Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Author: search.filters.author.Jaidhar, C.D.Subject: search.filters.subject.Classification (of information)

Search Results

Now showing 1 - 8 of 8
  • No Thumbnail Available
    Item
    Automated multi-level malware detection system based on reconstructed semantic view of executables using machine learning techniques at VMM
    (Elsevier B.V., 2018) M.a, A.K.; Jaidhar, C.D.
    In order to fulfill the requirements like stringent timing restraints and demand on resources, Cyber–Physical System (CPS) must deploy on the virtualized environment such as cloud computing. To protect Virtual Machines (VMs) in which CPSs are functioning against malware-based attacks, malware detection and mitigation technique is emerging as a highly crucial concern. The traditional VM-based anti-malware software themselves a potential target for malware-based attack since they are easily subverted by sophisticated malware. Thus, a reliable and robust malware monitoring and detection systems are needed to detect and mitigate rapidly the malware based cyber-attacks in real time particularly for virtualized environment. The Virtual Machine Introspection (VMI) has emerged as a fine-grained out-of-VM security solution to detect malware by introspecting and reconstructing the volatile memory state of the live guest Operating System (OS) by functioning at the Virtual Machine Monitor (VMM) or hypervisor. However, the reconstructed semantic details by the VMI are available in a combination of benign and malicious states at the hypervisor. In order to distinguish between these two states, extensive manual analysis is required by the existing out-of-VM security solutions. To address the foremost issue, in this paper, we propose an advanced VMM-based guest-assisted Automated Multilevel Malware Detection System (AMMDS) that leverages both VMI and Memory Forensic Analysis (MFA) techniques to predict early symptoms of malware execution by detecting stealthy hidden processes on a live guest OS. More specifically, the AMMDS system detects and classifies the actual running malicious executables from the semantically reconstructed process view of the guest OS. The two sub-components of the AMMDS are: Online Malware Detector (OMD) and Offline Malware Classifier (OFMC). The OMD recognizes whether the running processes are benign or malicious using its Local Malware Signature Database (LMSD) and online malware scanner and the OFMC classify unknown malware by adopting machine learning techniques at the hypervisor. The AMMDS has been evaluated by executing large real-world malware and benign executables on to the live guest OSs. The evaluation results achieved 100% of accuracy and zero False Positive Rate (FPR) on the 10-fold cross-validation in classifying unknown malware with maximum performance overhead of 5.8%. © 2017 Elsevier B.V.
  • No Thumbnail Available
    Item
    Windows malware detection system based on LSVC recommended hybrid features
    (Springer-Verlag France 22, Rue de Palestro Paris 75002, 2019) Shiva Darshan, S.L.; Jaidhar, C.D.
    To combat exponentially evolved modern malware, an effective Malware Detection System and precise malware classification is highly essential. In this paper, the Linear Support Vector Classification (LSVC) recommended Hybrid Features based Malware Detection System (HF-MDS) has been proposed. It uses a combination of the static and dynamic features of the Portable Executable (PE) files as hybrid features to identify unknown malware. The application program interface calls invoked by the PE files during their execution along with their correspondent category are collected and considered as dynamic features from the PE file behavioural report produced by the Cuckoo Sandbox. The PE files’ header details such as optional header, disk operating system header, and file header are treated as static features. The LSVC is used as a feature selector to choose prominent static and dynamic features from their respective Original Feature Space. The features recommended by the LSVC are highly discriminative and used as final features for the classification process. Different sets of experiments were conducted using real-world malware samples to verify the combination of static and dynamic features, which encourage the classifier to attain high accuracy. The tenfold cross-validation experimental results demonstrate that the proposed HF-MDS is proficient in precisely detecting malware and benign PE files by attaining detection accuracy of 99.743% with sequential minimal optimization classifier consisting of hybrid features. © 2018, Springer-Verlag France SAS, part of Springer Nature.
  • No Thumbnail Available
    Item
    Experimental analysis of Android malware detection based on combinations of permissions and API-calls
    (Springer-Verlag France 22, Rue de Palestro Paris 75002, 2019) Singh, A.K.; Jaidhar, C.D.; M.a, M.A.A.
