Professional Documents
Culture Documents
Digital Assignment I
SWE 3002: Information System Security
Team-4:
19MIS0225- MACHIREDDY KEERTHI
19MIS0229- GOURISHETTY SAI GAGAN
19MIS0240- DASARI VENKATAMOHAN KARTHIK
19MIS0243- ENJETI GURUMOHAN
19MIS0246 -C SHAJAHAN
19MIS0251- N L GOWSHICK KANNA
19MIS0252- PATHAN AFTAAB KHAN
19MIS0254- M N ASHOK NIRMAL
19MIS0255 -R BHAVANA
19MIS0257- KUNCHALA JAYA SAI PAVAN KUMAR
19MIS0276- SRINIVAS S
19MIS0289- NIDISH ANAND R
19MIS0293- PARIMI VAMSIKRISHNA
19MIS0302 -SYAMALA SHIVANANDA REDDY
19MIS0308- U A ABHILASH
19MIS0320- D RAGAVI
Akash Kumar Singh and This article shows about the efficiency of
Akash Kumar machine learning techniques to detect
Singh(2017), Integrated malwares. The authors tries to propose a
Malware Analysis Using solution by extracting the selected features
Machine Learning. from the static and dynamic analysis
techniques. After extracting selected features
10.1109/TEL-NET.2017.83435
they proposed an integrated approach. Features
54
in integrated approach are like
Published: 2017 GetProcAddress, Anti-Vm, Anti-Debugging,
Packer analysis and etc. Author believes that
the use of machine learning not only improves
the capacity and speed of malware
classification but also detect malware which
use unprecedent zero-day vulnerabilities.
Author uses windows based Portable
Executable file (PE-32) format which includes
malware samples of various classes mainly
consists of Adware, Spywares, Packed
malwares, and Remote administration Trojans
as a dataset. Author got a better results by using
this integrated approach and we can even
conclude that Random forest classification
derived better accuracy in malware detection.
Ram Shankar Siva Kumar, This article states about the possibilities and
Andrew Wicker and Matt challenges in using machine learning for
Swann(2017) , Practical security detections in cloud environment.
Machine Learning for Cloud
Authors suggest Machine learning engineers to
Intrusion Detection.
have a discussion with the security domain
https://doi.org/10.1145/31 experts to see if there is any correlation
28572.3140445 between the attacker activity and expected
activity. They states that domain knowledge is
Published: NOV 2017 critical to develop these kind of systems and
suggested some ways to incorporate domain
knowledge like rules and etc. Author track
down that a mixture approach of rules
2019 TITLE : Zero day Attacks Zero day attack exploits zero-day vulnerability
Defense Technique for without any signature . It takes advantage of a
Protecting System against malware before a patch has been created.
Unknown Vulnerabilities That means, for zero-day vulnerability no patch
is readily available, also vendor may or may
not be aware of it. The name ―zero-day‖
shows that it occurs before the vulnerability is
AUTHORS : Umesh Kumar known; the term "zero-day" denotes that
Singh , Chanchala Joshi , developers have had zero days to fix the
Suyash Kumar Singh vulnerability. A zero-day attack exploits a
vulnerability that has not been disclosed
publicly, including vendor of software,
therefore, almost no defense mechanism
Publisher: School of available against zero-day attack. The
Engineering and anti-virus products cannot detect the attack
Technology, Vikram through signature-based scanning and
University, Ujjain, M.P. India because the vulnerability is unknown, the
affected software cannot be patched These
unpatched vulnerabilities are free pass for
attackers to any target they want to attack. All
these facts range the market value of new
vulnerability in $5000 to $250,000
Publisher: IEEE
12 paper citations
PUBLISHER : Asian
Journal of Convergence in
Technology
PUBLICATION MONTH:
APRIL
TITLE: Patching zero-day The ultimate point of this paper is to put forth
vulnerabilities: an empirical the survival model and its impact in the
patching process. Cox regression method is
analysis
used to analyse the vulnerability dataset
obtained from ZDI. sub-analyses is carried out
AUTHOR:Yaman Roumani
using the K–M method, and evaluated the
PUBLICATION DETAILS: robustness of the results. The results
demonstrated that survival analysis is
Received 16 April 2021; significant and useful for assessing patch
revised 1 September 2021; release timing, based on the fit statistics.
accepted 11 November
2021