A Cloud Based Android System for Reporting Crimes Against Child Sexual Abuse

A cloud based android system for reporting crimes against child sexual abuse is a real time cloud-based system to be used by people to report crimes concerning sexual abuse of children to relevant organizations. Usually, when crimes of this kind happen, the victims or witnesses go to the police, or call related organizations to report crimes. The crimes are then processed through a paper-based system where the cases are recorded and them handled accordingly. This approach is usually slow and in sometimes reads to dissatisfactions to the victims and relatives. With the wide spread of android phones, android system to report the crimes would make the crime management easier and faster as the crimes will be reported in real time using an android phone. Management of the cases will also be fast as the crimes will be directly reported to a cloud database which will make crime tracing and management faster. A global positioning system which is already implemented in all android phones will be used to track the location of the person reporting the crime. Firebase real time database will be used to store the data reported. All the users of the system will be authenticated to make sure they are not eligible to use the application and for privacy of user information. Thus, a cloud based android system will be beneficial to both the public and the acting organizations and there by improve measures to reduce sex crimes against children

Adaptation of the human nervous system for self-aware secure mobile and IoT systems

IT systems have been deployed across several domains, such as hospitals and industries, for the management of information and operations. These systems will soon be ubiquitous in every field due to the transition towards the Internet of Things (IoT). The IoT brings devices with sensory functions into IT systems through the process of internetworking. The sensory functions of IoT enable them to generate and process information automatically, either without human contribution or having the least human interaction possible aside from the information and operations management tasks. Security is crucial as it prevents system exploitation. Security has been employed after system implementation, and has rarely been considered as a part of the system. In this dissertation, a novel solution based on a biological approach is presented to embed security as an inalienable part of the system. The proposed solution, in the form of a prototype of the system, is based on the functions of the human nervous system (HNS) in protecting its host from the impacts caused by external or internal changes. The contributions of this work are the derivation of a new system architecture from HNS functionalities and experiments that prove the implementation feasibility and efficiency of the proposed HNS-based architecture through prototype development and evaluation. The first contribution of this work is the adaptation of human nervous system functions to propose a new architecture for IT systems security. The major organs and functions of the HNS are investigated and critical areas are identified for the adaptation process. Several individual system components with similar functions to the HNS are created and grouped to form individual subsystems. The relationship between these components is established in a similar way as in the HNS, resulting in a new system architecture that includes security as a core component. The adapted HNS-based system architecture is employed in two the experiments prove its implementation capability, enhancement of security, and overall system operations. The second contribution is the implementation of the proposed HNS-based security solution in the IoT test-bed. A temperature-monitoring application with an intrusion detection system (IDS) based on the proposed HNS architecture is implemented as part of the test-bed experiment. Contiki OS is used for implementation, and the 6LoWPAN stack is modified during the development process. The application, together with the IDS, has a brain subsystem (BrSS), a spinal cord subsystem (SCSS), and other functions similar to the HNS whose names are changed. The HNS functions are shared between an edge router and resource-constrained devices (RCDs) during implementation. The experiment is evaluated in both test-bed and simulation environments. Zolertia Z1 nodes are used to form a 6LoWPAN network, and an edge router is created by combining Pandaboard and Z1 node for a test-bed setup. Two networks with different numbers of sensor nodes are used as simulation environments in the Cooja simulator. The third contribution of this dissertation is the implementation of the proposed HNS-based architecture in the mobile platform. In this phase, the Android operating system (OS) is selected for experimentation, and the