    Android-based smartphones are gaining popularity, due to its cost efficiency and various applications. These smartphones provide the full experience of a computing device to its user, and usually ends up being used as a personal computer. Since the Android operating system is open-source software, many contributors are adding to its development to make the interface more attractive and tweaking the performance. In order to gain more popularity, many refined versions are being offered to customers, whose feedback will enable it to be made even more powerful and user-friendly. However, this has attracted many malicious code-writers to gain anonymous access to the user’s private data. Moreover, the malware causes an increase of resource consumption. To prevent this, various techniques are currently being used that include static analysis-based detection and dynamic analysis-based detection. But, due to the enhancement in Android malware code-writing techniques, some of these techniques are getting overwhelmed. Therefore, there is a need for an effective Android malware detection approach for which experimental studies were conducted in the present work using the static features of the Android applications such as Standard Permissions with Application Programming Interface (API) calls, Non-standard Permissions with API-calls, API-calls with Standard and Nonstandard Permissions. To select the prominent features, Feature Selection Techniques (FSTs) such as the BI-Normal Separation (BNS), Mutual Information (MI), Relevancy Score (RS), and the Kullback-Leibler (KL) were employed and their effectiveness was measured using the Linear-Support Vector Machine (L-SVM) classifier. It was observed that this classifier achieved Android malware detection accuracy of 99.6% for the combined features as recommended by the BI-Normal Separation FST. © 2019, Springer-Verlag France SAS, part of Springer Nature.
  • No Thumbnail Available
    Item
    Clothing invariant human gait recognition using modified local optimal oriented pattern binary descriptor
    (Springer, 2020) Anusha, R.; Jaidhar, C.D.
    Human gait is a behavioral characteristic which has received a large amount of consideration in recent times as a biometric identifier. The clothing variance is one of the most common covariate influences which can influence the performance of gait recognition approach in real-world scenarios. This paper proposes a gait recognition approach proficient in choosing information characteristics for individual identification under different clothing conditions. The proposed method constitutes of addressing the feature extraction technique by introducing a binary descriptor called as Modified Local Optimal Oriented Pattern (MLOOP). In the proposed approach, initially, the feature vectors such as histogram and horizontal width vector are extracted from MLOOP descriptor, and then the dimensionality of the feature vector is reduced to remove the irrelevant features. The performance of MLOOP was accessed against its predecessors. Obtained experimental results demonstrate that the MLOOP descriptor performs better than the previous binary descriptors. Furthermore, the performance analysis of the proposed approach was assessed on OU-ISIR B treadmill gait database and CASIA B gait database. Broad investigations demonstrate the viability of the proposed technique. © 2019, Springer Science+Business Media, LLC, part of Springer Nature.
  • No Thumbnail Available
    Item
    An empirical study to estimate the stability of random forest classifier on the hybrid features recommended by filter based feature selection technique
    (Springer, 2020) Shiva Darshan, S.L.S.; Jaidhar, C.D.
    The emergence of advanced malware is a serious threat to information security. A prominent technique that identifies sophisticated malware should consider the runtime behaviour of the source file to detect malicious intent. Although the behaviour-based malware detection technique is a substantial improvement over the traditional signature-based detection technique, current malware employs code obfuscation techniques to elude detection. This paper presents the Hybrid Features-based malware detection system (HFMDS) that integrates static and dynamic features of the portable executable (PE) files to discern malware. The HFMDS is trained with prominent features advised by the filter-based feature selection technique (FST). The detection ability of the proposed HFMDS has evaluated with the random forest (RF) classifier by considering two different datasets that consist of real-world Windows malware samples. In-depth analysis is carried out to determine the optimal number of decision trees (DTs) required by the RF classifier to achieve consistent accuracy. Besides, four popular FSTs performance is also analyzed to determine which FST recommends the best features. From the experimental analysis, we can infer that increasing the number of DTs after 160 within the RF classifier does not make a significant difference in attaining better detection accuracy. © 2019, Springer-Verlag GmbH Germany, part of Springer Nature.
