NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem

As a consequence of the growing popularity of smart mobile devices, mobile malware is clearly on the rise, with attackers targeting valuable user information and exploiting vulnerabilities of the mobile ecosystems. With the emergence of large-scale mobile botnets, smartphones can also be used to launch attacks on mobile networks. The NEMESYS project will develop novel security technologies for seamless service provisioning in the smart mobile ecosystem, and improve mobile network security through better understanding of the threat landscape. NEMESYS will gather and analyze information about the nature of cyber-attacks targeting mobile users and the mobile network so that appropriate counter-measures can be taken. We will develop a data collection infrastructure that incorporates virtualized mobile honeypots and a honeyclient, to gather, detect and provide early warning of mobile attacks and better understand the modus operandi of cyber-criminals that target mobile devices. By correlating the extracted information with the known patterns of attacks from wireline networks, we will reveal and identify trends in the way that cyber-criminals launch attacks against mobile devices.Comment: Accepted for publication in Proceedings of the 28th International Symposium on Computer and Information Sciences (ISCIS'13); 9 pages; 1 figur

Android Malware Characterization using Metadata and Machine Learning Techniques

Android Malware has emerged as a consequence of the increasing popularity of smartphones and tablets. While most previous work focuses on inherent characteristics of Android apps to detect malware, this study analyses indirect features and meta-data to identify patterns in malware applications. Our experiments show that: (1) the permissions used by an application offer only moderate performance results; (2) other features publicly available at Android Markets are more relevant in detecting malware, such as the application developer and certificate issuer, and (3) compact and efficient classifiers can be constructed for the early detection of malware applications prior to code inspection or sandboxing.Comment: 4 figures, 2 tables and 8 page

R2-D2: ColoR-inspired Convolutional NeuRal Network (CNN)-based AndroiD Malware Detections

The influence of Deep Learning on image identification and natural language processing has attracted enormous attention globally. The convolution neural network that can learn without prior extraction of features fits well in response to the rapid iteration of Android malware. The traditional solution for detecting Android malware requires continuous learning through pre-extracted features to maintain high performance of identifying the malware. In order to reduce the manpower of feature engineering prior to the condition of not to extract pre-selected features, we have developed a coloR-inspired convolutional neuRal networks (CNN)-based AndroiD malware Detection (R2-D2) system. The system can convert the bytecode of classes.dex from Android archive file to rgb color code and store it as a color image with fixed size. The color image is input to the convolutional neural network for automatic feature extraction and training. The data was collected from Jan. 2017 to Aug 2017. During the period of time, we have collected approximately 2 million of benign and malicious Android apps for our experiments with the help from our research partner Leopard Mobile Inc. Our experiment results demonstrate that the proposed system has accurate security analysis on contracts. Furthermore, we keep our research results and experiment materials on http://R2D2.TWMAN.ORG.Comment: Verison 2018/11/15, IEEE BigData 2018, Seattle, WA, USA, Dec 10-13, 2018. (Accepted

Android Malware Detection using Machine Learning Techniques

Android is the world\u27s most popular and widely used operating system for mobile smartphones today. One of the reasons for this popularity is the free third-party applications that are downloaded and installed and provide various types of benefits to the user. Unfortunately, this flexibility of installing any application created by third parties has also led to an endless stream of constantly evolving malware applications that are intended to cause harm to the user in many ways. In this project, different approaches for tackling the problem of Android malware detection are presented and demonstrated. The data analytics of a real-time detection system is developed. The detection system can be used to scan through installed applications to identify potentially harmful ones so that they can be uninstalled. This is achieved through machine learning models. The effectiveness of the models using two different types of features, namely permissions and signatures, is explored. Exploratory data analysis and feature engineering are first implemented on each dataset to reduce a large number of features available. Then, different data mining supervised classification models are used to classify whether a given app is malware or benign. The performance metrics of different models are then compared to identify the technique that offers the best results for this purpose of malware detection. It is observed in the end that the signatures-based approach is more effective than the permissions-based approach. The kNN classifier and Random Forest classifier are both equally effective in terms of the classification models

Effective Secure Data Agreement Approach-based cloud storage for a healthcare organization

In recent days, there has been a significant development in the field of computers as they need to handle the vast resource using cloud computing and performing various cloud services. The cloud helps to manage the resource dynamically based on the user demand and is transmitted to multiple users in healthcare organizations. Mainly the cloud helps to reduce the performance cost and enhance data scalability & flexibility. The main challenges faced by the existing technologies integrated with the cloud need to be solved in managing the data and the problem of data heterogeneity. As the above challenges, mitigation makes the services more data stable should the healthcare organization identify the malware. Developed countries are utilizing the services through the cloud as it needs more security. In this work, a secure data agreement approach is proposed as it is associated with feature extraction with cloud computing for healthcare to examine and enhance the user parties to make effective decisions. The proposed method classifies into two components. The first component deals with the modified data formulation algorithm, used to identify the relationship among variables, i.e., data correlation, and validate the data using trained data. It helps to achieve data reduction and data scale development. In the second component, Feature selection is used to validate the model using subset selection to determine the model fitness based on the data. It is necessary to have more samples of different Android applications to examine the framework using factors like data correctness and the F-measure. As feature selection is a concern, this study focuses on Chi-square, gain ratio, information gain, logistic regression analysis, OneR, and PCA