Abstract
In recent years, malware attacks against data and information is considered as a serious cyber threat in the industries and organizations. Cyber criminals attempt to attack and gain access to computer networks or systems of many organizations especially in the healthcare industry by malicious software or malware to breach or manipulate sensitive data, or to make illegal financial transactions. Healthcare organizations nowadays preserve huge sensitive data into virtual and cloud environments. As a result, targeted attacks on healthcare data have become more common in recent years. Hence, protecting the medical data is a big concern in the healthcare industry. This paper proposes an effective approach for malware detection and classification using machine learning techniques. The proposed scheme can uncover targeted attacks and stop spear phishing attacks on healthcare records by detecting advanced malware and attacker behavior and deliver custom sandbox analysis to identify malware. In this work, we employ dynamic features in order to achieve high accuracy in malware detection. Experimental results support the superior performance and effectiveness of the proposed method over similar approaches.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
http://www.malwarebytes.com. Accessed 12 Mar 2018
Paster, M.: Why healthcare security needs a new approach to Malware. Health IT Security-Cybersecurity News, January 2015. http://www.healthitsecurity.com
Healthcare Cybersecurity: https://www.hipaajournal.com/category/healthcare-cybersecurity/
Healthcare Data Breach Report: April 2018, posted by HIPPA Journal on 18 May 2018. https://www.hipaajournal.com/healthcare-data-breach-report-april-2018/
Islam, R., Tian, R., Batten, L.M., Versteeg, S.: Classification of malware based on integrated static and dynamic features. J. Netw. Comput. Appl. 36, 646–656 (2013)
Tang, K., Zhou, M.T., Zuo, Z.-H.: An enhanced automated signature generation algorithm for polymorphic malware detection. J. Electron. Sci. Technol. China 8, 114–121 (2010)
Xu, X., Wang, X.: An adaptive network intrusion detection method based on PCA and support vector machines. In: Li, X., Wang, S., Dong, Z.Y. (eds.) ADMA 2005. LNCS (LNAI), vol. 3584, pp. 696–703. Springer, Heidelberg (2005). https://doi.org/10.1007/11527503_82
O’Kane, P., Sezer, S., McLaughlin, K., Im, E.: SVM training phase reduction using dataset feature filtering for malware detection. IEEE Trans. Inf. Forensics Secur. 8(3), 500–509 (2013)
Hadžiosmanović, D., Simionato, L., Bolzoni, D., Zambon, E., Etalle, S.: N-gram against the machine: on the feasibility of the N-Gram network analysis for binary protocols. In: Balzarotti, D., Stolfo, Salvatore J., Cova, M. (eds.) RAID 2012. LNCS, vol. 7462, pp. 354–373. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33338-5_18
Chowdhury, M., Rahman, A., Islam, R.: Protecting data from malware threats using machine learning technique. In: IEEE Conference on Industrial Electronics and Applications (ICIEA 2017), Siem Reap, Cambodia, 18–20 June 2017
Chowdhury, M., Rahman, A., Islam, R.: Malware analysis and detection using data mining and machine learning classification. In: Abawajy, J., Choo, K.-K.R., Islam, R. (eds.) ATCI 2017. AISC, vol. 580, pp. 266–274. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-67071-3_33
Devesa, J., Santos, I., Cantero, X., Penya, Y.K., Bringas, P.G.: Automatic behaviour-based analysis and classification system for malware detection. In: Proceedings of the 12th International Conference on Enterprise Information Systems (ICEIS) (2010)
Okane, P., Sezer, S., McLaughlin, K.: Obfuscation: the hidden malware. IEEE Secur. Priv. 9(5), 41–47 (2011)
Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC ’07), pp. 421–430, December 2007
Cavallaro, L., Saxena, P., Sekar, R.: On the limits of information flow techniques for malware analysis and containment. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 143–163. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70542-0_8
PEid Unpacker. http://www.peid.info/
Tian, R., Islam, M.R., Batten, L., Versteeg, S.: Differentiating malware from cleanware using behavioural analysis. In: Proceedings of the 5th International Conference on Malicious and Unwanted Software (MALWARE 2010), Nancy, France, pp. 23–30 October 2010
Shankarapani, M., Kancherla, K., Ramammoorthy, S., Movva, R., Mukkamala, S.: Kernel machines for malware classification and similarity analysis. In: Proceedings of the International Joint Conference on Neural Networks (IJCNN ’10), pp. 1–6, July 2010
Shankarapani, M.K., Ramamoorthy, S., Movva, R.S., Mukkamala, S.: Malware detection using assembly and API call sequences. J. Comput. Virol. 7(2), 107–119 (2011)
Ahmed, F., Hameed, H., Shafq, M.Z., Farooq, M.: Using spatio-temporal information in API calls with machine learning algorithms for malware detection. In: Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence, pp. 55–62, November 2009
Qiao, Y., Yang, Y., Ji, L., He, J.: Analyzing malware by abstracting the frequent item sets in API call sequences. In: Proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom ’13), pp. 265–270, July 2013
Rajagopalan, M., Hiltunen, M.A., Jim, T., Schlichting, R.D.: System call monitoring using authenticated system calls. IEEE Trans. Dependable Secure Comput. 3(3), 216–229 (2006)
Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 340–353, November 2005
Tian, R., Islam, R., Batten, L., Versteeg, S.: Differentiating malware from cleanware using behavioural analysis. In: International Conference on Malicious and Unwanted Software: MALWARE 2010, pp. 23–30 (2010)
VirtualBox. https://www.virtualbox.org
http://msdn.microsoft.com/enus/library/aa383749%28VS.85%29.aspx. January 2010
Weka library. Data mining software in Java. http://www.cs.waikato.ac.nz/ml/weka
VX Heaven collection. VX Heaven website. http://vx.netlux.org
Huda, S. et al.: Hybrids of support vector machine wrapper and filter-based framework for malware detection, Future Gener. Comput. Syst. 55, 376–390
Sharmeen, S., Huda, S., Abawajy, J.H., Ismail, W.N., Hassan, M.M.: Malware threats and detection for industrial mobile-IoT networks. IEEE Access 6, 15941–15957 (2018)
Jahan, S., Chowdhury, M., Islam, R.: Robust user authentication model for securing electronic healthcare system using fingerprint biometrics. Int. J. Comput. Appl. (2018). https://doi.org/10.1080/1206212X.2018.1437651
Jahan, S., Chowdhury, M., Islam, R., Gao, J.: Security and privacy protection for ehealth data. In: Doss, R., Piramuthu, S., Zhou, W. (eds.) FNSS 2018. CCIS, vol. 878, pp. 197–205. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-94421-0_16
Jahan, S., Chowdhury, M., Islam, R., Chaudhry, J.: Securing healthcare data using biometric authentication. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICST, vol. 239, pp. 123–132. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78816-6_10
Jahan, S., Chowdhury, M., Islam, R.: Robust fingerprint verification for enhancing security in healthcare system. In: Image and Vision Computing New Zealand conference (IVCNZ 2017), 4–6 December 2017, Christchurch, New Zealand (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Chowdhury, M., Jahan, S., Islam, R., Gao, J. (2018). Malware Detection for Healthcare Data Security. In: Beyah, R., Chang, B., Li, Y., Zhu, S. (eds) Security and Privacy in Communication Networks. SecureComm 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 255. Springer, Cham. https://doi.org/10.1007/978-3-030-01704-0_22
Download citation
DOI: https://doi.org/10.1007/978-3-030-01704-0_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01703-3
Online ISBN: 978-3-030-01704-0
eBook Packages: Computer ScienceComputer Science (R0)