Abstract:
In Cybersecurity, a main and persistent issue is the threat of malware. This issue
requires the development of efficient solutions in order to keep up with the continuous
evolution of malware. With this aim, we introduce evolutionary networks, and
particularly the Susceptible-Infectious-Susceptible (SIS) model, as a way to address
the limitations of previous studies which are typically based on traditional machine
learning models. The SIS model is usually used to represent disease spread between
individuals in a population with transition between susceptible and infected
states. We modify the SIS model to include weighted edges and we introduce an
edge-breaking probability. Android malware propagation is thus transformed into
a directed network in which nodes represent IP addresses and edges represent aggregated
multiple packet transmissions weighted by communication frequency. We
combine this model with genetic algorithms to optimize its parameters and return
the best state transition probabilities, and we predict future malware accordingly. Experimental studies clearly show a higher accuracy of our proposed approach in
comparison with existing machine learning models, namely random forest, artificial
neural network, decision tree, and logistic regression.
