1 score of 0.753 on the BioCreative VII Track 1 test dataset.

Download Full-text

Cyber Attacks on Critical Infrastructure

Civil and Environmental Engineering ◽

10.4018/978-1-4666-9619-8.ch018 ◽

2016 ◽

pp. 448-465

Author(s):

Ana Kovacevic ◽

Dragana Nikolic

Keyword(s):

Control Systems ◽

Cyber Security ◽

Critical Infrastructure ◽

Cyber Attacks ◽

Cyber Attack ◽

Future Directions ◽

Infrastructure Systems ◽

Cyber Threats ◽

Scada Systems ◽

Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Download Full-text

Pulmonary Lesion Subtypes Recognition of COVID-19 From Radiomics Data With Three Dimensional Texture Characterization in CT Images

10.21203/rs.3.rs-532131/v1 ◽

2021 ◽

Author(s):

Wei Li ◽

Yangyong Cao ◽

Kun Yu ◽

Yibo Cai ◽

Feng Huang ◽

...

Keyword(s):

Data Augmentation ◽

Critical Role ◽

Three Dimensional ◽

Treatment Decision ◽

Ground Glass Opacity ◽

Ct Images ◽

Classification Model ◽

Volume Data ◽

Selection Algorithm ◽

Adaptive Selection

Abstract Background: The COVID-19 disease is putting unprecedented pressure on the global healthcare system. The CT examination as a auxiliary confirmed diagnostic method can help clinicians quickly detect lesions locations of COVID-19 once screening by PCR test. Furthermore, the lesion subtypes classification plays a critical role in the consequent treatment decision. Identifying the subtypes of lesions accurately can help doctors discover changes in lesions in time and better assess the severity of COVID-19. Method: The most four typical lesion subtypes of COVID-19 are discussed in this paper, which are ground-glass opacity (GGO), cord, solid and subsolid. A computer aided diagnosis approach of lesion subtype is proposed in this paper. The radiomics data of lesions are segmented from COVID-19 patients CT images with diagnosis and lesions annotations by radiologists. Then the three dimensional texture descriptors are applied on the volume data of lesions as well as shape and First order features. The massive feature data are selected by hybrid adaptive selection algorithm and a classification model is trained at the same time. The classifier is used to predict lesion subtypes as side decision information for radiologists. Results: There are 3734 lesions extracted from the dataset with 319 patients collection and then 189 radiomics features are obtained finally. The random forest classifier is trained with data augmentation that the number of different subtypes of lesions is imbalanced in initial dataset. The experimental results show that the accuracy of the four subtypes of lesions is (0.9306, 0.9684, 0.9958, and 0.9430), the recall is (0.9552, 0.9158, 0.9580 and 0.8075) and the f-score is (0.93.84, 0.92.37, 0.95.47, and 84.42). Conclusion: The method is evaluated in multiple sufficient experiments. The results show that the 3D radiomics features chosen by hybrid adaptive selection algorithm can better express the advanced information of the lesion data. The classification model obtains a good performance and is compared the models of COVID-19 in the stat of art, which can help clinicians more accurately identify the subtypes of COVID-19 lesions and provide help for further research.

Download Full-text

Cybersecurity capabilities for critical infrastructure resilience

Information and Computer Security ◽

10.1108/ics-06-2021-0091 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Masike Malatji ◽

Annlizé L. Marnewick ◽

Suné Von Solms

Keyword(s):

Cloud Computing ◽

Best Practice ◽

Critical Infrastructure ◽

Integrated Approach ◽

Cyber Attacks ◽

Industrial Control Systems ◽

Content Type ◽

Goods And Services ◽

Standards And Guidelines ◽

Attack Surfaces

Purpose For many innovative organisations, Industry 4.0 paves the way for significant operational efficiencies, quality of goods and services and cost reductions. One of the ways to realise these benefits is to embark on digital transformation initiatives that may be summed up as the intelligent interconnectivity of people, processes, data and cyber-connected things. Sadly, this interconnectivity between the enterprise information technology (IT) and industrial control systems (ICS) environment introduces new attack surfaces for critical infrastructure (CI) operators. As a result of the ICS cybersecurity risk introduced by the interconnectivity between the enterprise IT and ICS networks, the purpose of this study is to identify the cybersecurity capabilities that CI operators must have to attain good cybersecurity resilience. Design/methodology/approach A scoping literature review of best practice international CI protection frameworks, standards and guidelines were conducted. Similar cybersecurity practices from these frameworks, standards and guidelines were grouped together under a corresponding National Institute of Standards and Technology (NIST) cybersecurity framework (CF) practice. Practices that could not be categorised under any of the existing NIST CF practices were considered new insights, and therefore, additions. Findings A CI cybersecurity capability framework comprising 29 capability domains (cybersecurity focus areas) was developed as an adaptation of the NIST CF with an added dimension. This added dimension emphasises cloud computing and internet of things (IoT) security. Each of the 29 cybersecurity capability domains is executed through various capabilities (cybersecurity processes and procedures). The study found that each cybersecurity capability can further be operationalised by a set of cybersecurity controls derived from various frameworks, standards and guidelines, such as COBIT®, CIS®, ISA/IEC 62443, ISO/IEC 27002 and NIST Special Publication 800-53. Practical implications CI sectors are immediately able to adopt the CI cybersecurity capability framework to evaluate their levels of resilience against cyber-attacks, given new attack surfaces introduced by the interconnectivity of cyber-connected things between the enterprise and ICS levels. Originality/value The authors present an added dimension to the NIST framework for CI cyber protection. In addition to emphasising cryptography, IoT and cloud computing security aspects, this added dimension highlights the need for an integrated approach to CI cybersecurity resilience instead of a piecemeal approach.

Download Full-text

USE OF CONVOLUTIONAL NEURAL NETWORKS FOR X-RAY IMAGE ORIENTATION DETERMINATION

10.46793/iccbi21.263bs ◽

2021 ◽

Author(s):

Sandi Baressi Šegota ◽

◽

Simon Lysdahlgaard ◽

Søren Hess ◽

Ronald Antulov

Keyword(s):

Neural Networks ◽

Convolutional Neural Networks ◽

High Performance ◽

Data Augmentation ◽

Classification Model ◽

Orientation Sensitivity ◽

X Ray ◽

Artificial Neural Network Ann ◽

Image Orientation ◽

Single Orientation

The fact that Artificial Intelligence (AI) based algorithms exhibit a high performance on image classification tasks has been shown many times. Still, certain issues exist with the application of machine learning (ML) artificial neural network (ANN) algorithms. The best known is the need for a large amount of statistically varied data, which can be addressed with expanded collection or data augmentation. Other issues are also present. Convolutional neural networks (CNNs) show extremely high performance on image-shaped data. Despite their performance, CNNs exhibit a large issue which is the sensitivity to image orientation. Previous research shows that varying the orientation of images may greatly lower the performance of the trained CNN. This is especially problematic in certain applications, such as X-ray radiography, an example of which is presented here. Previous research shows that the performance of CNNs is higher when used on images in a single orientation (left or right), as opposed to the combination of both. This means that the data needs to be differentiated before it enters the classification model. In this paper, the CNN-based model for differentiation between left and right-oriented images is presented. Multiple CNNs are trained and tested, with the highest performing being the VGG16 architecture which achieved an Accuracy of 0.99 (+/- 0.01), and an AUC of 0.98 (+/- 0.01). These results show that CNNs can be used to address the issue of orientation sensitivity by splitting the data in advance of being used in classification models.

Download Full-text