{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T05:14:02Z","timestamp":1773724442952,"version":"3.50.1"},"reference-count":107,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2023,4,14]],"date-time":"2023-04-14T00:00:00Z","timestamp":1681430400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Department of Jobs, Tourism, Science (DTSI)","award":["G1004105"],"award-info":[{"award-number":["G1004105"]}]},{"name":"NCC Group","award":["G1004105"],"award-info":[{"award-number":["G1004105"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers"],"abstract":"<jats:p>Cyber-physical systems (CPSes) are rapidly evolving in critical infrastructure (CI) domains such as smart grid, healthcare, the military, and telecommunication. These systems are continually threatened by malicious software (malware) attacks by adversaries due to their improvised tactics and attack methods. A minor configuration change in a CPS through malware has devastating effects, which the world has seen in Stuxnet, BlackEnergy, Industroyer, and Triton. This paper is a comprehensive review of malware analysis practices currently being used and their limitations and efficacy in securing CPSes. Using well-known real-world incidents, we have covered the significant impacts when a CPS is compromised. In particular, we have prepared exhaustive hypothetical scenarios to discuss the implications of false positives on CPSes. To improve the security of critical systems, we believe that nature-inspired metaheuristic algorithms can effectively counter the overwhelming malware threats geared toward CPSes. However, our detailed review shows that these algorithms have not been adapted to their full potential to counter malicious software. Finally, the gaps identified through this research have led us to propose future research directions using nature-inspired algorithms that would help in bringing optimization by reducing false positives, thereby increasing the security of such systems.<\/jats:p>","DOI":"10.3390\/computers12040079","type":"journal-article","created":{"date-parts":[[2023,4,14]],"date-time":"2023-04-14T02:28:12Z","timestamp":1681439292000},"page":"79","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":31,"title":["Developing Resilient Cyber-Physical Systems: A Review of State-of-the-Art Malware Detection Approaches, Gaps, and Future Directions"],"prefix":"10.3390","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3829-9282","authenticated-orcid":false,"given":"M. Imran","family":"Malik","sequence":"first","affiliation":[{"name":"School of Science, Edith Cowan University, Perth, WA 6207, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4760-3533","authenticated-orcid":false,"given":"Ahmed","family":"Ibrahim","sequence":"additional","affiliation":[{"name":"School of Science, Edith Cowan University, Perth, WA 6207, Australia"},{"name":"Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6570-0441","authenticated-orcid":false,"given":"Peter","family":"Hannay","sequence":"additional","affiliation":[{"name":"School of Science, Edith Cowan University, Perth, WA 6207, Australia"},{"name":"NCC Group, Perth, WA 6207, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3368-2215","authenticated-orcid":false,"given":"Leslie F.","family":"Sikos","sequence":"additional","affiliation":[{"name":"School of Science, Edith Cowan University, Perth, WA 6207, Australia"},{"name":"Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia"}]}],"member":"1968","published-online":{"date-parts":[[2023,4,14]]},"reference":[{"key":"ref_1","unstructured":"United States Cyber Command (2017). Advanced Cyber Industrial Control System Tactics, Techniques, and Procedures (ACI TTP) for Department of Defense (DoD) Industrial Control Systems (ICS), United States Department of Defense. Available online: https:\/\/apps.dtic.mil\/dtic\/tr\/fulltext\/u2\/1040233.pdf."