Detection of Phishing Websites using Generative Adversarial Network

Phishing is typically deployed as an attack vector in the initial stages of a hacking endeavour. Due to it low-risk rightreward nature it has seen a widespread adoption, and detecting it has become a challenge in recent times. This paper proposes a novel means of detecting phishing websites using a Generative Adversarial Network. Taking into account the internal structure and external metadata of a website, the proposed approach uses a generator network which generates both legitimate as well as synthetic phishing features to train a discriminator network. The latter then determines if the features are either normal or phishing websites, before improving its detection accuracy based on the classification error. The proposed approach is evaluated using two different phishing datasets and is found to achieve a detection accuracy of up to 94%

PROTECT: container process isolation using system call interception

Virtualization is the underpinning technology enabling cloud computing service provisioning, and container-based virtualization provides an efficient sharing of the underlying host kernel libraries amongst multiple guests. While there has been research on protecting the host against compromise by malicious guests, research on protecting the guests against a compromised host is limited. In this paper, we present an access control solution which prevents the host from gaining access into the guest containers and their data. Using system call interception together with the built-in AppArmor mandatory access control (MAC) approach the solution protects guest containers from a malicious host attempting to compromise the integrity of data stored therein. Evaluation of results have shown that it can effectively prevent hostile access from host to guest containers while ensuring minimal performance overhead

Detection of Phishing Websites using Generative Adversarial Network

Phishing is typically deployed as an attack vector in the initial stages of a hacking endeavour. Due to it low-risk rightreward nature it has seen a widespread adoption, and detecting it has become a challenge in recent times. This paper proposes a novel means of detecting phishing websites using a Generative Adversarial Network. Taking into account the internal structure and external metadata of a website, the proposed approach uses a generator network which generates both legitimate as well as synthetic phishing features to train a discriminator network. The latter then determines if the features are either normal or phishing websites, before improving its detection accuracy based on the classification error. The proposed approach is evaluated using two different phishing datasets and is found to achieve a detection accuracy of up to 94%

Model predictive control for HVAC system

Heating Ventilating and Air Conditioning is a process of treating the indoor air as desired ( and/or required ) quality. Generally, temperature and humidity ratio of indoor air are controlled as required. HVAC system also makes circulating of indoor air for good ventilating and refreshment of indoor air by mixing circulating indoor air with certain amounts of outdoor air. Today, HVAC systems are widely used all over the world. Depends upon the climate of the region, HVAC systems are used as required such as the purpose for heat or cool, to humidify or dehumidify, etc. As a consequence of HVAC systems become more important in modern life style (residential, commercial and industrial), energy usage for HVAC systems also rises year by year. On the other hand, although advancements made in computer technology and development of new control methodologies, the controllers widely used for HVAC systems are still lack to provide satisfactory performance in energy usage, ability to regulate the predetermined setpoints, etc.Master of Science (Computer Control and Automation

Big data based security analytics for protecting virtualized infrastructures in cloud computing

Virtualized infrastructure in cloud computing has become an attractive target for cyberattackers to launch advanced attacks. This paper proposes a novel big data based security analytics approach to detecting advanced attacks in virtualized infrastructures. Network logs as well as user application logs collected periodically from the guest virtual machines (VMs) are stored in the Hadoop Distributed File System (HDFS). Then, extraction of attack features is performed through graph-based event correlation and MapReduce parser based identification of potential attack paths. Next, determination of attack presence is performed through two-step machine learning, namely logistic regression is applied to calculate attack's conditional probabilities with respect to the attributes, and belief propagation is applied to calculate the belief in existence of an attack based on them. Experiments are conducted to evaluate the proposed approach using well-known malware as well as in comparison with existing security techniques for virtualized infrastructure. The results show that our proposed approach is effective in detecting attacks with minimal performance overhead

Detection of malware and kernel-level rootkits in cloud computing environments

Cyberattacks targeted at virtualization infrastructure underlying cloud computing services has become increasingly sophisticated. This paper presents a novel malware and rookit detection system which protects the guests against different attacks. It combines system call monitoring and system call hashing on the guest kernel together with Support Vector Machines (SVM)-based external monitoring on the host. We demonstrate the effectiveness of our solution by evaluating it against well-known user-level malware as well as kernel-level rootkit attacks

Virtualization security combining mandatory access control and virtual machine introspection

Virtualization has become a target for attacks in cloud computing environments. Existing approaches to protecting the virtualization environment against the attacks are limited in protection scope and are with high overheads. This paper proposes a novel virtualization security solution which aims to provide comprehensive protection of the virtualization environment

Sample Reduction for Physiological Data Analysis Using Principal Component Analysis in Artificial Neural Network

With its potential, extensive data analysis is a vital part of biomedical applications and of medical practitioner interpretations, as data analysis ensures the integrity of multidimensional datasets and improves classification accuracy; however, with machine learning, the integrity of the sources is compromised when the acquired data pose a significant threat in diagnosing and analysing such information, such as by including noisy and biased samples in the multidimensional datasets. Removing noisy samples in dirty datasets is integral to and crucial in biomedical applications, such as the classification and prediction problems using artificial neural networks (ANNs) in the body’s physiological signal analysis. In this study, we developed a methodology to identify and remove noisy data from a dataset before addressing the classification problem of an artificial neural network (ANN) by proposing the use of the principal component analysis–sample reduction process (PCA–SRP) to improve its performance as a datacleaning agent. We first discuss the theoretical background to this data-cleansing methodology in the classification problem of an artificial neural network (ANN). Then, we discuss how the PCA is used in data-cleansing techniques through a sample reduction process (SRP) using various publicly available biomedical datasets with different samples and feature sizes. Lastly, the cleaned datasets were tested through the following: PCA–SRP in ANN accuracy comparison testing, sensitivity vs. specificity testing, receiver operating characteristic (ROC) curve testing, and accuracy vs. additional random sample testing. The results show a significant improvement in the classification of ANNs using the developed methodology and suggested a recommended range of selectivity (Sc) factors for typical cleaning and ANN applications. Our approach successfully cleaned the noisy biomedical multidimensional datasets and yielded up to an 8% increase in accuracy with the aid of the Python language

Virtual machine introspection

Due to exposure to the Internet, virtual machines (VMs) as forms of delivering virtualized infrastructures and resources represent a first point-of-target for security attackers who want to gain access into the virtualization environment. In-VM monitoring approach can be compromised in the event of a successful VM compromise. Virtual Machine Introspection (VMI) takes a different approach of monitoring the guest VMs externally. This paper presents a review on VMI focusing on the typical usages of integrating VMI with other virtualization security techniques