The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Mobile devices begin to spread increasingly recently to offer a lot of services which personal computers offer. This condition has led to increase in the number of security threats in mobile devices and services. In this paper, it has been made a research on mobile malware and malware detection techniques. Within the scope of the study, a a permission based detection system based on the machine learning...
Internet of Things (IoT) connect different types of devices to control different things or simply read data from then, such as room temperature, location, pressure and others, in a variety of application domains using the World Wide Web. This is a challenge for technology and Information Security (IS). Therefore, this paper surveys advances in IoT-based with an eye towards security, where discusses...
We present the Z3strBV solver for a many-sorted first-order quantifier-free theory Tw, bv of string equations, string length represented as bit-vectors, and bit-vector arithmetic aimed at formal verification, automated testing, and security analysis of C/C++ applications. Our key motivation for building such a solver is the observation that existing string solvers are not efficient at modeling the...
Integrated circuit (IC) camouflaging is a layout-level technique that hampers reverse-engineering attacks. In one embodiment of camouflaging, layouts of different Boolean gates are designed to look alike by using a combination of true and dummy contacts. The security of IC camouflaging using dummy contacts depends on an attackers inability to determine whether a contact is true or dummy. The layouts...
Hardware-Assisted Flow Integrity extension (HAFIX) was proposed as a defense against code-reuse attacks that exploit backward edges (returns). HAFIX provides finegrained protection by confining return addresses to only target call sites in functions active on the call stack. We study whether the backward-edge policy in HAFIX is sufficient to prevent code-reuse exploits on real-world programs. In this...
There has been a recent rapid increase in the number of Internet of Things (IoT) devices, providing a wide range of services for smart homes such as surveillance cameras, smart lighting, and door locks that can be remotely accessed and controlled. User mobility makes static security mechanisms, such as usernames and passwords, tedious to use. In this paper, we introduce a context-aware authentication...
Detection and removal of malware infections have always been significant concerns for every computer user. Countless people are victims of malicious programs per day all around the world despite substantial improvements in malware defense. Developing techniques to characterize the harm caused by these programs enables new defenses to counteract these behaviors. One way to create these metrics is to...
The Internet of Things (IoT) includes billions of things, i.e., connected objects and devices that are heterogeneous, distributed, and possibly intelligent and run applications and services from the Internet of Services (IoS). Things span, for instance, RFID tags, sensors, computers, plants, lamps, autonomous robots, and self-driving vehicles. Often, things are connected through heterogeneous platforms...
This paper investigates the use of deception in combating the deceiving attack in IEEE 802.22 cognitive radio networks. The deceiving attack is a coordinated combination of diverse jamming attacks sourced by the same malicious platform. In this paper, a deception-based defense scheme is proposed to counteract the deceiving attack. The non-existence of the pure strategy Nash equilibrium was proven...
Zeus is a well-known and effective family of ‘man-in-the-browser’ malware. This qualitative case study analyses posts in online cybercrime forums that discuss Zeus configuration. Online cybercriminals were found to share, sell, steal, and trade configuration files. The discussions and advertisements on the forums, which span four years, were found to evolve with market conditions and externalities,...
In today's cloud computing platforms, more and more users are now working or collaborating in multi-cloud environment, in which collaborators, clouds, computing nodes may belong to different institutions or organizations. Those different organizations might have their own policies. Security is still a big concern in cloud computing. To help cloud vendors and customers to detect and prevent from being...
There is a growing number of viruses, malware, and other threats designed to gain access to system resources and information stored on smartphones. Previous work has shown that combining naive location identification with power-based malicious code detection can successfully detect certain kinds of power-hungry malware. This paper will discuss the effectiveness of using clustering, a more sophisticated...
The growing crime rate of any country is always one of the biggest obstacles to its growth and development. With more manpower it certainly helps to keep the crime rate at bay, but is manpower the ideal solution? No. This may come as a surprise that despite Big Data being the boom of the century is yet to take firm roots when it comes to helping solve a Criminal Investigation. With the aim of changing...
The Internet is one of the most rapidly developing technologies. New protocols for the Internet are always developing. This article focuses on the way to simplify development process of new protocols and modeling of network devices. In this paper there is presented general solution architecture and main functional blocks are described. The main objective of this work was to create a general-purpose...
This article observes the possibility of protection network resources from malicious attacks using traps that simulate SSH service. There are overviewed main types of attacks, analyzed existing software solutions, its basic working principles and opportunities for further improvement. In addition, there is described author's solution, which can increase the attractiveness of SSH honeypot working under...
This paper starts with describing some methods of teaching the history of malware and the response to adult learners visiting an online malware museum. We also discuss some of the methodologies and tools that a student can use to see live malware processes on his/her laptop while enrolled in a malware class. The paper also discusses how to learn more about the activity of the malware, methods to remove...
In our previous work, well balanced pseudo random signed binary sequence generated by using trace function and Legendre symbol has been researched. Our previous sequence generated by applying primitive polynomial over odd characteristic field Fp, trace function and Legendre symbol. The important features such as period, periodic autocorrelation, and cross-correlation have already been well discussed...
Android enabled mobiles/devices are high in use by huge number of users for various purposes. Other than for just calling, most of the users are using these devices for storing and maintaining important data such as personal information, calendar schedules, photos, videos, office documents and much more. These devices are also used for chatting through various instant chat messaging and social networking...
In this paper we explore the notion of a secure kiosk, a trusted computing platform built using off-the-shelf components. We demonstrate how kiosks serve as convenient primitives when designing secure computing protocols, as they allow for a very prescribed set of assumptions to be made about a system. We begin by defining the necessary properties of a kiosk, and then explain how each of these properties...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.