},{"key":"ref_2","unstructured":"Cyber and Infrastructure Security Centre, and Australian Government Department of Home Affairs (2023, March 29). Defining Critical Infrastrucure, Available online: https:\/\/www.cisc.gov.au\/what-is-the-cyber-and-infrastructure-security-centre\/defining-critical-infrastructure."},{"key":"ref_3","unstructured":"Barrett, M.P. (2023, March 27). Framework for Improving Critical Infrastructure Cybersecurity, Available online: https:\/\/nvlpubs.nist.gov\/nistpubs\/CSWP\/NIST.CSWP.04162018.pdf."},{"key":"ref_4","unstructured":"Rzeszutek, E., and Mazurczyk, W. (2019). Nature-Inspired Cyber Security and Resiliency\u2014Fundamentals, Techniques and Applications, Institution of Engineering and Technology (IET)."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Faris, H., Aljarah, I., Mirjalili, S., Castillo, P.A., and Merelo, J.J. (2016, January 11). EvoloPy: An open-source nature-inspired optimization framework in Python. Proceedings of the 8th International Joint Conference on Computational Intelligence\u2014ECTA (IJCCI), Porto, Portugal.","DOI":"10.5220\/0006048201710177"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Yang, X.-S. (2018). Optimization Techniques and Applications with Examples, John Wiley & Sons.","DOI":"10.1002\/9781119490616"},{"key":"ref_7","first-page":"330","article-title":"Engineering optimisation by cuckoo search","volume":"1","author":"Yang","year":"2010","journal-title":"Int. J. Math. Model. Numer. Optim."},{"key":"ref_8","unstructured":"Cybersecurity & Infrastructure Security Agency (CISA) (2023, March 27). Critical Infrastructure Sectors, Available online: https:\/\/www.cisa.gov\/critical-infrastructure-sectors."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"1835","DOI":"10.1109\/TCYB.2018.2815178","article-title":"Resilience analysis of critical infrastructures: A cognitive approach based on granular computing","volume":"49","author":"Fujita","year":"2019","journal-title":"IEEE Trans. Cybern."},{"key":"ref_10","unstructured":"Russell, B., and Van Duren, D. (2018). Practical Internet of Things Security: Design a Security Framework for an Internet Connected Ecosystem, Packt Publishing Ltd.. [2nd ed.]."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"tyaa020","DOI":"10.1093\/cybsec\/tyaa020","article-title":"Decomposition and sequential-AND analysis of known cyber-attacks on critical infrastructure control systems","volume":"6","author":"Maynard","year":"2020","journal-title":"J. Cybersecur."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"103201","DOI":"10.1016\/j.micpro.2020.103201","article-title":"Cyber-physical systems security: Limitations, issues and future trends","volume":"77","author":"Yaacoub","year":"2020","journal-title":"Microprocess. Microsyst."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"1877","DOI":"10.1109\/JAS.2021.1004003","article-title":"Blockchain-Assisted Secure Fine-Grained Searchable Encryption for a Cloud-Based Healthcare Cyber-Physical System","volume":"8","author":"Mamta","year":"2021","journal-title":"IEEE\/CAA J. Autom. Sin."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Ch, R., Srivastava, G., Nagasree, Y.L., Ponugumati, A., and Ramachandran, S. (2022). Robust Cyber-Physical System Enabled Smart Healthcare Unit Using Blockchain Technology. Electronics, 11.","DOI":"10.3390\/electronics11193070"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"150","DOI":"10.1016\/j.jpdc.2021.03.011","article-title":"Secure blockchain enabled Cyber\u2013physical systems in healthcare using deep belief network with ResNet model","volume":"153","author":"Nguyen","year":"2021","journal-title":"J. Parallel Distrib. Comput."