Malware detection framework in cyber-physical systems using artificial intelligence - machine learning

Abstract

Nowadays, in Artificial intelligence and machine learning research, better prediction modeling with better accuracy is a critical appetite for the domain. These prediction models struggle to capture the relationship between the concentration of given dataset features and their respective target resources. This research will examine various approaches and propose a framework that can use alternative machine learning algorithms to successfully differentiate between malware files and clean files in cyber-physical systems (CPS) while minimizing the number of false positives. Hence, the candidate machine learning algorithms we examined are Random Forest, Decision tree, K-nearest, Ada boost, SGD, Extra Tree, and Gaussian NB Classifier. After successfully testing with medium-size malware and clean file datasets, the proposed framework will submit to a scaling-up process that enables us to work with exceptionally large malware and clean file datasets (Alhowaide, Alsmadi, & Tang, 2019). Based on the captioned candidate algorithm, our experiments depict that Random Forest, Decision Tree, Ada Boost, and Extra Tree Classifier achieved 100% accuracy in detecting attacks with Zero False-positive and False-negative rates. Thus, in this research, we proposed captioned candidate Malware detection framework in cyber-physical systems using Artificial Intelligence - Machine Learning through the experiments. Finally, the proposed framework is based on a limited amount of data. But if such an experiment were performed with a high-volume dataset and/or different attack types, the result may differ. Therefore, such a limitation highlights further research will be required.