A new model for worm detection and response. Development and evaluation of a new model based on knowledge discovery and data mining techniques to detect and respond to worm infection by integrating incident response, security metrics and apoptosis.

Worms have been improved and a range of sophisticated techniques have been integrated, which make the detection and response processes much harder and longer than in the past. Therefore, in this thesis, a STAKCERT (Starter Kit for Computer Emergency Response Team) model is built to detect worms attack in order to respond to worms more efficiently. The novelty and the strengths of the STAKCERT model lies in the method implemented which consists of STAKCERT KDD processes and the development of STAKCERT worm classification, STAKCERT relational model and STAKCERT worm apoptosis algorithm. The new concept introduced in this model which is named apoptosis, is borrowed from the human immunology system has been mapped in terms of a security perspective. Furthermore, the encouraging results achieved by this research are validated by applying the security metrics for assigning the weight and severity values to trigger the apoptosis. In order to optimise the performance result, the standard operating procedures (SOP) for worm incident response which involve static and dynamic analyses, the knowledge discovery techniques (KDD) in modeling the STAKCERT model and the data mining algorithms were used. This STAKCERT model has produced encouraging results and outperformed comparative existing work for worm detection. It produces an overall accuracy rate of 98.75% with 0.2% for false positive rate and 1.45% is false negative rate. Worm response has resulted in an accuracy rate of 98.08% which later can be used by other researchers as a comparison with their works in future.Ministry of Higher Education, Malaysia and Universiti Sains Islam Malaysia (USIM

RAPID-risk assessment of android permission and application programming interface (API) call for android botnet

Android applications may pose risks to smartphone users. Most of the current security countermeasures for detecting dangerous apps show some weaknesses. In this paper, a risk assessment method is proposed to evaluate the risk level of Android apps in terms of confidentiality (privacy), integrity (financial) and availability (system). The proposed research performs mathematical analysis of an app and returns a single easy to understand evaluation of the app’s risk level (i.e., Very Low, Low, Moderate, High, and Very High). These schemes have been tested on 2488 samples coming from Google Play and Android botnet dataset. The results show a good accuracy in both identifying the botnet apps and in terms of risk leve

USIM’s Smart University Blueprint: Advances and Challenges

COVID-19 and the movement control order (MCO) implemented in 2020 and 2021, have had a major impact on Universiti Sains Islam Malaysia (USIM) in all directions. To mitigate these problems, USIM’s top management has taken several initiatives to ensure the operation of the University is upheld to its most so that the student continue their study without any delay or obstruction. By incorporating the United Nations’ Sustainable Development Goals (SDGs) on Goal 4 (focused on inclusive and equitable quality education) and with the underlying concept of data-driven and student-centric, this paper presents Smart University Blueprint (Al-Jamiah Al-Mubarakah). It has 5 clusters and 13 initiatives for digital transformation to support inclusive and equitable quality education. The 5 clusters consist of smart governance, smart lifestyle, smart infrastructure, smart learning, and smart services. This smart blueprint is based on 7 principles from USIM’s ICT Strategic Plan (ISP) 2021-2025, which emphasized and are based on the Islamic Laws concept (Maqasid Syariah), Industrial Revolution, Student-Centric, Data-Driven, Open Source, Agile and Mobility, and Prosumers. This paper presents how the blueprint has helped to accelerate stakeholders’ understanding and cooperation in achieving SDGs in higher education during and beyond the pandemic

An Efficient Control of Virus Propagation

There are very few studies done in dealing with computer viruses in Malaysia. By realizing that, this research paper is done in managing of virus problem among ICT users in Malaysia. Firstly, this research is establishing the existence of the problem through a questionnaire survey, which was carried out specifically at Klang Valley and Putrajaya in Malaysia. Then a study was made on classifying virus, studying their symptoms and behaviour with the aim of controlling its propagation by studying their known features. The ECOVP (Efficient Control of Virus Propagation) system that was developed is capable of educating users in handling computer virus incidents and at the same time helps to control computer virus propagation

ABC: android botnet classification using feature selection and classification algorithms

