Antivirus applied to JAR malware detection based on runtime behaviors
Abstract Java vulnerabilities correspond to 91% of all exploits observed on the worldwide web. The present work aims to create antivirus software with machine learning and artificial intelligence and master in Java malware detection. Within the proposed methodology, the suspected JAR sample is execu...
| Main Authors: | , , , , , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2022-02-01
|
| Series: | Scientific Reports |
| Online Access: | https://doi.org/10.1038/s41598-022-05921-5 |
| _version_ | 1818486392110448640 |
|---|---|
| author | Ricardo P. Pinheiro Sidney M. L. Lima Danilo M. Souza Sthéfano H. M. T. Silva Petrônio G. Lopes Rafael D. T. de Lima Jemerson R. de Oliveira Thyago de A. Monteiro Sérgio M. M. Fernandes Edison de Q. Albuquerque Washington W. A. da Silva Wellington P. dos Santos |
| author_facet | Ricardo P. Pinheiro Sidney M. L. Lima Danilo M. Souza Sthéfano H. M. T. Silva Petrônio G. Lopes Rafael D. T. de Lima Jemerson R. de Oliveira Thyago de A. Monteiro Sérgio M. M. Fernandes Edison de Q. Albuquerque Washington W. A. da Silva Wellington P. dos Santos |
| author_sort | Ricardo P. Pinheiro |
| collection | DOAJ |
| description | Abstract Java vulnerabilities correspond to 91% of all exploits observed on the worldwide web. The present work aims to create antivirus software with machine learning and artificial intelligence and master in Java malware detection. Within the proposed methodology, the suspected JAR sample is executed to intentionally infect the Windows OS monitored in a controlled environment. In all, our antivirus monitors and considers, statistically, 6824 actions that the suspected JAR file can perform when executed. Our antivirus achieved an average performance of 91.58% in the distinction between benign and malware JAR files. Different initial conditions, learning functions and architectures of our antivirus are investigated. The limitations of commercial antiviruses can be supplied by intelligent antiviruses. Instead of blacklist-based models, our antivirus allows JAR malware detection preventively and not reactively as Oracle’s Java and traditional antivirus modus operandi. |
| first_indexed | 2024-12-10T16:22:20Z |
| format | Article |
| id | doaj.art-12573bdc9b29447d85ca48df50fa7d31 |
| institution | Directory Open Access Journal |
| issn | 2045-2322 |
| language | English |
| last_indexed | 2024-12-10T16:22:20Z |
| publishDate | 2022-02-01 |
| publisher | Nature Portfolio |
| record_format | Article |
| series | Scientific Reports |
| spelling | doaj.art-12573bdc9b29447d85ca48df50fa7d312022-12-22T01:41:46ZengNature PortfolioScientific Reports2045-23222022-02-0112111710.1038/s41598-022-05921-5Antivirus applied to JAR malware detection based on runtime behaviorsRicardo P. Pinheiro0Sidney M. L. Lima1Danilo M. Souza2Sthéfano H. M. T. Silva3Petrônio G. Lopes4Rafael D. T. de Lima5Jemerson R. de Oliveira6Thyago de A. Monteiro7Sérgio M. M. Fernandes8Edison de Q. Albuquerque9Washington W. A. da Silva10Wellington P. dos Santos11Department of Computing, University of PernambucoElectronics and Systems Department, Federal University of PernambucoDepartment of Computing, University of PernambucoDepartment of Computing, University of PernambucoDepartment of Computing, University of PernambucoDepartment of Computing, University of PernambucoDepartment of Computing, University of PernambucoDepartment of Computing, University of PernambucoDepartment of Computing, University of PernambucoDepartment of Computing, University of PernambucoBiomedical Engineering Department, Federal University of PernambucoBiomedical Engineering Department, Federal University of PernambucoAbstract Java vulnerabilities correspond to 91% of all exploits observed on the worldwide web. The present work aims to create antivirus software with machine learning and artificial intelligence and master in Java malware detection. Within the proposed methodology, the suspected JAR sample is executed to intentionally infect the Windows OS monitored in a controlled environment. In all, our antivirus monitors and considers, statistically, 6824 actions that the suspected JAR file can perform when executed. Our antivirus achieved an average performance of 91.58% in the distinction between benign and malware JAR files. Different initial conditions, learning functions and architectures of our antivirus are investigated. The limitations of commercial antiviruses can be supplied by intelligent antiviruses. Instead of blacklist-based models, our antivirus allows JAR malware detection preventively and not reactively as Oracle’s Java and traditional antivirus modus operandi.https://doi.org/10.1038/s41598-022-05921-5 |
| spellingShingle | Ricardo P. Pinheiro Sidney M. L. Lima Danilo M. Souza Sthéfano H. M. T. Silva Petrônio G. Lopes Rafael D. T. de Lima Jemerson R. de Oliveira Thyago de A. Monteiro Sérgio M. M. Fernandes Edison de Q. Albuquerque Washington W. A. da Silva Wellington P. dos Santos Antivirus applied to JAR malware detection based on runtime behaviors Scientific Reports |
| title | Antivirus applied to JAR malware detection based on runtime behaviors |
| title_full | Antivirus applied to JAR malware detection based on runtime behaviors |
| title_fullStr | Antivirus applied to JAR malware detection based on runtime behaviors |
| title_full_unstemmed | Antivirus applied to JAR malware detection based on runtime behaviors |
| title_short | Antivirus applied to JAR malware detection based on runtime behaviors |
| title_sort | antivirus applied to jar malware detection based on runtime behaviors |
| url | https://doi.org/10.1038/s41598-022-05921-5 |
| work_keys_str_mv | AT ricardoppinheiro antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT sidneymllima antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT danilomsouza antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT sthefanohmtsilva antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT petronioglopes antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT rafaeldtdelima antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT jemersonrdeoliveira antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT thyagodeamonteiro antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT sergiommfernandes antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT edisondeqalbuquerque antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT washingtonwadasilva antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors AT wellingtonpdossantos antivirusappliedtojarmalwaredetectionbasedonruntimebehaviors |