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1802","DOI":"10.1109\/JIOT.2017.2703172","article-title":"Cyber-physical systems security\u2014A survey","volume":"4","author":"Humayed","year":"2017","journal-title":"IEEE Internet Things J."},{"key":"ref_17","first-page":"4","article-title":"The importance of cyber-physical systems for industry","volume":"97","author":"Jacobson","year":"2014","journal-title":"ERCIM News"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"tyab006","DOI":"10.1093\/cybsec\/tyab006","article-title":"A three-tiered intrusion detection system for industrial control systems","volume":"7","author":"Anthi","year":"2021","journal-title":"J. Cybersecur."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"111","DOI":"10.3934\/ElectrEng.2019.2.111","article-title":"Survey on security and privacy issues in cyber physical systems","volume":"3","author":"Nazarenko","year":"2019","journal-title":"AIMS Electron. Electr. Eng."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Song, H., Fink, G., and Jeschke, S. (2018). Security and Privacy in Cyber-Physical Systems: Foundations, Principles, and Applications, John Wiley & Sons, Inc.","DOI":"10.1002\/9781119226079"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Wang, Z., Xie, W., Wang, B., Tao, J., and Wang, E. (2021). A Survey on Recent Advanced Research of CPS Security. Appl. Sci., 11.","DOI":"10.3390\/app11093751"},{"key":"ref_22","unstructured":"Abuelsamid, S. (2023, March 27). Autonomous Automotive Cybersecurity. Available online: https:\/\/karambasecurity.com\/static\/pdf\/Autonomous-Automotive-Cybersecurity-Report.pdf."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"03120003","DOI":"10.1061\/(ASCE)EE.1943-7870.0001686","article-title":"A review of cybersecurity incidents in the water sector","volume":"146","author":"Hassanzadeh","year":"2020","journal-title":"J. Environ. Eng."},{"key":"ref_24","unstructured":"Hill, M. (2023, March 27). Water Treatment Plant Hit by Cyber-Attack. Infosecurity Group. Available online: https:\/\/www.infosecurity-magazine.com\/news\/water-treatment-plant-hit-by\/."},{"key":"ref_25","unstructured":"Mordor Intelligence (2023, March 29). Internet of Things (IoT) Market\u2014Growth, Trends, COVID-19 Impact, and Forecasts (2021\u20132026). Available online: https:\/\/www.reportlinker.com\/p06067771\/Internet-of-Things-IoT-Market-Growth-Trends-COVID-19-Impact-and-Forecasts.html."},{"key":"ref_26","unstructured":"Scheuermann, J.E. (2023, March 27). Cyber-Physical Attacks on Critical Infrastructure: What\u2019s Keeping Your Insurer Awake at Night? Legal Insight, Issue. K. L. Gates. Available online: https:\/\/files.klgates.com\/files\/publication\/b54ead7b-7166-45a7-909a-e990c5ba85f8\/presentation\/publicationattachment\/b186efde-3b30-4eda-86d1-ebdd8badd030\/insurance_coverage_alert_01242017.pdf."},{"key":"ref_27","unstructured":"(2023, March 29). Lloyd\u2019s. Business Blackout\u2013The Insurance Implications of a Cyber Attack on the US Power Grid. Available online: https:\/\/www.jbs.cam.ac.uk\/wp-content\/uploads\/2020\/08\/crs-lloyds-business-blackout-scenario.pdf."},{"key":"ref_28","unstructured":"Department of Home Affairs (2023, March 27). Australia\u2019s Cyber Security Strategy 2020, Available online: https:\/\/www.homeaffairs.gov.au\/cyber-security-subsite\/files\/cyber-security-strategy-2020.pdf."},{"key":"ref_29","unstructured":"Malwarebytes Labs (2020). 2020 State of Malware Report, Malwarebytes Labs. Available online: https:\/\/resources.malwarebytes.com\/files\/2020\/02\/2020_State-of-Malware-Report.pdf."