  • No Thumbnail Available
    Item
    Tomato plant disease classification using Multilevel Feature Fusion with adaptive channel spatial and pixel attention mechanism
    (Elsevier Ltd, 2023) Sunil, C.K.; Jaidhar, C.D.; Patil, N.
    Agriculture's productivity has decreased in the last decade due to climate change and inappropriate usage of water, fertilizer, and pesticides, which stimulate plant diseases. Plant pathogens are the prime threat to agriculture; diseases causes the development of plant and affects the quality and yield of the crop. To enhance crop yield and quality, early perceive the pathogens and insinuation of the proper medications are essential. Deep learning approaches produce promising results for classifying the input images, and the results vary for many reasons, such as data imbalance and fewer or identical features among other classes of the dataset. In this work, tomato plant disease classification is proposed by using Multilevel Feature Fusion Network (MFFN). It employs ResNet50, MFFN, and Adaptive Attention Mechanism, which combines channel, spatial, and pixel attention to classify the tomato plant leaf images. The proposed deep learning-based approach is trained and tested on a tomato plant leaves dataset and achieved 99.88% training accuracy, 99.88% validation accuracy, and 99.83% external testing accuracy. It outperformed the existing approaches relevant to the tomato plant dataset. Further, this work also proposes a pesticide prescription module that provides pesticide information based on the type of leaf disease. © 2023 Elsevier Ltd
  • No Thumbnail Available
    Item
    Canopy centre-based fuzzy-C-means clustering for enhancement of soil fertility prediction
    (Inderscience Publishers, 2024) Sujatha, M.; Jaidhar, C.D.
    For plants to develop, fertile soil is necessary. Estimating soil parameters based on time change is crucial for enhancing soil fertility. Sentinel-2’s remote sensing technology produces images that can be used to gauge soil parameters. In this study, values for soil parameters such as electrical conductivity, pH, organic carbon, and nitrogen are derived using Sentinel-2 data. In order to increase the clustering accuracy, this study suggests using Canopy centre-based fuzzy-C-means clustering and comparing it to manual labelling and other clustering techniques such as Canopy, density-based, expectation-maximisation, farthest-first, k-means, and fuzzy-C-means clustering, its usefulness is demonstrated. The proposed clustering achieved the highest clustering accuracy of 78.42%. Machine learning-based classifiers were applied to classify soil fertility, including Naive Bayes, support vector machine, decision trees, and random forest (RF). Dataset labelled with the proposed RF clustering classifier achieves a high classification accuracy of 99.69% with ten-fold cross-validation. © 2024 Inderscience Enterprises Ltd.. All rights reserved.
  • No Thumbnail Available
    Item
    Anomalous Electrical Power Consumption Detection in Household Appliances via Micro-Moment Classification
    (Institute of Electrical and Electronics Engineers Inc., 2025) Nayak, R.; Jaidhar, C.D.
    The detection of anomalous power consumption is critical for improving energy efficiency, particularly with the increasing demand in buildings. This study explores Convolutional Neural Network-based models by transforming 1-dimensional micro-moment labeled data into 2-dimensional matrices to capture both temporal and spatial consumption patterns. Three architectural variants are investigated: a conventional Deep Convolutional Neural Network (DCNN), a Depthwise Separable Convolutional Neural Network (DS-CNN), and a Depthwise Separable Residual Convolutional Neural Network (DSR-CNN). Unlike earlier studies, this work incorporates hyperparameter tuning, statistical validation, and cross-validation, resulting in the evaluation of over 450 model configurations. The results indicate that while the DCNN consistently achieves the highest accuracy, the DS-CNN achieves comparable performance with significantly reduced parameters and computational cost, making it suitable for real-time and resource-constrained environments. Model complexity analysis and statistical tests confirm the robustness of the findings. Finally, a systematic model selection strategy is presented, identifying the DS-CNN as the most balanced solution for effective and efficient anomaly detection in smart grid applications. © 2020 IEEE.