171 research outputs found
Propagation, Detection and Containment of Mobile Malware.
Today's enterprise systems and networks are frequent targets of
malicious attacks, such as worms, viruses, spyware and intrusions
that can disrupt, or even disable critical services. Recent trends
suggest that by combining spyware as a malicious payload with worms
as a delivery mechanism, malicious programs can potentially be used
for industrial espionage and identity theft. The problem is
compounded further by the increasing convergence of wired, wireless
and cellular networks, since virus writers can now write malware
that can crossover from one network segment to another,
exploiting services and vulnerabilities specific to each network.
This dissertation makes four primary contributions. First, it builds
more accurate malware propagation models for emerging hybrid malware
(i.e., malware that use multiple propagation vectors such as
Bluetooth, Email, Peer-to-Peer, Instant Messaging, etc.), addressing
key propagation factors such as heterogeneity of nodes, services and
user mobility within the network. Second, it develops a proactive containment framework based on group-behavior of
hosts against such malicious agents in an enterprise setting. The
majority of today's anti-virus solutions are reactive, i.e., these
are activated only after a malicious activity has been detected at a
node in the network. In contrast, proactive containment has the
potential of closing the vulnerable services ahead of infection, and
thereby halting the spread of the malware. Third, we study (1) the
current-generation mobile viruses and worms that target SMS/MMS
messaging and Bluetooth on handsets, and the corresponding exploits,
and (2) their potential impact in a large SMS provider network using
real-life SMS network data. Finally, we propose a new behavioral
approach for detecting emerging malware targeting mobile handsets.
Our approach is based on the concept of generalized behavioral
patterns instead of traditional signature-based detection. The
signature-based methods are not scalable for deployment in mobile
devices due to limited resources available on today's typical
handsets. Further, we demonstrate that the behavioral approach not
only has a compact footprint, but also can detect new classes of
malware that combine some features from existing classes of malware.Ph.D.Computer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/60849/1/abose_1.pd
A Review on Preventing Professional Network by Using Human Behavioral Activity Log
Huge number of undesirable exercises happens on proficient system and postures awesome risk to the clients. It is troublesome for conventional framework to distinguish such sort of exercises. It is along these lines essential to address the security ramifications of how the distributed data inside informal organizations is taken care of. Data that is distributed by clients inside a restricted gathering or maybe imparted to a solitary client is regularly of a nature that can cause noteworthy burden or even mischief to concerned clients. A Human conduct examination technique in light of conduct order is proposed to distinguish the malevolent conduct of the obscure Users. Human exercises will be signed in the database for keeping up their profile. At whatever points an obscure client tries to sign into honest to goodness client’s account in light of this log the client will get advised. Additionally the log of obscure client will be keep up with the goal that the honest to goodness client can watch the progressions and as needs be he can return the conceivable changes which was finished by obscure client
In-Vivo Bytecode Instrumentation for Improving Privacy on Android Smartphones in Uncertain Environments
In this paper we claim that an efficient and readily applicable means to
improve privacy of Android applications is: 1) to perform runtime monitoring by
instrumenting the application bytecode and 2) in-vivo, i.e. directly on the
smartphone. We present a tool chain to do this and present experimental results
showing that this tool chain can run on smartphones in a reasonable amount of
time and with a realistic effort. Our findings also identify challenges to be
addressed before running powerful runtime monitoring and instrumentations
directly on smartphones. We implemented two use-cases leveraging the tool
chain: BetterPermissions, a fine-grained user centric permission policy system
and AdRemover an advertisement remover. Both prototypes improve the privacy of
Android systems thanks to in-vivo bytecode instrumentation.Comment: ISBN: 978-2-87971-111-
Masquerade Detection on Mobile Devices
A masquerade is an attack where the attacker avoids detection by impersonating an authorized user of a system. In this research we consider the problem of masquerade detection on mobile devices. Our goal is to improve on previous work by considering more features and a wide variety of machine learning techniques. Our approach consists of verifying the authenticity of users based on individual features and combinations of features for all users to determine which features contribute the most to masquerade detection. Also, we determine which of the two approaches - the combination of features or using individual features has performed better
- …