},{"key":"ref_30","unstructured":"The Australian Cyber Security Centre (ACSC) (2023, March 29). SDBBot Targeting Health Sector, Available online: https:\/\/www.cyber.gov.au\/about-us\/alerts\/sdbbot-targeting-health-sector."},{"key":"ref_31","unstructured":"Cimpanu, C. (2023, March 27). German tech giant Software AG down after ransomware attack. Available online: https:\/\/www.zdnet.com\/article\/german-tech-giant-software-ag-down-after-ransomware-attack\/."},{"key":"ref_32","unstructured":"CrowdStrike (2023, March 27). 2021 Global Threat Report. Available online: https:\/\/go.crowdstrike.com\/rs\/281-OBQ-266\/images\/Report2021GTR.pdf."},{"key":"ref_33","unstructured":"Cybersecurity & Infrastructure Security Agency (CISA) (2023, March 27). APT Cyber Tools Targeting ICS\/SCADA Devices, Available online: https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-103a."},{"key":"ref_34","unstructured":"Dragos (2022). Pipedream: Chernovite\u2019s Emerging Malware Targeting Industrial Control Systems, Dragos Inc.. Available online: https:\/\/hub.dragos.com\/hubfs\/116-Whitepapers\/Dragos_ChernoviteWP_v2b.pdf?hsLang=en."},{"key":"ref_35","unstructured":"Souppaya, M., and Scarfone, K. (2023, March 27). Guide to Malware Incident Prevention and Handling for Desktops and Laptops, Available online: https:\/\/nvlpubs.nist.gov\/nistpubs\/specialpublications\/nist.sp.800-83r1.pdf."},{"key":"ref_36","unstructured":"Stallings, W., and Brown, L. (2018). Computer Security: Principles and Practice, Pearson Education. [4th ed.]."},{"key":"ref_37","unstructured":"Symantec (2018). ISTR\u2014Information Security Threat Report, Symantec. Available online: https:\/\/www.phishingbox.com\/assets\/files\/images\/Symantec-Internet-Security-Threat-Report-2018.pdf."},{"key":"ref_38","unstructured":"McAfee Labs (2023, March 29). McAfee Labs Threat Report. Available online: https:\/\/www.dailyhostnews.com\/mcafee-labs-threat-report-q3-2017-identifies-57-6-million-new-malware-samples-increase-10-q2."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3073559","article-title":"A survey on malware detection using data mining techniques","volume":"50","author":"Ye","year":"2017","journal-title":"ACM Comput. Surv."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Bettany, A., and Halsey, M. (2017). Windows Virus and Malware Troubleshooting, Apress.","DOI":"10.1007\/978-1-4842-2607-0"},{"key":"ref_41","unstructured":"The Kosciuszko Institute (2023, March 27). The Kosciuszko Institute Cyber-Security Forecasts for 2018. Available online: https:\/\/www.cyberdefensemagazine.com\/cyber-security-in-2018-the-kosciuszko-institute-publishes-experts-forecasts\/."},{"key":"ref_42","first-page":"56","article-title":"Malware analysis and classification: A survey","volume":"5","author":"Gandotra","year":"2014","journal-title":"J. Inf. Secur."},{"key":"ref_43","unstructured":"The Australian Cyber Security Centre (ACSC) (2023, March 29). Ransomware, Available online: https:\/\/www.cyber.gov.au\/learn-basics\/view-resources\/glossary\/r."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"tyaa023","DOI":"10.1093\/cybsec\/tyaa023","article-title":"An empirical study of ransomware attacks on organizations: An assessment of severity and salient factors affecting vulnerability","volume":"6","author":"Connolly","year":"2020","journal-title":"J. Cybersecur."},{"key":"ref_45","unstructured":"Hampton, N., and Baig, Z.A. (December, January 30). Ransomware: Emergence of the cyber-extortion menace. Proceedings of the 13th Australian Information Security Management Conference, Perth, WA, Australia."},{"key":"ref_46","first-page":"422","article-title":"A survey on techniques in detection and analyzing malware executables","volume":"3","author":"Mathur","year":"2013","journal-title":"Int. J. Adv. Res. Comput. Sci. Softw. Eng."