proposed HNS-based architecture is specifically tailored for Android. A context-based dynamically reconfigurable access control system (CoDRA) is developed based on the principles of the refined HNS architecture. CoDRA is implemented through customization of Android OS and evaluated under real-time usage conditions in test-bed environments. During the evaluation, the implemented prototype mimicked the nature of the HNS in securing the application under threat with negligible resource requirements and solved the problems in existing approaches by embedding security within the system. Furthermore, the results of the experiments highlighted the retention of HNS functions after refinement for different IT application areas, especially the IoT, due to its resource-constrained nature, and the implementable capability of our proposed HNS architecture.--- IT-järjestelmiä hyödynnetään tiedon ja toimintojen hallinnassa useilla aloilla, kuten sairaaloissa ja teollisuudessa. Siirtyminen kohti esineiden Internetiä (Internet of Things, IoT) tuo tällaiset laitteet yhä kiinteämmäksi osaksi jokapäiväistä elämää. IT-järjestelmiin liitettyjen IoT-laitteiden sensoritoiminnot mahdollistavat tiedon automaattisen havainnoinnin ja käsittelyn osana suurempaa järjestelmää jopa täysin ilman ihmisen myötävaikutusta, poislukien mahdolliset ylläpito- ja hallintatoimenpiteet. Turvallisuus on ratkaisevan tärkeää IT-järjestelmien luvattoman käytön estämiseksi. Valitettavan usein järjestelmäsuunnittelussa turvallisuus ei ole osana ydinsuunnitteluprosessia, vaan otetaan huomioon vasta käyttöönoton jälkeen. Tässä väitöskirjassa esitellään uudenlainen biologiseen lähestymistapaan perustuva ratkaisu, jolla turvallisuus voidaan sisällyttää erottamattomaksi osaksi järjestelmää. Ehdotettu prototyyppiratkaisu perustuu ihmisen hermoston toimintaan tilanteessa, jossa se suojelee isäntäänsä ulkoisten tai sisäisten muutosten vaikutuksilta. Tämän työn keskeiset tulokset ovat uuden järjestelmäarkkitehtuurin johtaminen ihmisen hermoston toimintaperiaatteesta sekä tällaisen järjestelmän toteutettavuuden ja tehokkuuden arviointi kokeellisen prototyypin kehittämisen ja toiminnan arvioinnin avulla. Tämän väitöskirjan ensimmäinen kontribuutio on ihmisen hermoston toimintoihin perustuva IT-järjestelmäarkkitehtuuri. Tutkimuksessa arvioidaan ihmisen hermoston toimintaa ja tunnistetaan keskeiset toiminnot ja toiminnallisuudet, jotka mall-innetaan osaksi kehitettävää järjestelmää luomalla näitä vastaavat järjestelmäkomponentit. Nä-istä kootaan toiminnallisuudeltaan hermostoa vastaavat osajärjestelmät, joiden keskinäinen toiminta mallintaa ihmisen hermoston toimintaa. Näin luodaan arkkitehtuuri, jonka keskeisenä komponenttina on turvallisuus. Tämän pohjalta toteutetaan kaksi prototyyppijärjestelmää, joiden avulla arvioidaan arkkitehtuurin toteutuskelpoisuutta, turvallisuutta sekä toimintakykyä. Toinen kontribuutio on esitetyn hermostopohjaisen turvallisuusratkaisun toteuttaminen IoT-testialustalla. Kehitettyyn arkkitehtuuriin perustuva ja tunkeutumisen estojärjestelmän (intrusion detection system, IDS) sisältävä lämpötilan seurantasovellus toteutetaan käyttäen Contiki OS -käytöjärjestelmää. 6LoWPAN protokollapinoa muokataan tarpeen mukaan kehitysprosessin aikana. IDS:n lisäksi sovellukseen kuuluu aivo-osajärjestelmä (Brain subsystem, BrSS), selkäydinosajärjestelmä (Spinal cord subsystem, SCSS), sekä muita hermoston kaltaisia toimintoja. Nämä toiminnot jaetaan reunareitittimen ja resurssirajoitteisten laitteiden kesken. Tuloksia arvioidaan sekä simulaatioiden että testialustan tulosten perusteella. Testialustaa varten 6LoWPAN verkon toteutukseen valittiin Zolertia Z1 ja reunareititin on toteutettu Pandaboardin ja Z1:n yhdistelmällä. Cooja-simulaattorissa käytettiin mallinnukseen ymp-äristönä kahta erillistä ja erikokoisuta sensoriverkkoa. Kolmas tämän väitöskirjan kontribuutio on kehitetyn hermostopohjaisen arkkitehtuurin toteuttaminen mobiilialustassa. Toteutuksen alustaksi valitaan Android-käyttöjärjestelmä, ja kehitetty arkkitehtuuri räätälöidään Androidille. Tuloksena on kontekstipohjainen dynaamisesti uudelleen konfiguroitava pääsynvalvontajärjestelmä (context-based dynamically reconfigurable access control system, CoDRA). CoDRA toteutetaan mukauttamalla Androidin käyttöjärjestelmää ja toteutuksen toimivuutta arvioidaan reaaliaikaisissa käyttöolosuhteissa testialustaympäristöissä. Toteutusta arvioitaessa havaittiin, että kehitetty prototyyppi jäljitteli ihmishermoston toimintaa kohdesovelluksen suojaamisessa, suoriutui tehtävästään vähäisillä resurssivaatimuksilla ja onnistui sisällyttämään turvallisuuden järjestelmän ydintoimintoihin. Tulokset osoittivat, että tämän tyyppinen järjestelmä on toteutettavissa sekä sen, että järjestelmän hermostonkaltainen toiminnallisuus säilyy siirryttäessä sovellusalueelta toiselle, erityisesti resursseiltaan rajoittuneissa IoT-järjestelmissä

