Marionettwork Security

Malware is one of the most terrible and major security threats facing the Internet today. It has been surveyed that around 71% of attacks are done using Trojan horses and DOS attacks. So, Trojan horses and DOS attacks are the main focus of the system. Trojan horse are the most dangerous malwares, it never shows their presence on the pc or laptop it works at the back end and provides all the credentials and sensitive information to the attacker, it also opens door for other malwares like, viruses, worms, spyware, adware etc. Report informs about currently working software in market and comparison between new system developed and current systems and describes how newly developed system is better than current systems. This report gives best option for real time network security analyzing

A Novel Approach to Trojan Horse Detection in Mobile Phones Messaging and Bluetooth Services

A method to detect Trojan horses in messaging and Bluetooth in mobile phones by means of monitoring the events produced by the infections is presented in this paper. The structure of the detection approach is split into two modules: the first is the Monitoring module which controls connection requests and sent/received files, and the second is the Graphical User module which shows messages and, under suspicious situations, reports the user about a possible malware. Prototypes have been implemented on different mobile operating systems to test its feasibility on real cellphone malware. Experimental results are shown to be promising since this approach effectively detects various known malwareMinisterio de Ciencia e Innovación TIN2009-14378-C02-0

Using random projections for dimensionality reduction in identifying rogue applications

In general, the consumer must depend on others to provide their software solutions. However, this outsourcing of software development has caused it to become more and more abstract as to where the software is actually being developed and by whom, and it poses a potentially large security problem for the consumer as it opens up the possibility for rogue functionality to be injected into an application without the consumer’s knowledge or consent. This begs the question of ‘How do we know that the software we use can be trusted?’ or ‘How can we have assurance that the software we use is doing only the tasks that we ask it to do?’ Traditional methods for thwarting such activities, such as virus detection engines, are far too antiquated for today’s adversary. More sophisticated research needs to be conducted in this area to combat these more technically advanced enemies. To combat the ever increasing problem of rogue applications, this dissertation has successfully applied and extended the information retrieval techniques of n-gram analysis and document similarity and the data mining techniques of dimensionality reduction and attribute extraction. This combination of techniques has generated a more effective Trojan horse, rogue application detection capability tool suite that can detect not only standalone rogue applications but also those that are embedded within other applications. This research provides several major contributions to the field including a unique combination of techniques that have provided a new tool for the administrator’s multi-pronged defense to combat the infestation of rogue applications. Another contribution involves a unique method of slicing the potential rogue applications that has proven to provide a more robust rogue application classifier. Through experimental research this effort has shown that a viable and worthy rogue application detection tool suite can be developed. Experimental results have shown that in some cases as much as a 28% increase in overall accuracy can be achieved when comparing the accepted feature selection practice of mutual information with the feature extraction method presented in this effort called randomized projection

Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey

Malwares are big threat to digital world and evolving with high complexity. It can penetrate networks, steal confidential information from computers, bring down servers and can cripple infrastructures etc. To combat the threat/attacks from the malwares, anti- malwares have been developed. The existing anti-malwares are mostly based on the assumption that the malware structure does not changes appreciably. But the recent advancement in second generation malwares can create variants and hence posed a challenge to anti-malwares developers. To combat the threat/attacks from the second generation malwares with low false alarm we present our survey on malwares and its detection techniques.Comment: 5 Page

Malware Detection and Analysis

Malicious software poses a serious threat to the cybersecurity of network infrastructures and is a global pandemic in the form of computer viruses, Trojan horses, and Internet worms. Studies imply that the effects of malware are deteriorating. The main defense against malware is malware detectors. The methods that such a detector employ define its level of quality. Therefore, it is crucial that we research malware detection methods and comprehend their advantages and disadvantages. Attackers are creating malware that is polymorphic and metamorphic and has the capacity to modify their source code as they spread. Furthermore, existing defenses, which often utilize signature-based approaches and are unable to identify the previously undiscovered harmful executables, are significantly undermined by the diversity and volume of their variations. Malware families\u27 variations exhibit common behavioral characteristics that reveal their origin and function. Machine learning techniques may be used to detect and categorize novel viruses into their recognized families utilizing the behavioral patterns discovered via static or dynamic analysis. In this paper, we\u27ll talk about malware, its various forms, malware concealment strategies, and malware attack mechanisms. Additionally, many detection methods and classification models are presented in this study. The method of malware analysis is demonstrated by conducting an analysis of a malware program in a contained environment

