DroidDetectMW: A Hybrid Intelligent Model for Android Malware Detection

Malicious apps specifically aimed at the Android platform have increased in tandem with the proliferation of mobile devices. Malware is now so carefully written that it is difficult to detect. Due to the exponential growth in malware, manual methods of malware are increasingly ineffective. Although prior writers have proposed numerous high-quality approaches, static and dynamic assessments inherently necessitate intricate procedures. The obfuscation methods used by modern malware are incredibly complex and clever. As a result, it cannot be detected using only static malware analysis. As a result, this work presents a hybrid analysis approach, partially tailored for multiple-feature data, for identifying Android malware and classifying malware families to improve Android malware detection and classification. This paper offers a hybrid method that combines static and dynamic malware analysis to give a full view of the threat. Three distinct phases make up the framework proposed in this research. Normalization and feature extraction procedures are used in the first phase of pre-processing. Both static and dynamic features undergo feature selection in the second phase. Two feature selection strategies are proposed to choose the best subset of features to use for both static and dynamic features. The third phase involves applying a newly proposed detection model to classify android apps; this model uses a neural network optimized with an improved version of HHO. Application of binary and multi-class classification is used, with binary classification for benign and malware apps and multi-class classification for detecting malware categories and families. By utilizing the features gleaned from static and dynamic malware analysis, several machine-learning methods are used for malware classification. According to the results of the experiments, the hybrid approach improves the accuracy of detection and classification of Android malware compared to the scenario when considering static and dynamic information separately

Explainable Artificial Intelligence to Detect Image Spam Using Convolutional Neural Network

Image spam threat detection has continually been a popular area of research with the internet\u27s phenomenal expansion. This research presents an explainable framework for detecting spam images using Convolutional N eural Network (CNN) algorithms and Explainable Artificial Intelligence (XAI) algorithms. In this work, we use CNN model to classify image spam respectively whereas the post-hoc XAI methods including Local Interpretable Model Agnostic Explanation (LIME) and Shapley Additive Explanations (SHAP) were deployed to provide explanations for the decisions that the black-box CNN models made about spam image detection. We train and then evaluate the performance of the proposed approach on a 6636 image dataset including spam images and normal images collected from three different publicly available email corpora. The experimental results show that the proposed framework achieved satisfactory detection results in terms of different performance metrics whereas the model-independent XAI algorithms could provide explanations for the decisions of different models which could be utilized for comparison for the future study

Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research

This survey presents a comprehensive review of current literature on Explainable Artificial Intelligence (XAI) methods for cyber security applications. Due to the rapid development of Internet-connected systems and Artificial Intelligence in recent years, Artificial Intelligence including Machine Learning and Deep Learning has been widely utilized in the fields of cyber security including intrusion detection, malware detection, and spam filtering. However, although Artificial Intelligence-based approaches for the detection and defense of cyber attacks and threats are more advanced and efficient compared to the conventional signature-based and rule-based cyber security strategies, most Machine Learning-based techniques and Deep Learning-based techniques are deployed in the “black-box” manner, meaning that security experts and customers are unable to explain how such procedures reach particular conclusions. The deficiencies of transparencies and interpretability of existing Artificial Intelligence techniques would decrease human users’ confidence in the models utilized for the defense against cyber attacks, especially in current situations where cyber attacks become increasingly diverse and complicated. Therefore, it is essential to apply XAI in the establishment of cyber security models to create more explainable models while maintaining high accuracy and allowing human users to comprehend, trust, and manage the next generation of cyber defense mechanisms. Although there are papers reviewing Artificial Intelligence applications in cyber security areas and the vast literature on applying XAI in many fields including healthcare, financial services, and criminal justice, the surprising fact is that there are currently no survey research articles that concentrate on XAI applications in cyber security. Therefore, the motivation behind the survey is to bridge the research gap by presenting a detailed and up-to-date survey of XAI approaches applicable to issues in the cyber security field. Our work is the first to propose a clear roadmap for navigating the XAI literature in the context of applications in cyber security

