A Reinforcement learning based algorithm towards energy efficient 5G Multi-tier network
- Islam, Nahina, Alazab, Ammar, Alazab, Mamoun
- Authors: Islam, Nahina , Alazab, Ammar , Alazab, Mamoun
- Date: 2019
- Type: Text , Conference proceedings
- Relation: 2019 Cybersecurity and Cyberforensics Conference (CCC); Melbourne, Vic; 8th-9th May, 2019 p. 96-101
- Full Text:
- Reviewed:
- Description: Energy efficiency is a key factor in the next generation wireless communication systems. Sleep mode implementation in multi-tier 5G networks has proven to be a very good approach for improving the energy efficiency. In this paper, we propose a novel reinforcement learning based decision making algorithm to implement sleep mode in the base stations (BSs) used in multi-tier 5G networks. We propose a Markovian Decision process (MDP) based algorithm to switch between three different power consumption modes of a BS for improving the energy efficiency of the 5G network. The MDP based approach intelligently switches between the states of the BS based on the offered traffic whilst maintaining a prescribed minimum channel rate per user. Our results show that there is a significant gain in the energy efficiency when using our proposed MDP algorithm together with the three-state BSs. We have also shown the energy-delay tradeoff in order to design a delay aware network.
- Authors: Islam, Nahina , Alazab, Ammar , Alazab, Mamoun
- Date: 2019
- Type: Text , Conference proceedings
- Relation: 2019 Cybersecurity and Cyberforensics Conference (CCC); Melbourne, Vic; 8th-9th May, 2019 p. 96-101
- Full Text:
- Reviewed:
- Description: Energy efficiency is a key factor in the next generation wireless communication systems. Sleep mode implementation in multi-tier 5G networks has proven to be a very good approach for improving the energy efficiency. In this paper, we propose a novel reinforcement learning based decision making algorithm to implement sleep mode in the base stations (BSs) used in multi-tier 5G networks. We propose a Markovian Decision process (MDP) based algorithm to switch between three different power consumption modes of a BS for improving the energy efficiency of the 5G network. The MDP based approach intelligently switches between the states of the BS based on the offered traffic whilst maintaining a prescribed minimum channel rate per user. Our results show that there is a significant gain in the energy efficiency when using our proposed MDP algorithm together with the three-state BSs. We have also shown the energy-delay tradeoff in order to design a delay aware network.
Zero-day malware detection based on supervised learning algorithms of API call signatures
- Alazab, Mamoun, Venkatraman, Sitalakshmi, Watters, Paul, Alazab, Moutaz
- Authors: Alazab, Mamoun , Venkatraman, Sitalakshmi , Watters, Paul , Alazab, Moutaz
- Date: 2011
- Type: Text , Conference proceedings
- Full Text:
- Description: Zero-day or unknown malware are created using code obfuscation techniques that can modify the parent code to produce offspring copies which have the same functionality but with different signatures. Current techniques reported in literature lack the capability of detecting zero-day malware with the required accuracy and efficiency. In this paper, we have proposed and evaluated a novel method of employing several data mining techniques to detect and classify zero-day malware with high levels of accuracy and efficiency based on the frequency of Windows API calls. This paper describes the methodology employed for the collection of large data sets to train the classifiers, and analyses the performance results of the various data mining algorithms adopted for the study using a fully automated tool developed in this research to conduct the various experimental investigations and evaluation. Through the performance results of these algorithms from our experimental analysis, we are able to evaluate and discuss the advantages of one data mining algorithm over the other for accurately detecting zero-day malware successfully. The data mining framework employed in this research learns through analysing the behavior of existing malicious and benign codes in large datasets. We have employed robust classifiers, namely Naïve Bayes (NB) Algorithm, k-Nearest Neighbor (kNN) Algorithm, Sequential Minimal Optimization (SMO) Algorithm with 4 differents kernels (SMO - Normalized PolyKernel, SMO - PolyKernel, SMO - Puk, and SMO- Radial Basis Function (RBF)), Backpropagation Neural Networks Algorithm, and J48 decision tree and have evaluated their performance. Overall, the automated data mining system implemented for this study has achieved high true positive (TP) rate of more than 98.5%, and low false positive (FP) rate of less than 0.025, which has not been achieved in literature so far. This is much higher than the required commercial acceptance level indicating that our novel technique is a major leap forward in detecting zero-day malware. This paper also offers future directions for researchers in exploring different aspects of obfuscations that are affecting the IT world today. © 2011, Australian Computer Society, Inc.
- Description: 2003009506
- Authors: Alazab, Mamoun , Venkatraman, Sitalakshmi , Watters, Paul , Alazab, Moutaz
- Date: 2011
- Type: Text , Conference proceedings
- Full Text:
- Description: Zero-day or unknown malware are created using code obfuscation techniques that can modify the parent code to produce offspring copies which have the same functionality but with different signatures. Current techniques reported in literature lack the capability of detecting zero-day malware with the required accuracy and efficiency. In this paper, we have proposed and evaluated a novel method of employing several data mining techniques to detect and classify zero-day malware with high levels of accuracy and efficiency based on the frequency of Windows API calls. This paper describes the methodology employed for the collection of large data sets to train the classifiers, and analyses the performance results of the various data mining algorithms adopted for the study using a fully automated tool developed in this research to conduct the various experimental investigations and evaluation. Through the performance results of these algorithms from our experimental analysis, we are able to evaluate and discuss the advantages of one data mining algorithm over the other for accurately detecting zero-day malware successfully. The data mining framework employed in this research learns through analysing the behavior of existing malicious and benign codes in large datasets. We have employed robust classifiers, namely Naïve Bayes (NB) Algorithm, k-Nearest Neighbor (kNN) Algorithm, Sequential Minimal Optimization (SMO) Algorithm with 4 differents kernels (SMO - Normalized PolyKernel, SMO - PolyKernel, SMO - Puk, and SMO- Radial Basis Function (RBF)), Backpropagation Neural Networks Algorithm, and J48 decision tree and have evaluated their performance. Overall, the automated data mining system implemented for this study has achieved high true positive (TP) rate of more than 98.5%, and low false positive (FP) rate of less than 0.025, which has not been achieved in literature so far. This is much higher than the required commercial acceptance level indicating that our novel technique is a major leap forward in detecting zero-day malware. This paper also offers future directions for researchers in exploring different aspects of obfuscations that are affecting the IT world today. © 2011, Australian Computer Society, Inc.