Smartphones have become an important part of human lives, and this led to an increase number of smartphone users. However, this also attracts hackers to develop malicious applications especially Android botnet to steal the private information and causing financial losses. Due to the fast modifications in the technologies used by malicious application (app) developers, there is an urgent need for more advanced techniques for Android botnet detection. In this paper, a new approach for Android botnet classification based on features selection and classification algorithms is proposed. The proposed approach uses the permissions requested in the Android app as features, to differentiate between the Android botnet apps and benign apps. The Information Gain algorithm is used to select the most significant permissions, then the classification algorithms Naïve Bayes, Random Forest and J48 used to classify the Android apps as botnet or benign apps. The experimental results show that Random Forest Algorithm achieved the highest detection accuracy of 94.6% with lowest false positive rate of 0.099

A SYSTEMATIC ANALYSIS ON WORM DETECTION IN CLOUD BASED SYSTEMS

ABSTRACT An innovative breakthrough in computer science is cloud computing and involves several computers which are connected via the Internet or it is dispersed over a network. A large database, services, applications, software and resources are an integral part of this technology. It has the capability to operate a program or applications on numerous connected computers simultaneously and permits the users to enter applications and resources through a web browser or web service via the Internet anytime and anywhere. Current susceptibility in elementary technologies gravitates to expose doors for intrusions. Cloud computing offers enormous advantages such as cost reduction, dynamic virtualized resources, significant data storage and enhanced productivity. At the same time, numerous risks occur regarding security and intrusions, for example, worm can intercept cloud computing services, impair service, application or virtual in the cloud formation. Worm attacks are now more complex and resourceful making intruders more difficult to detect than previously. The motivation of this research is founded on ramifications presented by the worms. This paper presents different intrusion detection systems affecting cloud resources and service. Moreover, this paper illustrates how genetic algorithm can be integrated in detecting worm attacks in cloud computing more efficiently

Computer security factors effects towards online usage of internet banking system

Given an apparent lack of coherence and a paucity of computer system field of studies, research imitates and demonstrates non consensus in how computer security fits into the satisfaction, success, usage, efficiency, and effectiveness of computer system field. This study is a part of research aims to extend the Technology to Performance Chain model by including and examining the Computer Security Self-Efficacy construct, as recommend by several computer system field researchers. This paper used the statistical technique structural equation modeling and the partial least squares regression for estimating causal relations between computer security self-efficacy and internet banking usage. Outcomes confirm that confidentiality and availability effects computer security self-efficacy while in turn computer security self-efficacy impacts on usage. Computer security self-efficacy also partially mediates the impact of confidentiality, integrity, and availability on usage

State of the Art Intrusion Detection System for Cloud Computing

The term Cloud computing is not new anymore in computing technology. This form of computing technology previously considered only as marketing term, but today Cloud computing not only provides innovative improvements in resource utilisation but it also creates a new opportunities in data protection mechanisms where the advancement of intrusion detection technologies  are blooming rapidly. From the perspective of security, Cloud computing also introduces concerns about data protection and intrusion detection mechanism. This paper surveys, explores and informs researchers about the latest developed Cloud Intrusion Detection Systems by providing a comprehensive taxonomy and investigating possible solutions to detect intrusions in cloud computing systems. As a result, we provide a comprehensive review of Cloud Intrusion Detection System research, while highlighting the specific properties of Cloud Intrusion Detection System. We also present taxonomy on the key issues in Cloud Intrusion Detection System area and discuss the different approaches taken to solve the issues. We conclude the paper with a critical analysis of challenges that have not fully solved

STAKCERT Framework in Eradicating Worms Attack

Abstrac

Perception of Drone Application and Practicality among Environmental, Health and Safety Practitioners at Building Construction Sites in Malaysia

Safety management in the construction sector is still lagging in terms of technological involvement. A new drone application was proposed as a new inspection tool for a small-scale aerial drone that will give advantages to Environmental, Health and Safety (EHS) practitioners on the construction site. A fundamental research was conducted to study the Perception of Drone Application and Practicality among Environmental, Health and Safety Practitioners at Building Construction Sites in Malaysia. A self-administered questionnaire was distributed to safety practitioners in Malaysia through an online survey using Google form. The relationship between the attitudes of the users towards the drone and the practicality of the drone was analysed using a multivariate statistical method known as Multi Linear Regression (MLR). From the result, the respondents show significant positive attitude towards the practicality of the drone system for the inspection of safety, security, fire, and environmental monitoring (R 2 =0.76; p-value=0.01). There is generally a significantly good attitude of future users towards drone usage in the construction industry and the respondents show a good expectation and this is also supported by previous studies