Spatiotemporal Pattern-Based Malware Detection Using the Dark-TRACER Framework

Abstract

There is an urgent need to swiftly recognize patterns in hacking and implement appropriate defences as their prevalence rises around the world. Because there is no genuine contact taking place in the darknet, an observation and analysis of random hacks is made easier. Similar spatial patterns are seen on the darknet, where adware is spreading outbreaks through indiscriminate monitoring. Focusing on the unusual alignment of spatial patterns in darknet traffic data, we hope to solve the issue of early discovery of virus activities. Three different machine learning techniques were used in our prior research to suggest algorithms that could autonomously predict and identify unusual spatial patterns of darknet traffic in real time. In this work, we combined the previously suggested techniques into a unified system called Dark-TRACER and tested its ability to identify these malware behaviours using quantitative methods. Our large-scale darknet monitors (to /17 network sizes) were used to collect statistics on darknet activity from October 2018, through October 2020. The findings show that the techniques' flaws cancel each other out, leading to a perfect memory rate for the suggested methodology. Dark-TRACER also finds malicious activity on average 153.6 days before it is disclosed to the public by trustworthy third-party security study groups.