Yazar "Samet, Refik" seçeneğine göre listele

Listeleniyor 1 - 4 / 4
  • [ X ]
    Öğe
    A Comprehensive Review on Malware Detection Approaches
    (IEEE-Inst Electrical Electronics Engineers Inc, 2020) Aslan, Omer; Samet, Refik
    According to the recent studies, malicious software (malware) is increasing at an alarming rate, and some malware can hide in the system by using different obfuscation techniques. In order to protect computer systems and the Internet from the malware, the malware needs to be detected before it affects a large number of systems. Recently, there have been made several studies on malware detection approaches. However, the detection of malware still remains problematic. Signature-based and heuristic-based detection approaches are fast and efficient to detect known malware, but especially signature-based detection approach has failed to detect unknown malware. On the other hand, behavior-based, model checking-based, and cloud-based approaches perform well for unknown and complicated malware; and deep learning-based, mobile devices-based, and IoT-based approaches also emerge to detect some portion of known and unknown malware. However, no approach can detect all malware in the wild. This shows that to build an effective method to detect malware is a very challenging task, and there is a huge gap for new studies and methods. This paper presents a detailed review on malware detection approaches and recent detection methods which use these approaches. Paper goal is to help researchers to have a general idea of the malware detection approaches, pros and cons of each detection approach, and methods that are used in these approaches.
  • [ X ]
    Öğe
    A New Feature Selection Approach and Classification Technique for Current Intrusion Detection System
    (Institute of Electrical and Electronics Engineers Inc., 2021) Ozkan-Okay, Merve; Samet, Refik; Asian, Omer
    These days, various devices including computers, smartphones, internet of things (IoT), and cloud services are using computer networks for data communications. As the computer network is being used extensively, it becomes the target of many attacks. It can be different attacks such as denial of service attack (DoS), remote to user attack (R2L), user to remote attack (U2R), and probing attack. To protect communication networks from network-based attacks, intrusion detection systems (IDSs) have been proposed in many studies. However, today IDSs are not good enough to detect new attack types in the communication networks. To increase the efficiency of the current IDSs, a subset of features needs to be obtained before performing the machine learning classifiers. In this study, a new feature selection method is proposed for current IDSs. In addition, the proposed method is combined with machine learning classifiers and tested on KDD '99 dataset and %99.81 accuracy rate was obtained. The obtained performance is pretty high to separate network attacks from the normal traffic. © 2021 IEEE
  • Küçük Resim
    Öğe
    BÖLÜM 8: KÖTÜ AMAÇLI YAZILIMLAR VE ANALİZİ
    (2018) Samet, Refik; Aslan, ömer
    Kötü amaçlı yazılımlar dinamik olup zaman zaman saldırı biçimini ve hedefini değiştirerek sürekli gelişme gösteren yazılımlardır. Bu yazılımları tespit etmek ve bulaştıkları sistemlerle olan etkileşimlerini anlamak için analiz edilmeleri gerekmektedir. Kötü amaçlı yazılım analizi bu yazılımların nasıl çalıştığını anlamak, tespit etmek ve yayılmasını engellemek amacıyla yapılan çalışmaları kapsamaktadır. Bu bölümde bu yazılımların nasıl analiz ve tespit edileceğiyle ilgili güncel bilgiler bulunmaktadır. Her ne kadar yeni teknik ve yöntemler kullanılsa da bütün kötü amaçlı yazılımları %100 başarı oranıyla analiz ve tespit etmek mümkün görünmemektedir.
  • [ X ]
    Öğe
    Using a Subtractive Center Behavioral Model to Detect Malware
    (Wiley-Hindawi, 2020) Aslan, Omer; Samet, Refik; Tanriover, Omer Ozgur
    In recent years, malware has evolved by using different obfuscation techniques; due to this evolution, the detection of malware has become problematic. Signature-based and traditional behavior-based malware detectors cannot effectively detect this new generation of malware. This paper proposes a subtractive center behavior model (SCBM) to create a malware dataset that captures semantically related behaviors from sample programs. In the proposed model, system paths, where malware behaviors are performed, and malware behaviors themselves are taken into consideration. This way malicious behavior patterns are differentiated from benign behavior patterns. Features that could not exceed the specified score are removed from the dataset. The datasets created using the proposed model contain far fewer features than the datasets created by n-gram and other models that have been used in other studies. The proposed model can handle both known and unknown malware, and the obtained detection rate and accuracy of the proposed model are higher than those of the known models. To show the effectiveness of the proposed model, 2 datasets with score and without score are created by using SCBM. In total, 6700 malware samples and 3000 benign samples are tested. The results are compared with those derived from n-gram and models from other studies in the literature. The test results show that, by combining the proposed model with an appropriate machine learning algorithm, the detection rate, false positive rate, and accuracy are measured as 99.9%, 0.2%, and 99.8%, respectively.