Cyber-attacks as a serious security threat. Malware not

Cyber-attacks involve the use of malware which are malicious software
aimed at infiltrating the integrity, secrecy and overall functionality of a system
8 these include viruses, Trojan, worms, back ware, spyware etc. With
computers, internet and cyberspace being essential in our everyday life,
malware therefore stand as a serious security threat. Malware not just stand as
a treat to one’s emotion but also a financial treat. According to a recent report from Kaspersky
Lab, up to one billion dollars was stolen in roughly two years from financial
institutions worldwide, due to malware attacks 7. Therefore, the recognition
of malware is of significant worry to both the counter malware industry and
researchers. To protect legitimate users from the attacks, the majority of
anti-malware software products (e.g., Comodo, Symantec, Kaspersky) use the
signature-based method of detection 10, 9. Signature is a short string of bytes,
which is unique for each known malware so that its future examples can be
correctly classified with a small error value 5. However, this method can be
easily evaded by malware attackers through the techniques such as encryption,
polymorphism and obfuscation 15, 2. Furthermore, malicious files are being
disseminated at a rate of thousands per day 6, making it hard for this
signature-based method to be effective. In order to combat the malware attacks,
intelligent malware detection techniques need to be investigated. The need for
a Network Intrusion Detection System(NIDS) cannot be underestimated as they are
important tools for network system users and administrators to detect various
security breaches in and around their network. NIDS monitors, analyzes and additionally
raises alert for arrange activity entering and additionally leaving from the
system device of a company. In light of the strategies for “intrusion
detection”, NIDSs are classified into two classes: I) signature(misuse)
based NIDS (SNIDS): will screen organize movement bundles on the system and
matches them against a database of signature or standards of known pernicious
dangers. ii) anomaly detection based NIDS (ADNIDS): will screen organize
movement and look at it against a built up typical activity. Any deviation from
typical activity cautions the administrator or client, showing odd conduct. The
rate of “false positives” is high as not all irregularities are
intrusions. These IDSs require system managers to recognize genuine attack
versus false positives since approaching movement packet with trained example
may have a few deviations 3. SNIDS is best in the detection of known assault
and it indicates incredible detection exactness displaying less “false
alarm rate” where then again its execution endures when it is expected to
recognize obscure or new attacks. For ADNIDS it is appropriate for the recognition
of obscure and new attack in spite of the fact that ADNIDS delivers high rate
of false positive, its hypothetical capacity in recognizable proof of novel
attacks has made it be broadly acknowledged in the research group. So as to
control the attack of cyber space, keen intrusion detection methods should be
investigated influencing numerous specialists to