PIDE: physical intrusion detection for personal mobile devices

Tese de mestrado, Engenharia Informática (Arquitectura, Sistemas e Redes de Computadores), Universidade de Lisboa, Faculdade de Ciências, 2015Os dispositivos móveis pessoais, como smartphones e tablets, permitem guardar e aceder a dados pessoais a qualquer hora e em qualquer lugar. Estes dispositivos contêm cada vez mais informação sensível sobre os seus proprietários, incluindo códigos de acesso, mensagens de texto, registo de chamadas, contactos, fotos, vídeos e informações sobre a localização geográfica. Os utilizadores parecem conscientes do risco que estes dispositivos trazem à sua privacidade. As investigações dos problemas de segurança em dispositivos móveis são, em grande parte, sobre ameaças de software malicioso. No entanto, uma vez que os dispositivos móveis são frequentemente utilizados na presença de outros, a ameaça colocada por pessoas próximas, fisicamente ou socialmente, tem vindo a levantar vários problemas de privacidade. Um estudo aferiu que os dispositivos móveis de 14% dos utilizadores inquiridos já foi utilizado por outra pessoa sem a sua permissão. O mesmo estudo indicou que 9% dos utilizadores confessou ter utilizado o smartphone de outra pessoa com a finalidade de adquirir informações pessoais. Atualmente, o mecanismo de segurança mais comum contra intrusão física é a autenticação no ato de desbloqueio do dispositivo, seja por palavra-passe, PIN, padrão ou mesmo biométrica. Estes mecanismos de segurança são úteis quando um dispositivo é perdido ou roubado, mas ineficazes quando se trata de prevenir os amigos e a família de explorarem conteúdos num dispositivo. Os mecanismos de autenticação são vulneráveis a ataques de observação, que podem ser facilmente realizados por pessoas que pertencem ao mesmo círculo social. Por exemplo, um individuo próximo consegue facilmente descobrir um código de acesso, observando-o quando é introduzido, ou observando as marcas deixadas no ecrã tátil. Por outro lado, alguns utilizadores consideram que a autenticação é por vezes fastidiosa, já que as interações com estes dispositivos são curtas e frequentes. Por esse motivo, muitos utilizadores nunca chegam a configurar o mecanismo, ou apenas o utilizam temporariamente. Muitas vezes, por conveniência, necessidade ou até mesmo práticas sociais, os utilizadores de dispositivos móveis são encorajados a partilhá-los com outros. Normalmente, estes dispositivos são partilhados para tarefas muitos especificas, tais como fazer chamadas telefónicas, enviar mensagens de texto, navegar na internet e até mesmo jogar. Nestas situações, os utilizadores vêm-se muitas das vezes forçados a partilhar os seus códigos de desbloqueio. Por vezes, a recusa em fazê-lo conduz a situações sociais embaraçosas, A principal característica deste sistema é que executa as tarefas de deteção de intrusões e gravação de interações, de forma inconspícua, o que significa que o utilizador não se apercebe da sua execução. Assim, esta aplicação torna-se num mecanismo de segurança que não requer nenhuma interação explícita. Para concretizar o mecanismo de reconhecimento facial, utilizou-se a biblioteca Open- CV, que oferece algoritmos otimizados de deteção e reconhecimento facial, e a biblioteca JavaCV, que é uma interface em Java para OpenCV. Para registar as ações do utilizador, foram desenvolvidos dois mecanismos de gravação distintos: screencast e event-based recording. O mecanismo screencast captura screenshots; o proprietário visualiza posteriormente as ações dos utilizadores intrusos numa sequência de imagens. O mecanismo event-based recording é baseado em eventos de acessibilidade, que são mensagens lançadas pelo sistema operativo enquanto o utilizador interage com o dispositivo. Através destes eventos é possível adquirir dados suficientes para conhecer as interações que o utilizador executou no dispositivo e produzir uma lista de aplicações utilizadas e ações executadas em cada uma das aplicações. Para validar este sistema de deteção de intrusões, foram realizados dois estudos com utilizadores. Um estudo de laboratório que tinha como objetivo, não só examinar preocupações emergentes dos utilizadores em relação à privacidade e ao uso dos seus dispositivos por terceiros, mas também identificar mecanismos de defesa e, finalmente, demonstrar a aplicação desenvolvida e compreender de que forma os participantes planeariam utilizar esta ferramenta e se a consideram útil e adequada às suas necessidades. Posteriormente foi elaborado um estudo de campo, que permitiu aos participantes utilizarem a aplicação durante um período alargado de tempo, com o objetivo de compreender como é que os utilizadores adotaram a aplicação. Os resultados indicam que a abordagem dos Sistemas de Deteção de Intrusões se adequa à proteção de conteúdos em situações de partilha do dispositivo e em situações em que a autenticação é insuficiente. Por um lado, funciona como um mecanismo dissuasor, por outro funciona como uma ferramenta que informa o proprietário de quem utilizou o dispositivo e com que propósito. Esta abordagem também é adequada às necessidades dos utilizadores em termos de segurança usável, nomeadamente através da oferta de uma medida de segurança que não exige que os utilizadores despendam esforço em cada interação com o dispositivo.Authentication mechanisms are useful when a device is lost or stolen, but ineffective when it comes to preventing friends and family from snooping through contents. Most unlock authentication methods are vulnerable to observation attacks than can easily be performed by those in a close social circle. Moreover, unlock authentication does not address the common use case of device sharing. Intrusion Detection and Response Systems (IDRS) are based on the assumption that a system will eventually be attacked, and are widely used in network systems as an additional security measure that works around authentication flaws. The main contribution of this work was the design and development of an inconspicuous IDRS for Android smartphones, called Auric. A parallel contribution was the evaluation of the adequacy of that approach, intended to dissuade socially-close adversaries from snooping through device contents. This system runs on the background and attempts to determine, through face recognition, if the device is being operated by the owner. If it is not, it starts recording user actions, which can later be reviewed by the owner. We conducted a laboratory study to examine users concerns over other people looking through their data, and to present the system to participants. We also conducted a field study, where participants used the system for an extended period of time, in order to understand how they adopted it. Results indicate that the IDRS approach addresses previously unmet needs, namely by offering a security measure that does not require users to expend effort in every interaction with the device