},{"key":"ref_47","unstructured":"NIST (2023, March 27). Security and Privacy Controls for Information Systems and Organizations, Available online: https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-53r5.pdf."},{"key":"ref_48","unstructured":"The Australian Cyber Security Centre (ACSC) (2023, March 29). Advanced persistent THREAT (APT), Available online: https:\/\/www.cyber.gov.au\/learn-basics\/view-resources\/glossary\/a."},{"key":"ref_49","unstructured":"Lockheed Martin (2023, March 27). The Cyber Kill Chain\u00ae. Available online: https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.html."},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Andreasson, K. (2011). Cybersecurity: Public Sector Threats and Responses, CRC Press, Taylor & Francis Group. [1st ed.].","DOI":"10.1201\/b11363"},{"key":"ref_51","first-page":"9396141","article-title":"Attribution Classification Method of APT Malware in IoT Using Machine Learning Techniques","volume":"2021","author":"Li","year":"2021","journal-title":"Secur. Commun. Netw."},{"key":"ref_52","unstructured":"MITRE ATT&CK (2023, March 27). MITRE ATT&CK Groups. Available online: https:\/\/attack.mitre.org\/groups\/."},{"key":"ref_53","unstructured":"Waldman, J., and Cordona, E. (2023, March 27). Top 25 Threat Actors\u20142019 Edition. SBS CyberSecurity. Available online: https:\/\/sbscyber.com\/resources\/top-25-threat-actors-2019-edition."},{"key":"ref_54","unstructured":"Trellix (2021). The Threat Report, Trellix. Available online: https:\/\/www.trellix.com\/en-us\/advanced-research-center\/threat-reports\/feb-2023.html."},{"key":"ref_55","unstructured":"Sikorski, M., and Honig, A. (2012). Practical Malware Analysis: The Hands-on Guide to Dissecting Malicious Software, No Starch Press."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"3187","DOI":"10.1109\/TII.2018.2822680","article-title":"Detection of malicious code variants based on deep learning","volume":"14","author":"Cui","year":"2018","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s11416-015-0261-z","article-title":"A comparison of static, dynamic, and hybrid analysis for malware detection","volume":"13","author":"Damodaran","year":"2017","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"283","DOI":"10.3844\/ajassp.2012.283.288","article-title":"Malware detection based on hybrid signature behaviour application programming interface call graph","volume":"9","author":"Maarof","year":"2012","journal-title":"Am. J. Appl. Sci."},{"key":"ref_59","doi-asserted-by":"crossref","first-page":"646","DOI":"10.1016\/j.jnca.2012.10.004","article-title":"Classification of malware based on integrated static and dynamic features","volume":"36","author":"Islam","year":"2013","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_60","first-page":"6","article-title":"An approach for malware detection and predictive analysis using artificial neural networks","volume":"4","author":"Kaur","year":"2016","journal-title":"Int. Ref. J. Rev. Res."},{"key":"ref_61","doi-asserted-by":"crossref","first-page":"467","DOI":"10.1109\/COMST.2022.3225137","article-title":"A Survey of Adversarial Attack and Defense Methods for Malware Classification in Cyber Security","volume":"25","author":"Yan","year":"2023","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"2023764","DOI":"10.1080\/17517575.2021.2023764","article-title":"A comprehensive survey on machine learning approaches for malware detection in IoT-based enterprise information system","volume":"17","author":"Gaurav","year":"2023","journal-title":"Enterp. Inf. Syst."},{"key":"ref_63","first-page":"1","article-title":"Comparative analysis of feature extraction methods of malware detection","volume":"120","author":"Ranveer","year":"2015","journal-title":"Int. J. Comput. Appl."