Leveraging the Use of API Call Traces for Mobile Security

The growing popularity of Android applications has generated increased concerns over the danger of piracy and the spread of malware. A popular way to distribute malware in the mobile world is through the repackaging of legitimate apps. This process consists of downloading, unpacking, manipulating, recompiling an application, and publishing it again in an app store. In this thesis, we conduct an empirical study of over 15,000 apps to gain insights into the factors that drive the spread of repackaged apps. We also examine the motivations of developers who publish repackaged apps and those of users who download them, as well as the factors that determine which apps are chosen for repackaging, and the ways in which the apps are modified during the repackaging process. We have also studied android applications structure to investigate the locations where malicious code are more probable to be embedded into legitimate applications. We observed that service components contain key characteristics that entice attackers to misuse them. Therefore, we have focus on studying the behavior of malicious and benign services. Whereas benign services tend to inform the user of the background operations, malicious services tend to do long running operations and have a loose connection with rest of the code. These findings lead us to propose an approach to detect malware by studying the services’ behavior. To model the services’ behavior, we used API calls as feature sets. We proposed a hybrid approach using static and dynamic analysis to extract the API calls through the service lifecycle. Finally, we used the list of API calls preponderantly present in both malware as well as benign services as the feature set. We applied machine learning algorithms to use the feature set to classify malicious services and benign services

Landscape Mapping of Civil Society Digital Security in West Africa

In today's digital age, organisations are constantly exposed to various digital security threats. For civil society organisations (CSOs) in West Africa, the threat of cyber-attacks and data breaches is a real and growing concern. This study aims to shed light on the digital security challenges facing CSOs in West Africa, and to provide recommendations on how they can better protect themselves against digital security threats. By examining the most common threats, the exposure of CSOs to these threats, their preparedness to respond, and the effectiveness of national and organisational level policies, the study provides an in-depth analysis of the digital security landscape in West Africa

Developing a usable security approach for user awareness against ransomware

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonThe main purpose of the research presented in this thesis is to design and develop a game prototype for improving user awareness against ransomware, which has been reported as the most significant cyber security threat to the United Kingdom by the National Cyber Security Centre. Digital transformation is helping individuals, organisations, governments and Industrial control systems to modernise and improve their effectiveness. At the same time, cyber crimes are evolving and targeting essential services. A successful cyber attack can compromise users’ privacy, bring bad publicity and financial damage to organisations and target national security. A literature review was conducted to understand threats to the cyber social system. Literature in this thesis reports attackers exploit humans as the weakest link to execute successful security breaches. Therefore to address this challenge, a significant gap has been identified as an opportunity to contribute to user awareness of the ransomware cyber security threat. The current thesis proposes RansomAware a novel game prototype to improve user awareness. The game is based on Technology Threat Avoidance Theory (TTAT) model. In this thesis two studies are carried out, study 1 empirically validates the elements of TTAT to be embedded in the RansomAware prototype and reports a significant change in users’ motivation to avoid ransomware cyber security threat 55% and avoidance behaviour 29%, whereas study 2 evaluates game usability and report significant results of SUS average score of 87.58 and statistical results of p < 0.01 indicate user’s satisfaction of the RansomAware. Finally, the research provides guidelines on how the proposed RansomAware game can be adopted by practitioners and individuals to improve their awareness against the ransomware cyber security threat

The establishment of a mobile phone information security culture: linking student awareness and behavioural intent

The information security behaviour of technology users has become an increasingly popular research area as security experts have come to recognise that while securing technology by means of firewalls, passwords and offsite backups is important, such security may be rendered ineffective if the technology users themselves are not information security conscious. The mobile phone has become a necessity for many students but, at the same time, it exposes them to security threats that may result in a loss of information. Students in developing countries are at a disadvantage because they have limited access to information relating to information security threats, unlike their counterparts in more developed societies who can readily access this information from sources like the Internet. The developmental environment is plagued with challenges like access to the Internet or limited access to computers. The poor security behaviour exhibited by student mobile phone users, which was confirmed by the findings of this study, is of particular interest in the university context as most undergraduate students are offered a computer-related course which covers certain information security-related principles. During the restructuring of the South African higher education system, smaller universities and technikons (polytechnics) were merged to form comprehensive universities. Thus, the resultant South African university landscape is made up of traditional and comprehensive universities as well as universities of technology. Ordinarily, one would expect university students to have similar profiles. However in the case of this study, the environment was a unique factor which had a direct impact on students’ learning experiences and learning outcomes. Mbeki (2004) refers to two economies within South Africa the first one is financially sound and globally integrated, and the other found in urban and rural areas consists of unemployed and unemployable people who do not benefit from progress in the first economy. Action research was the methodological approach which was chosen for the purposes of this study to collect the requisite data among a population of university students from the ‘second economy’. The study focuses on the relationship between awareness and behavioural intention in understanding mobile phone user information security behaviour. The study concludes by proposing a behaviour profile forecasting framework based on predefined security behavioural profiles. A key finding of this study is that the security behaviour exhibited by mobile phone users is influenced by a combination of information security awareness and information security behavioural intention, and not just information security awareness

Risk and Regulation of Access to Personal Data on Online Social Networking Services in the UK

This research investigates the relative effectiveness of different modes of regulation of access to personal data on social networking services in the UK. A review of the literature demonstrated that there was a gap in research comparing different regulatory modes applied to online social networking services (SNSs). A model of regulation was developed based on Lessig’s four modes of regulating the internet. Risk to individual users was selected as a way of testing different regulatory approaches, using the premise that risk-based regulation has become a key consideration in European regulation. The regulatory effects were tested using: online surveys, interviews with industry experts, content analysis of privacy policies, and a legislative review. The research data are appended to the main body of the thesis. The research demonstrated the potential of risk as a means of distinguishing between different regulatory modes and concluded that a combination of regulatory approaches was the most effective way of protecting individuals against abuse of personal data on online SNSs. Further research suggested includes: looking at risk from the perspective of companies, and of society; further development of the regulatory model; and country comparisons to discover whether the findings of this study are more generally applicable