RAPID-risk assessment of android permission and application programming interface (API) call for android botnet

Android applications may pose risks to smartphone users. Most of the current security countermeasures for detecting dangerous apps show some weaknesses. In this paper, a risk assessment method is proposed to evaluate the risk level of Android apps in terms of confidentiality (privacy), integrity (financial) and availability (system). The proposed research performs mathematical analysis of an app and returns a single easy to understand evaluation of the app’s risk level (i.e., Very Low, Low, Moderate, High, and Very High). These schemes have been tested on 2488 samples coming from Google Play and Android botnet dataset. The results show a good accuracy in both identifying the botnet apps and in terms of risk leve

A Comparative Study between Machine Learning and Deep Learning Algorithm for Network Intrusion Detection

Network Intrusion Detection is a system that can monitor a network system to avoid malicious activities. One of the methods used for intrusion detection systems is using machine learning. Many pieces of research had proved that machine provides good detection in term of accuracy and performance. However, it can only be used with a smaller dataset other than the features can only be determined using human power. So, deep learning is applied to countermeasure the problem as it can form its own features without using human power other than can be tested with a larger dataset. This study aims to conduct a comparative study for network intrusion detection using machine learning and deep learning algorithm. The dataset that will be tested is CSE-CIC-IDS2018 using Support Vector Machine and Convolutional Neural Network

Classification of Polymorphic Virus Based on Integrated Features

Standard virus classification relies on the use of virus function, which is a small number of bytes written in assembly language. The addressable problem with current malware intrusion detection and prevention system is having difficulties in detecting unknown and multipath polymorphic computer virus solely based on either static or dynamic features. Thus, this paper presents an effective and efficient polymorphic classification technique based on integrated features. The integrated feature is selected based on Information Gain (IG) rank value between static and dynamic features. Then, all datasets are tested on Naïve Bayes and Random Forest classifiers. We extracted 49 features from 700 polymorphic computer virus samples from Netherland Net Lab and VXHeaven, which includes benign and polymorphic virus function. We spilt the dataset based on 60:40 split ratio sizes for training and testing respectively. Our proposed integrated features manage to achieve 98.9% of accuracy value

ABC: android botnet classification using feature selection and classification algorithms

Smartphones have become an important part of human lives, and this led to an increase number of smartphone users. However, this also attracts hackers to develop malicious applications especially Android botnet to steal the private information and causing financial losses. Due to the fast modifications in the technologies used by malicious application (app) developers, there is an urgent need for more advanced techniques for Android botnet detection. In this paper, a new approach for Android botnet classification based on features selection and classification algorithms is proposed. The proposed approach uses the permissions requested in the Android app as features, to differentiate between the Android botnet apps and benign apps. The Information Gain algorithm is used to select the most significant permissions, then the classification algorithms Naïve Bayes, Random Forest and J48 used to classify the Android apps as botnet or benign apps. The experimental results show that Random Forest Algorithm achieved the highest detection accuracy of 94.6% with lowest false positive rate of 0.099

Classification of metamorphic virus using n-grams signatures

Metamorphic virus has a capability to change, translate, and rewrite its own code once infected the system to bypass detection. The computer system then can be seriously damage by this undetected metamorphic virus. Due to this, it is very vital to design a metamorphic virus classification model that can detect this virus. This paper focused on detection of metamorphic virus using Term Frequency Inverse Document Frequency (TF-IDF) technique. This research was conducted using Second Generation virus dataset. The first step is the classification model to cluster the metamorphic virus using TF-IDF technique. Then, the virus cluster is evaluated using Naïve Bayes algorithm in terms of accuracy using performance metric. The types of virus classes and features are extracted from bi-gram assembly language. The result shows that the proposed model was able to classify metamorphic virus using TF-IDF with optimal number of virus class with average accuracy of 94.2%

Network monitoring system to detect unauthorized connection

The Network Monitoring System to Detect Unauthorized Connection is a network analytic tool that use to review local area network usage. The main purpose of the application is monitoring the internet protocol traffic between local area network and Internet. In addition, this system aimed to detect unauthorized Internet Protocol addresses that are inside the network range. It also can prevent network intruders from Local Area Network connection (LAN). It is a computerized system that complete with element of confidentiality, integrity and availability. The system was built using waterfall methodology that begins with system analysis, design, implementation, testing, installation and maintenance. The system is using Visual Studio 2013 with SQL Server as server operations. There are ten modules in this system which are user main page, register admin module, register staff module, login admin module, login staff module, admin menu module, staff menu module, scan view module, status view module and report module. There are about 30 respondents who agreed and satisfied with the system. As a result, this system was successfully built to detect and block the unauthorized access in the network

Classification of polymorphic virus based on integrated features

Standard virus classification relies on the use of virus function, which is a small number of bytes written in assembly language. The addressable problem with current malware intrusion detection and prevention system is having difficulties in detecting unknown and multipath polymorphic computer virus solely based on either static or dynamic features. Thus, this paper presents a classification of polymorphic virus based on integrated features. The integrated feature is selected based on Information Gain rank value between static and dynamic features. Then, all datasets are tested on Naïve Bayes and Random Forest classifiers. We extracted 49 features from 700 polymorphic computer virus samples from Netherland Net Lab and VXHeaven, which includes benign and polymorphic virus function. We spilt the dataset based on 60% for training and 40% for testing. The performance metric of accuracy value, receiver operating characteristic and mean absolute error are compared between two algorithms in the experiment of static, dynamic and integrated features. Our proposed integrated features manage to achieve 98.5% of accuracy value using highest rank feature selection

Verification of Ph.D. Certificate using QR Code on Blockchain Ethereum

One of the major challenges the university faces is to provide real-time verification of their student's degree certification upon request by other parties. Conventional verification systems are typically costly, time-consuming and bureaucratic against certificate credential misconduct. In addition, the forgery of graduation degree certificates has become more efficient due to easy-to-use scanning, editing, and printing technologies. Therefore, this research proposes verifying Ph.D. certificates using QR codes on the Ethereum blockchain to address certificate verification challenges. Blockchain technology ensures tamper-proof and decentralized management of degree certificates as the certificates stored on the blockchain are replicated across the network. The issuance of certificates requires the use of the issuer's private key, thus preventing forgery. The system was developed using Solidity for the smart contract, PHP, HTML/CSS for the web-based implementation, and MetaMask for blockchain integration. User testing confirmed the successful implementation and functionality of the system. Users can add, update, and delete certificates, generate and scan QR codes, and receive instant verification feedback. The verification system effectively meets all requirements, providing a robust solution for validating Ph.D. certificates. Future research may focus on scalability and adoption, privacy and data protection, user experience, and integration with existing systems. Other researchers can optimize the verification system for widespread adoption and utilization by exploring these areas. This research contributes to securing and efficiently verifying academic certificates using QR codes on the Ethereum blockchain. Ultimately, this work advances the field of certificate verification and promotes trust in academic credentials