},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"804","DOI":"10.1016\/j.procs.2015.02.149","article-title":"Integrated static and dynamic analysis for malware detection","volume":"46","author":"Shijoa","year":"2015","journal-title":"Procedia Comput. Sci."},{"key":"ref_65","unstructured":"Vinod, P., Laxmi, V., and Gaur, M.S. (2009, January 17\u201319). Survey on malware detection methods. Proceedings of the 3rd Hackers\u2019 Workshop on Computer and Internet Security (IITKHACK\u201909), Prabhu Goel Research Centre for Computer & Internet Security, Kanpur, India."},{"key":"ref_66","first-page":"25","article-title":"A survey on malware and malware detection systems","volume":"67","author":"Saeed","year":"2013","journal-title":"Int. J. Comput. Appl."},{"key":"ref_67","unstructured":"Cloonan, J. (2023, March 27). Available online: https:\/\/www.infosecurity-magazine.com\/opinions\/malware-detection-signatures\/."},{"key":"ref_68","doi-asserted-by":"crossref","unstructured":"EL Boujnouni, M., Jedra, M., and Zahid, N. (2015, January 14\u201316). New malware detection framework based on N-grams and support vector domain description. Proceedings of the 2015 11th International Conference on Information Assurance and Security (IAS), Marrakech, Morocco.","DOI":"10.1109\/ISIAS.2015.7492756"},{"key":"ref_69","doi-asserted-by":"crossref","unstructured":"Bazrafshan, Z., Hashemi, H., Fard, S.M.H., and Hamzeh, A. (2013, January 28\u201330). A survey on heuristic malware detection techniques. Proceedings of the 5th Conference on Information and Knowledge Technology (IKT), Shiraz, Iran.","DOI":"10.1109\/IKT.2013.6620049"},{"key":"ref_70","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1186\/s13673-018-0125-x","article-title":"A state-of-the-art survey of malware detection approaches using data mining techniques","volume":"8","author":"Souri","year":"2018","journal-title":"Hum. -Cent. Comput. Inf. Sci."},{"key":"ref_71","unstructured":"Chumachenko, K. (2017). Machine Learning Methods for Malware Detection and Classification. [Bachelor\u2019s Thesis, University of Applied Sciences]. Available online: http:\/\/urn.fi\/URN:NBN:fi:amk-201703103155."},{"key":"ref_72","first-page":"99","article-title":"Leveraging compression-based graph mining for behavior-based malware detection","volume":"16","author":"Ochoa","year":"2017","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_73","doi-asserted-by":"crossref","first-page":"251","DOI":"10.1016\/j.cose.2015.04.001","article-title":"AMAL: High-fidelity, behavior-based automated malware analysis and classification","volume":"52","author":"Mohaisen","year":"2015","journal-title":"Comput. Secur."},{"key":"ref_74","doi-asserted-by":"crossref","first-page":"399","DOI":"10.1016\/j.cose.2017.11.016","article-title":"Malware classification using self organising feature maps and machine activity data","volume":"73","author":"Burnap","year":"2018","journal-title":"Comput. Secur."},{"key":"ref_75","unstructured":"LeDoux, C., and Lakhotia, A. (2015). Intelligent Methods for Cyber Warfare, Springer."},{"key":"ref_76","doi-asserted-by":"crossref","unstructured":"Santos, I., Devesa, J., Brezo, F., Nieves, J., and Bringas, P.G. (2013). Opem: A Static-Dynamic Approach for Machine-Learning-Based Malware Detection, Springer.","DOI":"10.1007\/978-3-642-33018-6_28"},{"key":"ref_77","doi-asserted-by":"crossref","unstructured":"Anderson, B., Storlie, C., and Lane, T. (2012, January 19). Improving malware classification: Bridging the static\/dynamic gap. Proceedings of the Proceedings of the 5th ACM Workshop on Security and Artificial Intelligence, Raleigh, NC, USA.","DOI":"10.1145\/2381896.2381900"},{"key":"ref_78","first-page":"105","article-title":"Research priorities for robust and beneficial artificial intelligence","volume":"36","author":"Russell","year":"2015","journal-title":"AI Mag."