Explainable Artificial Intelligence to Detect Image Spam Using Convolutional Neural Network

Image spam threat detection has continually been a popular area of research with the internet's phenomenal expansion. This research presents an explainable framework for detecting spam images using Convolutional Neural Network(CNN) algorithms and Explainable Artificial Intelligence (XAI) algorithms. In this work, we use CNN model to classify image spam respectively whereas the post-hoc XAI methods including Local Interpretable Model Agnostic Explanation (LIME) and Shapley Additive Explanations (SHAP) were deployed to provide explanations for the decisions that the black-box CNN models made about spam image detection. We train and then evaluate the performance of the proposed approach on a 6636 image dataset including spam images and normal images collected from three different publicly available email corpora. The experimental results show that the proposed framework achieved satisfactory detection results in terms of different performance metrics whereas the model-independent XAI algorithms could provide explanations for the decisions of different models which could be utilized for comparison for the future study.Comment: Under review by International Conference on Cyber Resilience (ICCR), Dubai 202

A Late Multi-Modal Fusion Model for Detecting Hybrid Spam E-mail

In recent years, spammers are now trying to obfuscate their intents by introducing hybrid spam e-mail combining both image and text parts, which is more challenging to detect in comparison to e-mails containing text or image only. The motivation behind this research is to design an effective approach filtering out hybrid spam e-mails to avoid situations where traditional text-based or image-baesd only filters fail to detect hybrid spam e-mails. To the best of our knowledge, a few studies have been conducted with the goal of detecting hybrid spam e-mails. Ordinarily, Optical Character Recognition (OCR) technology is used to eliminate the image parts of spam by transforming images into text. However, the research questions are that although OCR scanning is a very successful technique in processing text-and-image hybrid spam, it is not an effective solution for dealing with huge quantities due to the CPU power required and the execution time it takes to scan e-mail files. And the OCR techniques are not always reliable in the transformation processes. To address such problems, we propose new late multi-modal fusion training frameworks for a text-and-image hybrid spam e-mail filtering system compared to the classical early fusion detection frameworks based on the OCR method. Convolutional Neural Network (CNN) and Continuous Bag of Words were implemented to extract features from image and text parts of hybrid spam respectively, whereas generated features were fed to sigmoid layer and Machine Learning based classifiers including Random Forest (RF), Decision Tree (DT), Naive Bayes (NB) and Support Vector Machine (SVM) to determine the e-mail ham or spam.Comment: Accepted by 2023 the 2nd International Conference on Mechatronics and Electrical Engineering (MEEE 2023

Design and Fabrication a W-Shape Form Dual-Band Flexible Antenna For Biomedical Applications

This study suggests a dual band flexible antenna for use at 900 and 2450 MHz. With a footprint of 0.23 o, 0.120 o, and 0.0007 o, where o is the lowest resonance wavelength, the antenna is relatively tiny. The antenna is built from a straightforward geometrical structure consisting of a W-shaped serpentine structure supplied by a microstrip line and a partial ground plane utilizing the Defected Ground Structure (DGS) technology in order to achieve wide operational bandwidth. In order to boost resonance, an additional capacitor was inserted between the slots, creating a portable dual-band antenna. Several performance metrics\u27 findings and the ones that had been measured were compared. The antenna\u27s potential for rigid and flexible electronics is increased by its good size, bandwidth, gain, and radiation pattern

Design and implementation of 2.6 GHz Phase shift using microstrip technology for mobile broadband application

This paper evolves transmission line phase shifting to optimize system cost. The design of a 1 x 2 microstrip (patch) array antenna which has an operating frequency of 2.6 GHz. Substrate FR4 dielectric with dielectric constant of 4.4 and thickness of 1.6 mm is utilized in array design. The study is performed in four steps: Firstly, through simulating radiation pattern on CST by altering two independent parameters; Spacing between patches and differential length of transmission line from source to each patch antenna. Secondly, a fabrication has been done on a sample deferential length to two ports that simulating two microstrip (patch) antennas array. Thirdly, testing of radiation fields has been performed to verify the correlation between actual records and the simulated designed antenna phase shifting. Fourth and finally, A comparison of results has been included between this paper results and previous works in sake of showing the introduced effort added value

