RETRACTED ARTICLE: Joint detection and classification of signature and NetFlow based internet worms using MBGWO-based hybrid LSTM
A worm is a self-reproducing malware that spreads from one computer to other computers through the internet. A single Internet worm has the potential to infect millions of computers within a relatively short period as it travels around the network. In addition, these worms affect the packets and per...
Gespeichert in:
Veröffentlicht in: | Journal of Computer Virology and Hacking Techniques 2023, Vol.19 (2), p.241-255 |
---|---|
Hauptverfasser: | , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | A worm is a self-reproducing malware that spreads from one computer to other computers through the internet. A single Internet worm has the potential to infect millions of computers within a relatively short period as it travels around the network. In addition, these worms affect the packets and performance of the network, where the packets are examined by a signature-based intrusion detection system (IDS), and the performance of the network is examined by a NetFlow-based IDS. Therefore, this article aims to provide a method for the simultaneous detection of Internet worms that are based on signatures and NetFlow utilizing the multi-layer hybrid long short-term memory (HLSTM) with meta-heuristic optimization called modified binary grey wolf optimizer (MBGWO). Initially, the dataset preprocessing is performed to overcome real-world data such as inconsistency, incompleteness, a lack of specific behaviors or dataset patterns, and the probability of having errors in worm detection. Next, the MBGWO is used to extract and select the optimal features. Then, HLSTM is used to detect the internet worm from the pre-trained datasets such as packet capture (PCAP) and KDDCUP99 datasets. In addition, the HLSTM also classifies the type of worm. Finally, the simulation results revealed that the proposed MBGWO-based HLSTM model resulted in superior performance as compared to conventional approaches. From this experiment, the proposed MBGWO-based HLSTM model attained 99.84% of accuracy and 100% of precision, recall, and F1 scores respectively. |
---|---|
ISSN: | 2263-8733 2263-8733 |
DOI: | 10.1007/s11416-022-00442-1 |