An anti-malvertising model for university students to increase security awareness

Accessing the website through the Internet has introduced a new way of advertising information to the users. The term “malvertising” comes from the word malware and advertising. It is one type of attack that performs malware or scareware injection into the online advertisements. The purpose of this study is to investigate security awareness on malvertising attack among university students, propose an anti-malvertising model to improve security awareness, and to evaluate the security awareness of the proposed model. The data collection of the research starts with preliminary study in understanding the malvertising issue. Then, survey questionnaire is distributed to university students from two different local universities (UTM, Kuala Lumpur and UMP, Pahang) from two different backgrounds (IT related and non-IT related courses) to investigate current security awareness on malvertising attack. The study proposes theoretical model on antimalvertising and the security awareness will be analyzed through the survey. The proposed model consists of protection, behavior and monitoring components, identified as independent variables and the security awareness on the antimalvertising will is identified as the dependent variable. The study had found that more than half of the students are aware with the malvertising attack by practicing protection measures, security behavior, and security monitoring that give positive impact to the students’ security awareness. This proposed theoretical model may be beneficial for the students as a basis of reference for anti-malvertising exercise, while promoting the security awareness among university students. Besides, the theoretical model can be used as a reference for the researchers in this field as well as other security practitioners in practicing the suitable components that constitute security awareness for malvertising

Obfuscated computer virus detection using machine learning algorithm

Nowadays, computer virus attacks are getting very advanced. New obfuscated computer virus created by computer virus writers will generate a new shape of computer virus automatically for every single iteration and download. This constantly evolving computer virus has caused significant threat to information security of computer users, organizations and even government. However, signature based detection technique which is used by the conventional anti-computer virus software in the market fails to identify it as signatures are unavailable. This research proposed an alternative approach to the traditional signature based detection method and investigated the use of machine learning technique for obfuscated computer virus detection. In this work, text strings are used and have been extracted from virus program codes as the features to generate a suitable classifier model that can correctly classify obfuscated virus files. Text string feature is used as it is informative and potentially only use small amount of memory space. Results show that unknown files can be correctly classified with 99.5% accuracy using SMO classifier model. Thus, it is believed that current computer virus defense can be strengthening through machine learning approach

Extended Abstract : Detecting Scareware by Mining Variable Length Instruction Sequences

This paper presents a scareware detection method that is based on performing data mining on extracted variable length opcode sequences derived from instruction sequences of binary files. Our experimental results show that many common supervised learning algorithms generate accurate models from subsets of our data set