This book provides a holistic overview of current state of the art and practice in malware research as well as the challenges of malware research from multiple angles. It also provides step-by-step guides in various practical problems, such as unpacking real-world malware and dissecting it to collect and perform a forensic analysis. Similarly, it includes a guide on how to apply state-of-the-art Machine Learning methods to classify malware. Acknowledging that the latter is a serious trend in malware, one part of the book is devoted to providing the reader with the state-of-the-art in Machine Learning methods in malware classification, highlighting the different approaches that are used for, e.g., mobile malware samples and introducing the reader to the challenges that are faced when shifting from a lab to production environment.
Modern malware is fueling a worldwide underground economy. The research for this book is backed by theoretical models that simulate how malware propagates and how the spread could be mitigated. The necessary mathematical foundations and probabilistic theoretical models are introduced, and practical results are demonstrated to showcase the efficacy of such models in detecting and countering malware. It presents an outline of the methods that malware authors use to evade detection. This book also provides a thorough overview of the ecosystem, its dynamics and the geopolitical implications are introduced. The latter are complemented by a legal perspective from the African legislative efforts, to allow the reader to understand the human and social impact of malware.
This book is designed mainly for researchers and advanced-level computer science students trying to understand the current landscape in malware, as well as applying artificial intelligence and machine learning in malware detection and classification. Professionals who are searching for a perspective to streamline the challenges that arise, when bringing lab solutions into a production environment, and how to timely identify ransomware signals at scale will also want to purchase this book. Beyond data protection experts, who would like to understand how malware siphons private information, experts from law enforcement authorities and the judiciary system, who want to keep up with the recent developments will find this book valuable as well.
قائمة المحتويات
Part I Theoretical foundation and modeling.- Chapter 1 Classifying Malware using Tensor Decomposition.- Chapter 2 Radial Spike and Slab Bayesian Neural Networks for Sparse Data in Ransomware Attacks.- Chapter 3 Mathematical models for malware propagation: state of art and perspectives.- Chapter 4 Botnet Defense System: A System to Fight Botnets with Botnets.- Part II Machine learning for malware classification.- Chapter 5 Machine Learning-Based Malware Detection in a Production Setting.- Chapter 6 Machine Learning for Windows Malware Detection and Classification: Methods, Challenges and Ongoing Research.- Chapter 7 Conventional Machine Learning-based Android Malware Detectors.- Chapter 8 Conventional Machine Learning-based Android Malware Detectors.- Chapter 9 Method to automate the classification of PE32 malware using Word2vec and LSTM.- Part III Social and legal.- Chapter 10 The South African and Senegalese legislative response to malware facilitated cybercrime.- Chapter 11Malware as a Geopolitical Tool.-Part IV Malware analysis in practice and evasions.- Chapter 12 Advancements in Malware Evasion: Analysis Detection and the Future Role of AI.-Chapter 13 Unpacking malware in the real world: a step by step guide.- Chapter 14 Forensic Analysis of Capra RAT Android Malware.- Chapter 15 Hidden Realms: Exploring Steganography Methods in Games for Covert Malware Delivery.- Part V Malware ecosystem.- Chapter 16 The Malware as a Service ecosystem.- Chapter 17Preventing and detecting malware in smart environments. The smart home case.
عن المؤلف
Dimitris Gritzalis is a Professor of Cybersecurity with the Dept. of Informatics of the Athens University of Economics & Business (AUEB), Greece, where he also serves as Director of the M.Sc. Programme on Information Systems Security and Development, and Director of the Information Security and Critical Infrastructure Protection Research Group. He received degrees in Mathematics (B.Sc., University of Patras, Greece), Computer Science (M.Sc., City University of New York, USA), and Information Systems Security (Ph.D., University of the Aegean, Greece). He has served as Vice Rector for Research (AUEB), Associate Data Protection Commissioner of Greece, and President of the Greek Computer Society. He is the academic editor of the Computers & Security journal (Elsevier), and the scientific editor of the International Journal of Critical Infrastructure Protection (Elsevier). He has authored numerous publications in journals and peer-reviewed conferences, and participated in several national and international R&D and consultancy projects. His current areas of research include cybersecurity governance, critical infrastructure protection, malware, risk assessment, and cybersecurity education.
Kim-Kwang Raymond Choo holds the Cloud Technology Endowed Professorship at The University of Texas at San Antonio, USA. He is the founding co-Editor-in-Chief of ACM Distributed Ledger Technologies: Research & Practice, and the founding Chair of IEEE Technology and Engineering Management Society Technical Committee on Blockchain and Distributed Ledger Technologies. His research on cyber analytics, security, and forensics has been funded by organizations in U.S. (National Aeronautics and Space Administration, National Security Agency, National Science Foun-dation, Dept. of Defense, Dept. of Homeland Security, Office of Juvenile Justice and Delinquency, CPS Energy, LGS Innovations, MITRE, Texas National Security Network Excellence Fund) and Australia (National Health and Medical Research Council, Australian Government National Drug Law Enforcement Research Fund, Australian Government Cooperative Research Centre for Data to Decision, Lockheed Martin Australia, au DA Foundation, Government of South Australia, BAE Systems stratsec, Australasian Institute of Judicial Administration Inc., Australian Research Council).
Constantinos Patsakis is an Associate Professor with the Dept. of Informatics of the University of Piraeus, Greece and an Adjunct Researcher at the Athena Research and Innovation Center. He received the B.Sc. degree in Mathematics from the University of Athens, Greece, the M.Sc. degree in Information Security from Royal Holloway, University of London, United Kingdom, and the Ph.D. degree in Cryptography and Malware from the University of Piraeus, Greece. In the past, he has worked as a Researcher at the UNESCO Chair in Data Privacy at Rovira i Virgili, at Trinity College, Ireland, and at the Luxembourg Institute of Science and Technology. Luxembourg. He has authored numerous publications in peer-reviewed international conferences and journals and participated in several national and European R&D projects. His main areas of research include cryptography, security, privacy, blockchains, and cybercrime.