* update 2024-10-22 06:20:23

arXiv_db/Malware/2024.md

@@ -3068,6 +3068,18 @@
 
 <details>
 
+<summary>2024-10-14 19:04:43 - Deep Learning Based XIoT Malware Analysis: A Comprehensive Survey, Taxonomy, and Research Challenges</summary>
+
+- *Rami Darwish, Mahmoud Abdelsalam, Sajad Khorsandroo*
+
+- `2410.13894v1` - [abs](http://arxiv.org/abs/2410.13894v1) - [pdf](http://arxiv.org/pdf/2410.13894v1)
+
+> The Internet of Things (IoT) is one of the fastest-growing computing industries. By the end of 2027, more than 29 billion devices are expected to be connected. These smart devices can communicate with each other with and without human intervention. This rapid growth has led to the emergence of new types of malware. However, traditional malware detection methods, such as signature-based and heuristic-based techniques, are becoming increasingly ineffective against these new types of malware. Therefore, it has become indispensable to find practical solutions for detecting IoT malware. Machine Learning (ML) and Deep Learning (DL) approaches have proven effective in dealing with these new IoT malware variants, exhibiting high detection rates. In this paper, we bridge the gap in research between the IoT malware analysis and the wide adoption of deep learning in tackling the problems in this domain. As such, we provide a comprehensive review on deep learning based malware analysis across various categories of the IoT domain (i.e. Extended Internet of Things (XIoT)), including Industrial IoT (IIoT), Internet of Medical Things (IoMT), Internet of Vehicles (IoV), and Internet of Battlefield Things (IoBT).
+
+</details>
+
+<details>
+
 <summary>2024-10-15 10:10:33 - Advanced Persistent Threats (APT) Attribution Using Deep Reinforcement Learning</summary>
 
 - *Animesh Singh Basnet, Mohamed Chahine Ghanem, Dipo Dunsin, Wiktor Sowinski-Mydlarz*
@@ -3078,3 +3090,15 @@
 
 </details>
 
+<details>
+
+<summary>2024-10-18 02:59:13 - DomainDynamics: Lifecycle-Aware Risk Timeline Construction for Domain Names</summary>
+
+- *Daiki Chiba, Hiroki Nakano, Takashi Koide*
+
+- `2410.02096v2` - [abs](http://arxiv.org/abs/2410.02096v2) - [pdf](http://arxiv.org/pdf/2410.02096v2)
+
+> The persistent threat posed by malicious domain names in cyber-attacks underscores the urgent need for effective detection mechanisms. Traditional machine learning methods, while capable of identifying such domains, often suffer from high false positive and false negative rates due to their extensive reliance on historical data. Conventional approaches often overlook the dynamic nature of domain names, the purposes and ownership of which may evolve, potentially rendering risk assessments outdated or irrelevant. To address these shortcomings, we introduce DomainDynamics, a novel system designed to predict domain name risks by considering their lifecycle stages. DomainDynamics constructs a timeline for each domain, evaluating the characteristics of each domain at various points in time to make informed, temporal risk determinations. In an evaluation experiment involving over 85,000 actual malicious domains from malware and phishing incidents, DomainDynamics demonstrated a significant improvement in detection rates, achieving an 82.58\% detection rate with a low false positive rate of 0.41\%. This performance surpasses that of previous studies and commercial services, improving detection capability substantially.
+
+</details>
+