Design and Analysis of Circular Polarized Two-Port MIMO Antennas with Various Antenna Element Orientations

This article presents the circularly polarized antenna operating over 28 GHz mm-wave applications. The suggested antenna has compact size, simple geometry, wideband, high gain, and offers circular polarization. Afterward, two-port MIMO antenna are designed to get Left Hand Circular Polarization (LHCP) and Right-Hand Circular Polarization (RHCP). Four different cases are adopted to construct two-port MIMO antenna of suggested antenna. In case 1, both of the elements are placed parallel to each other; in the second case, the element is parallel but the radiating patch of second antenna element are rotated by 180°. In the third case, the second antenna element is placed orthogonally to the first antenna element. In the final case, the antenna is parallel but placed in the opposite end of substrate material. The S-parameters, axial ratio bandwidth (ARBW) gain, and radiation efficiency are studied and compared in all these cases. The two MIMO systems of all cases are designed by using Roger RT/Duroid 6002 with thickness of 0.79 mm. The overall size of two-port MIMO antennas is 20.5 mm × 12 mm × 0.79 mm. The MIMO configuration of the suggested CP antenna offers wideband, low mutual coupling, wide ARBW, high gain, and high radiation efficiency. The hardware prototype of all cases is fabricated to verify the predicated results. Moreover, the comparison of suggested two-port MIMO antenna is also performed with already published work, which show the quality of suggested work in terms of various performance parameters over them

Lightweight Security Protocol for ECG Bio-Sensors

Securing biomedical information is a critical issue in wireless body sensor networks (WBSNs). However, since sensors used in a WBSN tend to have limited processing capabilities and energy sources, minimizing the overhead imposed by security protocol is a challenging problem. This paper proposes a scheme that uses the electrocardiogram (ECG) features to provide a lightweight protocol that can be used to provide several security properties for biomedical sensors, in particular, those that have the ability to capture ECG waveforms. The security of the proposed scheme relies on the operation of the Pan Tompkins algorithm where certain information is extracted from ECG that cannot be reversed back. The implementation is based on the IEEE 802.15.4 standard, which specifies the physical layer for low-rate wireless personal area network. As a result, the proposed security protocol utilizes the effectiveness of several security techniques, such as nonce and hash at the biosensor side by relying on the characteristics of ECG. This reduces the overhead caused by providing security layer to the operation of the sensor. Formal analysis methods were used to demonstrate the suitability of the proposed protocol for WBSNs and prove its security

A Proposed Artificial Intelligence Model for Android-Malware Detection

There are a variety of reasons why smartphones have grown so pervasive in our daily lives. While their benefits are undeniable, Android users must be vigilant against malicious apps. The goal of this study was to develop a broad framework for detecting Android malware using multiple deep learning classifiers; this framework was given the name DroidMDetection. To provide precise, dynamic, Android malware detection and clustering of different families of malware, the framework makes use of unique methodologies built based on deep learning and natural language processing (NLP) techniques. When compared to other similar works, DroidMDetection (1) uses API calls and intents in addition to the common permissions to accomplish broad malware analysis, (2) uses digests of features in which a deep auto-encoder generates to cluster the detected malware samples into malware family groups, and (3) benefits from both methods of feature extraction and selection. Numerous reference datasets were used to conduct in-depth analyses of the framework. DroidMDetection’s detection rate was high, and the created clusters were relatively consistent, no matter the evaluation parameters. DroidMDetection surpasses state-of-the-art solutions MaMaDroid, DroidMalwareDetector, MalDozer, and DroidAPIMiner across all metrics we used to measure their effectiveness