View in EDS

An ensemble-based stegware detection system for information hiding malware attacks.

Saved in:
Bibliographic Details
Title: An ensemble-based stegware detection system for information hiding malware attacks.
Authors: Monika, A., Eswari, R.
Source: Journal of Ambient Intelligence & Humanized Computing; Apr2023, Vol. 14 Issue 4, p4401-4417, 17p
Abstract: Information hiding techniques like steganography are used by hackers to obfuscate malicious attack codes to carry malware scripts and deliver to crypto-miners in on-demand platforms like Cloud. Stegware is a type of information-hiding malware that employs steganography to avoid detection by modern malware detection systems. This work proposes a Stegware detection system that recognizes obfuscated payloads from input images and verifies whether the obfuscated payload is the target of any stegware attack. The proposed system detects the stegware in four phases: Obfuscated Payload Detection phase that detects the presence of any obfuscated item concealed inside the digital medium; Obfuscated Payload Extraction phase that decodes stego-repository images to extract the data that are steganographically obfuscated inside the input; Obfuscated Payload Classification phase that detects whether the extracted data is legitimate or malicious stegware file, using binary classifier; Calculation of malicious percentage phase that uses fuzzy C-means clustering algorithm to calculate the quantum and frequency of malicious activities. The proposed system is experimentally tested on real dataset and analyzed with existing models. The simulation results illustrate that the proposed Stegware detection system detects the steganographically-hidden attacks and identifies malicious activities in percentage terms as compared to other models. [ABSTRACT FROM AUTHOR]
Copyright of Journal of Ambient Intelligence & Humanized Computing is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Complementary Index
Description
Abstract:Information hiding techniques like steganography are used by hackers to obfuscate malicious attack codes to carry malware scripts and deliver to crypto-miners in on-demand platforms like Cloud. Stegware is a type of information-hiding malware that employs steganography to avoid detection by modern malware detection systems. This work proposes a Stegware detection system that recognizes obfuscated payloads from input images and verifies whether the obfuscated payload is the target of any stegware attack. The proposed system detects the stegware in four phases: Obfuscated Payload Detection phase that detects the presence of any obfuscated item concealed inside the digital medium; Obfuscated Payload Extraction phase that decodes stego-repository images to extract the data that are steganographically obfuscated inside the input; Obfuscated Payload Classification phase that detects whether the extracted data is legitimate or malicious stegware file, using binary classifier; Calculation of malicious percentage phase that uses fuzzy C-means clustering algorithm to calculate the quantum and frequency of malicious activities. The proposed system is experimentally tested on real dataset and analyzed with existing models. The simulation results illustrate that the proposed Stegware detection system detects the steganographically-hidden attacks and identifies malicious activities in percentage terms as compared to other models. [ABSTRACT FROM AUTHOR]
ISSN:18685137
DOI:10.1007/s12652-023-04559-z