The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Honeynet is a network architecture that utilizes multiple honeypots to deceive attackers and analyze their malicious behaviors. However, existing honeynet has not evolved much since its latest architecture, Gen-III, which was proposed in 2004. Meanwhile, security threats and techniques used by adversaries have been continuously advanced. As a result, honeypot architecture is suffering from its limited...
As accurate malware detection on mobile devices requires fast process of a large number of application traces, cloud-based malware detection can utilize the data sharing and powerful computational resources of security servers to improve the detection performance. In this paper, we investigate the cloud-based malware detection game, in which mobile devices offload their application traces to security...
The digitalization of modern television broadcasts makes it possible to provide interactive content to consumers over the air. But the hitherto unsecured nature of such broadcasts combined with the ever-increasing complexity of Smart TV software have created an opportunity for attackers to strike at consumers. DVB has updated the relevant standard to allow broadcasters to secure their services against...
Lateral movement-based attacks are increasingly leading to compromises in large private and government networks, often resulting in information exfiltration or service disruption. Such attacks are often slow and stealthy and usually evade existing security products. To enable effective detection of such attacks, we present a new approach based on graph-based modeling of the security state of the target...
Malware detection is an important aspect of cyber security. The process of identifying malicious code in files or network traffic is very complex and requires a lot of computational resources. Most security solutions that deal with malware detection implement advanced string matching algorithms or look for certain behavioral patterns during program execution. These methods of detection can cause significant...
Long short-term memory recurrent neural network (LSTM-RNN) have witnessed as a powerful approach for capturing long-range temporal dependencies in sequences of arbitrary length. This paper seeks to model a large set of Android permissions particularly the permissions from Normal, Dangerous, Signature and Signature Or System categories within a large number of Android application package (APK) files...
With the growth of the known malware to more than 600 millions according to AVTest this year, every security solution developed different methods for detecting malicious content. Whether this method consists in signature based detection, emulation, heuristics or different techniques of machine learning, one thing remains a constant in this procedure: a need for a cleanset — a large collection of clean...
Modern life is permeated by software which provides a large attack surface, ranging from generic malware attacks that can be classed as mere nuisance to sophistically created and targeted code touted as a next generation of weapons. Although some research on this broad area of cyber weapons exists, the solicitation of public opinion through surveys is lacking. This paper presents the results of a...
There are over a billion devices running the Android operating system. It is being used globally in personal, public, private and government organizations. Device and application availability, often overlooked in research, is a huge component to globally maintaining healthy applications and personal communications. Published research into Android application availability threats and vulnerabilities...
Increasingly sophisticated code obfuscation techniques are quickly adopted by malware developers to escape from malware detection and to thwart the reverse engineering effort of security analysts. State-of-the-art de-obfuscation approaches rely on dynamic analysis, but face the challenge of low code coverage as not all software execution paths and behavior will be exposed at specific profiling runs...
Side-channel attacks revealing the sensitive user data through the motion sensors (such as accelerometer, gyroscope, and orientation sensors) emerged as a new trend in the smartphone security. In this respect, recent studies have examined feasibility of inferring user's tap input by utilizing the motion sensor readings and propounded that some user secrets can be deduced by adopting the different...
The paper present a gateway level email security solution comprising of content filtering, URL verification and filtering to address the pressing issues from an organization perspective, the challenge of controlling email borne security threats. The encryption of mails was not viable since the receiver's system should support the decryption of the mails, which most of the most of the email recipients...
Both benign and malicious developers are attracted to Android platform because anyone is allowed to publish applications on the Android market. Such capability leak vulnerability on the Android platform may lead to permission elevation and privacy disclosure by making malware bypass Android security mechanism. This paper presents a code scanner tool—Droidprotector which is applied to help developers...
In this paper, we predicted the changes of cyber-attacks techniques and patterns after the fourth industrial revolution with the epochal shift of information and communication technology and innovation of science and technology. Cyber space will be hyper-connection, cross-domain, and super intelligence space as connecting everything in the world due to a fusion of information and communication technologies...
Detection of drive-by-download attack has gained a focus in security research since the attack has turned into the most popular and serious threat to web infrastructure. The attack exploits vulnerabilities in web browsers and their extensions for unnoticeably downloading malicious software. Often, the victim is sent through a long chain of redirection operations in order to take down the offending...
Wireless Personal Area Networks (WPAN) allow for the implementation of applications such as home automation, remote control services, near-field technologies and personal health care management. Security is a critical requirement of the standards and protocols for these environments. One suite of layered protocols within WPAN is ZigBee. ZigBee is a low bit rate protocol utilised in Wireless Sensor...
There is no doubt that security issues are on the rise and defense mechanisms are becoming one of the leading subjects for academic and industry experts. In this paper, we focus on the security domain and envision a new way of looking at the security life cycle. We utilize our vision to propose an asset-based approach to countermeasure zero day attacks. To evaluate our proposal, we built a prototype...
The growing popularity of Android applications makes them vulnerable to security threats. There exist several studies that focus on the analysis of the behaviour of Android applications to detect the repackaged and malicious ones. These techniques use a variety of features to model the application's behaviour, among which the calls to Android API, made by the application components, are shown to be...
Unknown malware has increased dramatically, but the existing security software cannot identify them effectively. In this paper, we propose a new malware detection and classification method based on n-grams attribute similarity. We extract all n-grams of byte codes from training samples and select the most relevant as attributes. After calculating the average value of attributes in malware and benign...
In recent years, smart phone becomes more and more popular. At the same time, the security threat of smart phone is growing. According to “Motive Security Labs Malware Report-H1 2015” [1] report, the number of Android malware is growing year by year. Many researchers focus on the security of Android applications based on permission. Felt et al. [2] designed the stowaway tool to detect the application's...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.