- Description: 2003009506
GOM: New Genetic Optimizing Model for broadcasting tree in MANET
- Elaiwat, Said, Alazab, Ammar, Venkatraman, Sitalakshmi, Alazab, Mamoun
- Authors: Elaiwat, Said , Alazab, Ammar , Venkatraman, Sitalakshmi , Alazab, Mamoun
- Date: 2010
- Type: Text , Conference proceedings
- Full Text:
- Description: Data broadcasting in a mobile ad-hoc network (MANET) is the main method of information dissemination in many applications, in particular for sending critical information to all hosts. Finding an optimal broadcast tree in such networks is a challenging task due to the broadcast storm problem. The aim of this work is to propose a new genetic model using a fitness function with the primary goal of finding an optimal broadcast tree. Our new method, called Genetic Optimisation Model (GOM) alleviates the broadcast storm problem to a great extent as the experimental simulations result in efficient broadcast tree with minimal flood and minimal hops. The result of this model also shows that it has the ability to give different optimal solutions according to the nature of the network. © 2010 IEEE.
- Authors: Elaiwat, Said , Alazab, Ammar , Venkatraman, Sitalakshmi , Alazab, Mamoun
- Date: 2010
- Type: Text , Conference proceedings
- Full Text:
- Description: Data broadcasting in a mobile ad-hoc network (MANET) is the main method of information dissemination in many applications, in particular for sending critical information to all hosts. Finding an optimal broadcast tree in such networks is a challenging task due to the broadcast storm problem. The aim of this work is to propose a new genetic model using a fitness function with the primary goal of finding an optimal broadcast tree. Our new method, called Genetic Optimisation Model (GOM) alleviates the broadcast storm problem to a great extent as the experimental simulations result in efficient broadcast tree with minimal flood and minimal hops. The result of this model also shows that it has the ability to give different optimal solutions according to the nature of the network. © 2010 IEEE.
Towards understanding malware behaviour by the extraction of API calls
- Alazab, Mamoun, Venkatraman, Sitalakshmi, Watters, Paul
- Authors: Alazab, Mamoun , Venkatraman, Sitalakshmi , Watters, Paul
- Date: 2010
- Type: Text , Conference proceedings
- Full Text:
- Description: One of the recent trends adopted by malware authors is to use packers or software tools that instigate code obfuscation in order to evade detection by antivirus scanners. With evasion techniques such as polymorphism and metamorphism malware is able to fool current detection techniques. Thus, security researchers and the anti-virus industry are facing a herculean task in extracting payloads hidden within packed executables. It is a common practice to use manual unpacking or static unpacking using some software tools and analyse the application programming interface (API) calls for malware detection. However, extracting these features from the unpacked executables for reverse obfuscation is labour intensive and requires deep knowledge of low-level programming that includes kernel and assembly language. This paper presents an automated method of extracting API call features and analysing them in order to understand their use for malicious purpose. While some research has been conducted in arriving at file birthmarks using API call features and the like, there is a scarcity of work that relates to features in malcodes. To address this gap, we attempt to automatically analyse and classify the behavior of API function calls based on the malicious intent hidden within any packed program. This paper uses four-step methodology for developing a fully automated system to arrive at six main categories of suspicious behavior of API call features. © 2010 IEEE.
- Authors: Alazab, Mamoun , Venkatraman, Sitalakshmi , Watters, Paul
- Date: 2010
- Type: Text , Conference proceedings
- Full Text:
- Description: One of the recent trends adopted by malware authors is to use packers or software tools that instigate code obfuscation in order to evade detection by antivirus scanners. With evasion techniques such as polymorphism and metamorphism malware is able to fool current detection techniques. Thus, security researchers and the anti-virus industry are facing a herculean task in extracting payloads hidden within packed executables. It is a common practice to use manual unpacking or static unpacking using some software tools and analyse the application programming interface (API) calls for malware detection. However, extracting these features from the unpacked executables for reverse obfuscation is labour intensive and requires deep knowledge of low-level programming that includes kernel and assembly language. This paper presents an automated method of extracting API call features and analysing them in order to understand their use for malicious purpose. While some research has been conducted in arriving at file birthmarks using API call features and the like, there is a scarcity of work that relates to features in malcodes. To address this gap, we attempt to automatically analyse and classify the behavior of API function calls based on the malicious intent hidden within any packed program. This paper uses four-step methodology for developing a fully automated system to arrive at six main categories of suspicious behavior of API call features. © 2010 IEEE.
- «
- ‹
- 1
- ›
- »