4 research outputs found
An anti-malvertising model for university students to increase security awareness
Accessing the website through the Internet has introduced a new way of
advertising information to the users. The term “malvertising” comes from the word
malware and advertising. It is one type of attack that performs malware or scareware
injection into the online advertisements. The purpose of this study is to investigate
security awareness on malvertising attack among university students, propose an
anti-malvertising model to improve security awareness, and to evaluate the security
awareness of the proposed model. The data collection of the research starts with
preliminary study in understanding the malvertising issue. Then, survey
questionnaire is distributed to university students from two different local
universities (UTM, Kuala Lumpur and UMP, Pahang) from two different
backgrounds (IT related and non-IT related courses) to investigate current security
awareness on malvertising attack. The study proposes theoretical model on antimalvertising
and the security awareness will be analyzed through the survey. The
proposed model consists of protection, behavior and monitoring components,
identified as independent variables and the security awareness on the antimalvertising
will is identified as the dependent variable. The study had found that
more than half of the students are aware with the malvertising attack by practicing
protection measures, security behavior, and security monitoring that give positive
impact to the students’ security awareness. This proposed theoretical model may be
beneficial for the students as a basis of reference for anti-malvertising exercise, while
promoting the security awareness among university students. Besides, the theoretical
model can be used as a reference for the researchers in this field as well as other
security practitioners in practicing the suitable components that constitute security
awareness for malvertising
Obfuscated computer virus detection using machine learning algorithm
Nowadays, computer virus attacks are getting very advanced. New obfuscated computer virus created by computer virus writers will generate a new shape of computer virus automatically for every single iteration and download. This constantly evolving computer virus has caused significant threat to information security of computer users, organizations and even government. However, signature based detection technique which is used by the conventional anti-computer virus software in the market fails to identify it as signatures are unavailable. This research proposed an alternative approach to the traditional signature based detection method and investigated the use of machine learning technique for obfuscated computer virus detection. In this work, text strings are used and have been extracted from virus program codes as the features to generate a suitable classifier model that can correctly classify obfuscated virus files. Text string feature is used as it is informative and potentially only use small amount of memory space. Results show that unknown files can be correctly classified with 99.5% accuracy using SMO classifier model. Thus, it is believed that current computer virus defense can be strengthening through machine learning approach
Extended Abstract : Detecting Scareware by Mining Variable Length Instruction Sequences
This paper presents a scareware detection method that is based on performing data mining on extracted variable length opcode sequences derived from instruction sequences of binary files. Our experimental results show that many common supervised learning algorithms generate accurate models from subsets of our data set