The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Paper contains description of current Internet threats and security systems. Analysis of those systems shows that a big disadvantage of them is connected with not up-to-date signatures. Proposed and described system could generate signatures fast enough to increase ability for protecting users. For proposed automatic generation new ideas, honeypots and dataming are used.
Domain generation algorithms (DGAs) automatically generate large numbers of domain names in DNS domain fluxing for the purpose of command-and-control (C&C) communication. DGAs are immune to static prevention methods like blacklisting and sinkholing. Detection of DGAs in a live stream of queries in a DNS server is referred to as inline detection. Most of the previous approaches in the literature...
Many promising malware research projects focus on malware behaviour analysis, however, in the end they tend to build new detection systems and stick to measuring detection ratios. Our approach focuses on malware behavioural analysis for defining (characterising) malicious software on rather high level of abstraction, in order to break the endless cycle of evolving malware and malware analysts trying...
As the malware threat landscape is constantly evolving and over one million new malware strains are being generated every day [1], early automatic detection of threats constitutes a top priority of cybersecurity research, and amplifies the need for more advanced detection and classification methods that are effective and efficient. In this paper, we present the application of machine learning algorithms...
Since malware has caused serious damages and evolving threats to computer and Internet users, its detection is of great interest to both anti-malware industry and researchers. In recent years, machine learning-based systems have been successfully deployed in malware detection, in which different kinds of classifiers are built based on the training samples using different feature representations. Unfortunately,...
In recent years, the increasing number of cyberattacks has gained the development of innovative tools to quickly detect new threats. A recent approach to this problem is to analyze the content of Social Networks to discover the rising of new malicious software. Twitter is a popular social network which allows millions of users to share their opinions on what happens all over the world. The subscribers...
Hackers create different types of Malware such as Trojans which they use to steal user-confidential information (e.g. credit card details) with a few simple commands, recent malware however has been created intelligently and in an uncontrolled size, which puts malware analysis as one of the top important subjects of information security. This paper proposes an efficient dynamic malware-detection method...
The malicious websites used by drive-by download attacks change their behavior for web client environments. To analyze the behavior of malicious websites, the singleenvironment analysis cannot obtain sufficient information. Hence, it is difficult to analyze the whole aspect of malicious websites. Also, the code obfuscation and cloaking are used in malicious websites to avoid to be analyzed their behavior...
This paper describes the various malware datasets that we have obtained permissions to host at the University of Arizona as part of a National Science Foundation funded project. It also describes some other malware datasets that we are in the process of obtaining permissions to host at the University of Arizona. We have also discussed some preliminary work we have carried out on malware analysis using...
With the development of cyber threats on the Internet, the number of malware, especially unknown malware, is also dramatically increasing. Since all of malware cannot be analyzed by analysts, it is very important to find out new malware that should be analyzed by them. In order to cope with this issue, the existing approaches focused on malware classification using static or dynamic analysis results...
The Internet of Things (IoT) is built of many small smart objects continuously connected to the Internet. This makes these devices an easy target for attacks exploiting vulnerabilities at the network, application, and mobile level. With that it comes as no surprise that distributed denial of service attacks leveraging these vulnerable devices have become a new standard for effective botnets. In this...
The open nature of Android allows application developers to take full advantage of the system. While the flexibility is brought to developers and users, it may raise significant issues related to malicious applications. Traditional malware detection approaches based on signatures or abnormal behaviors are invalid when dealing with novel malware. To solve the problem, machine learning algorithms are...
With the yearly increase of the amount of Android users, malicious applications for mobile terminals are emerging in endlessly. Many researchers have started to explore how malicious apps are detected from the perspective of network traffic. We design and implement a control and management system of Android traffic collection, which contains the functions of downloading APKs, malware static detection,...
Internet technology is so pervasive today, for example, from online social networking to online banking, it has made people’s lives more comfortable. Due the growth of Internet technology, security threats to systems and networks are relentlessly inventive. One such a serious threat is “phishing”, in which, attackers attempt to steal the user’s credentials using fake emails or websites or both. It...
Nowadays, the attacks on the Internet are becoming more complex, advanced and concealed. A large number of security threats arise. The signature-based detection technology is efficient and simple which is widely used for malicious codes detection system. In this paper, we firstly focus on the principle of the method, and summarize the specific steps to implement it, especially feature extraction,...
Performing large-scale malware classification is increasingly becoming a critical step in malware analytics as the number and variety of malware samples is rapidly growing. Statistical machine learning constitutes an appealing method to cope with this increase as it can use mathematical tools to extract information out of large-scale datasets and produce interpretable models. This has motivated a...
Behavior-based analysis of dynamically executed binaries has become a widely used technique for the identification of suspected malware. Most solutions rely on function call patterns to determine whether a sample is exhibiting malicious behavior. These system and API calls are usually regarded individually and do not consider contextual information or process inter-dependencies. In addition, the patterns...
After the comprehensive survey of existing malware analysis products in the market, the survey result has shown that an assistive tool is needed to help researchers to automatically predict an Android malware in a given large number of applications. Due to a large volume of Android applications being developed and distributed every day through third party application stores, it is difficult to detect...
The prominence and usefulness of cell phones has made them appealing focuses for harmful and nosy applications. Android's current risk communication mechanism relies on users to understand the permissions that an app is requesting and to base the installation decision on the list of permissions. The users do not understand or consider the permission information as it requires technical knowledge....
Different mining approaches have been proposed in literature for the automatic generation of temporal assertions from execution traces of digital systems. However, in most cases, existing tools can only mine assertions compliant with a limited set of pre-defined templates. Furthermore, they tend to generate a huge amount of assertions, while they still lack an effective way to measure their coverage...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.