},{"key":"ref_79","unstructured":"Nieva, R. (2023, March 27). Google Says It\u2019s Designing Duplex with \u2018Disclosure Built-in\u2019. Available online: https:\/\/www.cnet.com\/news\/google-says-its-designing-duplex-with-disclosure-built-in\/."},{"key":"ref_80","unstructured":"Goode, L. (2018). How Google\u2019s Eerie Robot Phone Calls Hint at AI\u2019s Future, Wired. Available online: https:\/\/www.wired.com\/story\/google-duplex-phone-calls-ai-future\/."},{"key":"ref_81","unstructured":"Alpaydin, E. (2016). Machine Learning: The New AI, MIT Press."},{"key":"ref_82","unstructured":"Dua, S., and Du, X. (2011). Data Mining and Machine Learning in Cybersecurity, Auerbach Publications, Taylor & Francis Group. [1st ed.]."},{"key":"ref_83","unstructured":"Luke, S. (2013). Essentials of Metaheuristics, Lulu. [2nd ed.]. Available online: https:\/\/cs.gmu.edu\/~sean\/book\/metaheuristics\/."},{"key":"ref_84","doi-asserted-by":"crossref","unstructured":"Talbi, E.-G. (2009). Metaheuristics: From Design to Implementation, John Wiley & Sons.","DOI":"10.1002\/9780470496916"},{"key":"ref_85","unstructured":"Yang, X.-S. (2010). Nature-Inspired Metaheuristic Algorithms, Luniver Press. [2nd ed.]."},{"key":"ref_86","doi-asserted-by":"crossref","unstructured":"Yang, X.-S. (2021). Nature-Inspired Optimization Algorithms, Academic Press. [2nd ed.].","DOI":"10.1016\/B978-0-12-821986-7.00018-4"},{"key":"ref_87","first-page":"62","article-title":"A survey of comparison between various metaheuristic techniques for path planning problem","volume":"3","author":"Arora","year":"2013","journal-title":"Int. J. Comput. Eng. Sci."},{"key":"ref_88","doi-asserted-by":"crossref","first-page":"163","DOI":"10.1016\/j.advengsoft.2017.07.002","article-title":"Salp Swarm algorithm: A bio-inspired optimizer for engineering design problems","volume":"114","author":"Mirjalili","year":"2017","journal-title":"Adv. Eng. Softw."},{"key":"ref_89","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1007\/s00366-011-0241-y","article-title":"Cuckoo search algorithm: A metaheuristic approach to solve structural optimization problems","volume":"29","author":"Gandomi","year":"2013","journal-title":"Eng. Comput."},{"key":"ref_90","first-page":"1370","article-title":"Use of metaheuristic algorithms in malware detection","volume":"5","author":"Rhmann","year":"2017","journal-title":"Int. J. Recent Innov. Trends Comput. Commun."},{"key":"ref_91","unstructured":"Suh, W.-J., Park, C.-S., and Kim, D.-W. (2011, January 14\u201316). Heuristic vs. Meta-Heuristic Optimization for Energy Performance of a Post Office Building. Proceedings of the Building Simulation 2011: 12th Conference of International Building Performance Simulation Association (IBPSA), Sydney, Australia. Available online: http:\/\/www.ibpsa.org\/proceedings\/BS2011\/P_1313.pdf."},{"key":"ref_92","doi-asserted-by":"crossref","unstructured":"Gupta, B.B., and Sheng, M. (2019). Machine Learning for Computer and Cyber Security, CRC Press. [1st ed.].","DOI":"10.1201\/9780429504044"},{"key":"ref_93","first-page":"116","article-title":"A brief review of nature-inspired algorithms for optimization","volume":"80","author":"Fister","year":"2013","journal-title":"Electrotech. Rev."},{"key":"ref_94","doi-asserted-by":"crossref","unstructured":"Luthra, I., Chaturvedi, S.K., Upadhyay, D., and Gupta, R. (2017, January 20\u201322). Comparative study on nature inspired algorithms for optimization problem. Proceedings of the International conference of Electronics, Communication and Aerospace Technology (ICECA), Coimbatore, India.","DOI":"10.1109\/ICECA.2017.8212781"},{"key":"ref_95","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1111\/itor.12001","article-title":"Metaheuristics\u2014The metaphor exposed","volume":"22","year":"2015","journal-title":"Int. Trans. Oper. Res."