IoT Malware Network Traffic Classification using Visual Representation and Deep Learning

With the increase of IoT devices and technologies coming into service, Malware has risen as a challenging threat with increased infection rates and levels of sophistication. Without strong security mechanisms, a huge amount of sensitive data is exposed to vulnerabilities, and therefore, easily abused by cybercriminals to perform several illegal activities. Thus, advanced network security mechanisms that are able of performing a real-time traffic analysis and mitigation of malicious traffic are required. To address this challenge, we are proposing a novel IoT malware traffic analysis approach using deep learning and visual representation for faster detection and classification of new malware (zero-day malware). The detection of malicious network traffic in the proposed approach works at the package level, significantly reducing the time of detection with promising results due to the deep learning technologies used. To evaluate our proposed method performance, a dataset is constructed which consists of 1000 pcap files of normal and malware traffic that are collected from different network traffic sources. The experimental results of Residual Neural Network (ResNet50) are very promising, providing a 94.50% accuracy rate for detection of malware traffic.Comment: 10 pages, 5 figures, 2 table

Android Malware Detection System using Genetic Programming

Nowadays, smartphones and other mobile devices are playing a significant role in the way people engage in entertainment, communicate, network, work, and bank and shop online. As the number of mobile phones sold has increased dramatically worldwide, so have the security risks faced by the users, to a degree most do not realise. One of the risks is the threat from mobile malware. In this research, we investigate how supervised learning with evolutionary computation can be used to synthesise a system to detect Android mobile phone attacks. The attacks include malware, ransomware and mobile botnets. The datasets used in this research are publicly downloadable, available for use with appropriate acknowledgement. The primary source is Drebin. We also used ransomware and mobile botnet datasets from other Android mobile phone researchers. The research in this thesis uses Genetic Programming (GP) to evolve programs to distinguish malicious and non-malicious applications in Android mobile datasets. It also demonstrates the use of GP and Multi-Objective Evolutionary Algorithms (MOEAs) together to explore functional (detection rate) and non-functional (execution time and power consumption) trade-offs. Our results show that malicious and non-malicious applications can be distinguished effectively using only the permissions held by applications recorded in the application's Android Package (APK). Such a minimalist source of features can serve as the basis for highly efficient Android malware detection. Non-functional tradeoffs are also highlight

The Future of Cybercrime: AI and Emerging Technologies Are Creating a Cybercrime Tsunami

This paper reviews the impact of AI and emerging technologies on the future of cybercrime and the necessary strategies to combat it effectively. Society faces a pressing challenge as cybercrime proliferates through AI and emerging technologies. At the same time, law enforcement and regulators struggle to keep it up. Our primary challenge is raising awareness as cybercrime operates within a distinct criminal ecosystem. We explore the hijacking of emerging technologies by criminals (CrimeTech) and their use in illicit activities, along with the tools and processes (InfoSec) to protect against future cybercrime. We also explore the role of AI and emerging technologies (DeepTech) in supporting law enforcement, regulation, and legal services (LawTech)