ML based Malware detection solution

Abstract

Today there are a lot of cyber attacks going on every day. Lot of resources, information, and financial frauds happen. One of them is directory traversal. What hackers do is randomly access directories via browser and download config files and steal data inside them. Anomaly detection is a key feature and most important aspect in many real-world applications, particularly for mobile platforms and the Internet of Things (IoT). Because of the growth of mobile devices and related app stores, the amount of new apps is rapidly increasing, necessitating a more effective method of analyzing all possible harmful actions. Anomaly directory traversal attacks have been always developing and growing. One approach to spot anomaly directory traversal is to look at the access logs and identify those anomaly folder accesses. These traffic patterns can be used to identify malicious users using machine learning. In this research an anomaly directory traversal detection solution using access logs with various access patterns and system performance stats will be investigated. Planning to construct Isolation Forest and train it based on access logs and system stats. Machine learning confronts two challenges: gathering a large enough training set of harmful and non-malicious data, and retraining the system as directory traversal evolves. This research will look at a method for overcoming these challenges by creating a detector that uses domains to train the system, which can then be used to analyze more detailed access logs using statistical and machine learning techniques.