},{"key":"ref_96","doi-asserted-by":"crossref","unstructured":"Gupta, B.B., and Sheng, M. (2019). A bio-inspired approach to cyber security In Machine Learning for Computer and Cyber Security, CRC Press, Taylor and Francis Group. [1st ed.].","DOI":"10.1201\/9780429504044"},{"key":"ref_97","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.swevo.2013.11.003","article-title":"A survey on nature inspired metaheuristic algorithms for partitional clustering","volume":"16","author":"Nanda","year":"2014","journal-title":"Swarm Evol. Comput."},{"key":"ref_98","unstructured":"Ahmed, M., Ullah, A.S.S.M.B., and Pathan, A.-S.K. (2020). Security Analytics for the Internet of Everything, CRC Press, Taylor & Francis Group."},{"key":"ref_99","unstructured":"Critical Infrastructure Centre (2023, March 27). Protecting Your Critical Infrastructure Asset from Foreign Involvement Risk, Available online: https:\/\/www.homeaffairs.gov.au\/nat-security\/files\/cic-best-practice-guidance-supply-chains.pdf."},{"key":"ref_100","unstructured":"Cybersecurity & Infrastructure Security Agency (CISA) (2023, March 27). Critical Infrastructure Security and Resilience, Available online: https:\/\/www.dhs.gov\/topic\/critical-infrastructure-security."},{"key":"ref_101","unstructured":"National Cyber Security Centre (2023, March 27). Cyber Assessment Framework, Available online: https:\/\/www.ncsc.gov.uk\/collection\/caf\/cyber-assessment-framework."},{"key":"ref_102","unstructured":"Piazza, A. (2019). ATT&CKing Threat Management: A Structured Methodology for Cyber Threat Analysis, The SANS Institute. Available online: https:\/\/www.sans.org\/white-papers\/39090\/."},{"key":"ref_103","unstructured":"Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., and Thomas, C.B. (2020). MITRE ATT&CK\u00ae: Design and Philosophy, The MITRE Corporation. Available online: https:\/\/attack.mitre.org\/docs\/ATTACK_Design_and_Philosophy_March_2020.pdf."},{"key":"ref_104","unstructured":"The Mitre Corporation (2023, March 27). MITRE ATT&CK\u2122 Framework [Video]. Available online: https:\/\/www.youtube.com\/watch?v=0BEf6s1iu5g&t=207s."},{"key":"ref_105","unstructured":"CyberX (2023, March 29). Addressing the MITRE ATT&CK for ICS Matrix. Available online: https:\/\/scadahacker.com\/library\/Documents\/White_Papers\/CyberX%20-%20Addressing%20the%20MITRE%20ATTACK%20for%20ICS%20Matrix.pdf."},{"key":"ref_106","unstructured":"Alexander, O., Belisle, M., and Steele, J. (2020). MITRE ATT&CK\u00ae for Industrial Control Systems: Design and Philosophy, The MITRE Corporation. Available online: https:\/\/attack.mitre.org\/docs\/ATTACK_for_ICS_Philosophy_March_2020.pdf."},{"key":"ref_107","unstructured":"Alexander, O., and Slowik, J. (2023, March 27). Introducing MITRE ATT&CK\u2122 for ICS and Why It Matters [Video]. Available online: https:\/\/www.youtube.com\/watch?v=NARspb8QfFE."}],"container-title":["Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-431X\/12\/4\/79\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T19:15:41Z","timestamp":1760123741000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-431X\/12\/4\/79"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,4,14]]},"references-count":107,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2023,4]]}},"alternative-id":["computers12040079"],"URL":"https:\/\/doi.org\/10.3390\/computers12040079","relation":{},"ISSN":["2073-431X"],"issn-type":[{"value":"2073-431X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,4,14]]}}}