Malware Detection Using N-GRAM Based File Signature Based Method

We know that malware can affect on computer data, they disturb computer .there is large growth in virus of different like Trojan horses, worms, benign etc. however developer has need pay attention on that activity ,need to develop strong anti-analysis technique for that. Malware detection is critical technique in computer security. signature based method for malware detection is used, this is mostly used in commercial antivirus software but this method detect malware only when virus caused damage or already registered. otherwise it fail to detect malware. Applying a methodology proven successful in similar problem-domains, we propose the use of n-grams as file signatures in order to detect unknown malware whilst keeping low false positive ratio. We show that n-grams signatures provide an effective way to detect unknown malware

Review on Malware and Malware Detection ‎Using Data Mining Techniques

البرمجيات الخبيثة هي اي نوع من البرمجيات او شفرات برمجية التي هدفها سرقة بعض المعلومات الخاصة او بيانات من نظام الكمبيوتر او عمليات الكمبيوتر او(و) فقط ببساطة لعمل المبتغيات غير المشروعة لصانع البرامجيات الخبيثة على نظام الكمبيوتر، وبدون الرخصة من مستخدمي الكمبيوتر. البرامجيات الخبيثة للمختصر القصير تعرف كملور. ومع ذلك، اكتشاف البرامجبات الخبيثة اصبحت واحدة من اهم المشاكل في مجال امن الكمبيوتر وذلك لان بنية الاتصال الحالية غير حصينه للاختراق من قبل عدة انواع من استراتيجيات الاصابات والهجومات للبرامجيات الخبيثة. فضلا على ذلك، البرامجيات الخبيثة متنوعة ومختلفة في المقدار والنوعيات وهذا يبطل بصورة تامة فعالية طرق الحماية القديمة والتقليدية مثل طريقة التواقيع والتي تكون غير قادرة على اكتشاف البرامجيات الخبيثة الجديدة. من ناحية أخرى، هذا الضعف سوف يودي الى نجاح اختراق (والهجوم) نظام الكمبيوتر بالإضافة الى نجاح هجومات أكثر تطوراً مثل هجوم منع الخدمة الموزع. طرق تنقيب البيانات يمكن ان تستخدم لتغلب على القصور في طريقة التواقيع لاكتشاف البرامجيات الخبيثة غير المعروفة. هذا البحث يقدم نظره عامة عن البرامجيات الخبيثة وانظمة اكتشاف البرامجيات الخبيثة باستخدام التقنيات الحديثة مثل تقنيات طريقة تعدين البيانات لاكتشاف عينات البرامجيات الخبيثة المعروفة وغير المعروفة.Malicious software is any type of software or codes which hooks some: private information, data from the computer system, computer operations or(and) merely just to do malicious goals of the author on the computer system, without permission of the computer users. (The short abbreviation of malicious software is Malware). However, the detection of malware has become one of biggest issues in the computer security field because of the current communication infrastructures are vulnerable to penetration from many types of malware infection strategies and attacks.  Moreover, malwares are variant and diverse in volume and types and that strictly explode the effectiveness of traditional defense methods like signature approach, which is unable to detect a new malware. However, this vulnerability will lead to a successful computer system penetration (and attack) as well as success of more advanced attacks like distributed denial of service (DDoS) attack. Data mining methods can be used to overcome limitation of signature-based techniques to detect the zero-day malware. This paper provides an overview of malware and malware detection system using modern techniques such as techniques of data mining approach to detect known and unknown malware samples

Intrusion Detection in Mobile Phone Systems Using Data Mining Techniques

New security threats emerge against mobile devices as the devices\u27 computing power and storage capabilities evolve. Preventive mechanisms like authentication, encryption alone are not sufficient to provide adequate security for a system. There is a definite need for Intrusion detection systems that will improve security and use fewer resources on the mobile phone. In this work we proposed an intrusion detection method that efficiently detects intrusions in mobile phones using Data Mining techniques. We used network based approach that will remove the overhead processing from the mobile phones. A neural network classifier will be built and trained for each user based on his call logs .An application that runs on smart phone of the user collects certain information of the user and sends them over to the remote server. These logs then fed to the already trained classifier which analyzes the logs and sends back the feedback to the smart phones whenever abnormalities are found. Also we compared different neural classifiers to identify the classifier with better performance. Our results showed clearly the effectiveness of our method to detect intrusions and outperformed existing Intrusion detection methods with 95% detection rate