Spyware detection technique based on reinforcement learning

Analysis of the antivirus technologies, showed that they are not able to detect new spyware with high efficiency, which significantly reduces the reliability and efficiency of its identification. Techniques based on heuristic analysis have a high rate of false positives. The paper presents a new technique for the spyware detection method in computer systems that provides a principle of proactivity and is based on mechanisms machine learning with the reinforce-mentlearning. The suggested method of spyware detection is based on software behavior analysis in computer systems. The suggested method involves the computer systems monitoring concerning the software, operates with the behavior

Dataset Construction and Analysis of Screenshot Malware

Among the various types of spyware, screenloggers are distinguished by their ability to capture screenshots. This gives them considerable nuisance capacity, giving rise to theft of sensitive data or, failing that, to serious invasions of the privacy of users. Several examples of attacks relying on this screen capture feature have been documented in recent years. However, there is not sufficient empirical and experimental evidence on this topic. Indeed, to the best of our knowledge, there is no dataset dedicated to screenshot-taking malware until today. The lack of datasets or common testbed platforms makes it difficult to analyse and study their behaviour in order to develop effective countermeasures. The screenshot feature is often a smart feature that does not activate automatically once the malware has infected the machine; the activation mechanisms of this function are often more complex. Consequently, a dataset which is completely dedicated to them would make it possible to better understand the subtleties of triggering screenshots and even to learn to distinguish them from the legitimate applications widely present on devices. The main purpose of this paper is to build such a dataset and analyse the behaviour of screenloggers

Internet bank users´ experiences and ideas about the security of the service

The purpose of this study is to find out weather or not the users of internet bank are aware of the security threats concerning the use of the service. The intention is to find out also if the interviewees have created some methods of their own to raise the security level of their use of internet bank. Still, the purpose of the study is to clarify the interviewees’ opinions about the economically responsible party in case of economic losses. Research material consists of eight internet bank users’ interviews. The statements of the interviewees are considered from factual point of view and analysed by dividing them under certain themes and types. In addition to the interviews of consumers, also two experts were interviewed. This material works more like source of information and it is not analysed like the other interviews. These two interviews were carried out to get information about the security level of Finnish internet banks. Phishing is criminal activity by which the criminals’ objective is to gather confidential information, such as access codes for internet bank, from the victims. This research revealed that the interviewees were quite unaware of the different forms of phishing attacks. However, almost everyone had heard of the phishing e-mails. They were not seen as a threat because the interviewees knew how to identify those e-mails and also that they should never be answered but deleted immediately. Consumers can enhance the security of internet transactions by their own behaviour. The interviewees seemed to be quite careful when using internet bank even though they had not gotten much directions from the bank. The different parts of internet bank access codes were kept separately and the fixed parts were mostly known by heart. Some interviewees used internet bank merely at home or at work place and public computers were broadly avoided for that purpose. The interviewees thought that the economically responsible party in the case of economical losses depends on the situation. Bank could not be held responsible if the access codes were given to outsiders by self. In other cases however the interviewees saw bank as the responsible party. Greater awareness of security threats seems in this research material to increase the responsibility of consumer. Consumers’ responsibility would also increase if banks would increasingly inform consumers about these security threats.Tämän tutkimuksen tarkoituksena on kartoittaa verkkopankin käyttäjien tietoisuutta verkkopankin käyttöön liittyvistä turvallisuusuhista. Lisäksi tarkoituksena on selvittää, onko tutkittaville muodostunut omia keinoja parantaa verkkopankissa asioinnin turvallisuutta. Tarkastelun kohteena on myös tutkittavien näkemys siitä, kenen vastuulla on korvata mahdolliset taloudelliset menetykset onnistuneen huijauksen johdosta. Tutkimusaineisto koostuu kahdeksan tottuneen verkkopankin käyttäjän teemahaastatteluista. Aineistoa tarkastellaan faktanäkökulmasta ja analyysissä on käytetty teemoittelua ja tyypittelyä. Kuluttajahaastattelujen lisäksi tehtiin kaksi asiantuntijahaastattelua. Tätä aineistoa käytetään lähteiden tapaan eikä sitä ole tarkoitus analysoida kuten muita haastatteluja. Phishing on rikollista toimintaa, jonka tavoitteena on saada haltuun uhrin henkilökohtaisia tietoja kuten verkkopankkitunnuksia. Tutkimuksessa selvisi, että haastateltavat olivat melko tietämättömiä erilaisista phishingin muodoista. Lähes kaikki olivat kuitenkin kuulleet kalasteluviesteistä. Niitä ei koettu uhkana itselle koska ne osattiin tunnistaa ja tiedettiin, että viesteihin ei saa vastata vaan ne tulee poistaa. Kuluttaja voi omalla käytöksellään parantaa verkkoasioinnin turvallisuutta. Haastateltavat vaikuttivat olevan melko huolellisia asioidessaan verkkopankissa, vaikka pankista ei oltu juuri annettu ohjeistusta. Verkkopankkitunnusten eri osia säilytettiin erillään ja kiinteät osat muistettiin pääasiassa ulkoa. Verkkopankissa asiointia julkisessa käytössä olevilta koneilta vältettiin yleisesti ja moni rajoitti verkkopankin käytön ainoastaan kotiin ja työpaikalle. Haastateltavat kokivat vastuunjaon taloudellisista menetyksistä riippuvan tilanteesta. Pankkia ei heidän mielestään voi asettaa vastuuseen jos tunnukset on itse annettu vääriin käsiin. Muissa tapauksissa koettiin kuitenkin korvausvastuun olevan pankilla. Kuluttajan suurempi tietoisuus turvallisuusuhista näyttäytyy tässä aineistossa kuluttajan vastuuta kasvattavana tekijänä

A survey of keylogger and screenlogger attacks in the banking sector and countermeasures to them

Keyloggers and screenloggers are one of the active growing threats to user's confidentiality as they can run in user-space, easily be distributed and upload information to remote servers. They use a wide number of different techniques and may be implemented in many ways. Keyloggers and screenloggers are very largely diverted from their primary and legitimate function to be exploited for malicious purposes compro- mising the privacy of users, and bank customers notably. This paper presents a survey of keylogger and screenlogger attacks to increase the understanding and awareness of their threat by covering basic concepts related to bank information systems and explaining their functioning, as it presents and discusses an extensive set of plausible countermeasures