Network Security Management Audit at UUM Computer Centre

An organization needs to evaluate its network security in order to measure accountability, confidentiality, integrity, authority and also its authenticity. The method that is commonly used for this purpose is by conducting an audit. Using the auditing method, this research attempts to evaluate the network security at the UUM Computer Centre. The purpose of this paper is to identify the network security deficiencies at UUM Computer Centre. Results from the network security audit will then be used to recommend solution to improve those loopholes. The selected audit method is based on the Information Protection and Security Division of University Computing Services (IP & SD UCS), from The State University of New Jersey

Review on IoT Security and Challenge in Industry 4.0

Wireless networks are very exposed to the danger of security. The majority of in military, commercial, health, retail, and transportation wireless communication network is used. These systems utilize networks that are wired, mobile, or adhoc. The Internet of Things (IoT) was quite attractive. The future of the Internet is regarded by IoT. In the future, IoT plays an important part and affects our way of life, norms, and business methods. IoT use is predicted to expand quickly in the next years in many applications. The IoT provides for the connection and information sharing of billions of equipment, people, and services. As IoT devices are being used more widely, several security threats are occurring in the IoT networks. In order to provide privacy, authentication, access, and integrity control, it is crucial to implement efficient protocols for the security of IoT networks and privacy among others. In addition, user privacy in the IoT environment is becoming critical since much personal information is provided and distributed among related items. It is, therefore, necessary to guarantee that personal data are protected and controlled from cloud events. The presentation addresses security and privacy dangers and concerns coming out of IoT services and presents ways to the industrial problem of security and privacy. In this article, a study on security and problems in IoT networks are discussed

A Review Paper on Botnet and Botnet Detection Techniques in Cloud Computing

Recently, botnets are the most radical of all cyberattacks and becoming the key issue in cloud computing. Botnets are the network of different compromised computers and/or smartphones. These devices are infected with malicious code by botmaster and controlled as groups. The attackers use these botnets for criminal activities such as DDoS, click fraud, phishing, spamming, sniffing traffic and spreading new malware. The main issue is how to detect these botnets? It becomes more interesting for the researchers related to cyber-security? This motivates us to write a review on botnets, its architecture and detection techniques

Understanding the Root of Attack in Android Malware

With the rapid technology of mobile device and fast development of Android versions, Android malware has emerged and become a focus in current research. Security and privacy became the main issues in android malware. Therefore, it is essential to understand the behavior of Android malware in order to conceive an effective technique in malware detection and analysis. This article presents a comprehensive study regarding Android platform, its feature in android malware code and also discusses the result from previous study in order to support forward-looking in Android study

From Intrusion Detection to an Intrusion Response System: Fundamentals, Requirements, and Future Directions

In the past few decades, the rise in attacks on communication devices in networks has resulted in a reduction of network functionality, throughput, and performance. To detect and mitigate these network attacks, researchers, academicians, and practitioners developed Intrusion Detection Systems (IDSs) with automatic response systems. The response system is considered an important component of IDS, since without a timely response IDSs may not function properly in countering various attacks, especially on a real-time basis. To respond appropriately, IDSs should select the optimal response option according to the type of network attack. This research study provides a complete survey of IDSs and Intrusion Response Systems (IRSs) on the basis of our in-depth understanding of the response option for different types of network attacks. Knowledge of the path from IDS to IRS can assist network administrators and network staffs in understanding how to tackle different attacks with state-of-the-art technologies

Maldroid- attribute selection analysis for malware classification

Android is the most dominant operating system in the mobile market and the number of Android users is increasing year by year. Malware authors use android market as a hub for malicious apps and spread malware to users with the intention to threaten privacy; and this has remained undetected due to the weakness in signature-based detection. A major problem with malware detection is the existence of numerous features in malware code and the need to look at the relevant features in malware analysis. As a result, applying any security solution in malware analysis is considered inefficient because mobile devices have limited resources in terms of its memory, processor and storage. Hence, the objective of this paper is to find the most effective and efficient attribute selection and classification algorithm in malware detection. Moreover, in order to get the best combination between attribute selection and classification algorithm, eight attributes selection and seven categories machine learning algorithm are applied in this study. The experiment evaluated 8000 real data samples and the result showed that InfoGainEval and KNN algorithm are the most selected in attribute selection and classification process

Efficient feature selection analysis for accuracy malware classification

Android is designed for mobile devices and its open-source software. The growth and popularity of android platform are high compared to another platform. Due to its glory, the number of malware has been increasing exponentially. Android system used a permission mechanism to allow users and developers to manage their access to private information, system resources, and data storage required by Android applications (apps). It became an advantage to an attacker to violent the data. This paper proposes a novel framework for Android malware detection. Our framework used three major methods for effective feature representation on malware detection and used this method to classify malware and benign. The result demonstrates that the Random forest is with 23 features is more accurate detection than the other machine learning algorithm

Malware detection issues, future trends and challenges: a survey

This paper focuses on the challenges and issues of detecting malware in to-day's world where cyberattacks continue to grow in number and complexity. The paper reviews current trends and technologies in malware detection and the limitations of existing detection methods such as signature-based detection and heuristic analysis. The emergence of new types of malware, such as file-less malware, is also discussed, along with the need for real-time detection and response. The research methodology used in this paper is presented, which includes a literature review of recent papers on the topic, keyword searches, and analysis and representation methods used in each study. In this paper, the authors aim to address the key issues and challenges in detecting malware today, the current trends and technologies in malware detection, and the limitations of existing methods. They also explore emerging threats and trends in malware attacks and highlight future directions for research and development in the field. To achieve this, the authors use a research methodology that involves a literature review of recent papers related to the topic. They focus on detecting and analyzing methods, as well as representation and extraction methods used in each study. Finally, they classify the literature re-view, and through reading and criticism, highlight future trends and problems in the field of malware detection

New formula to calculate the number of designs in RADG cryptosystem

Reaction automata direct graph (RADG) is a new technique that uses the automata direct graph method to represent a certain design for encryption and decryption. Jump states are available in the RADG design that enables the encipher to generate different ciphertexts each time from the same plaintext and wherein not a single ciphertext is related to a certain plaintext. This study created a matrix representation for RADG designs that allows the calculation of the number of cases (FQFQ)mathematically possible for any design of the set QQ. FQFQ is an important part of the function F(n,m,λ)F(n,m,λ) that calculates the total number of cases of a certain design for the values Q,R,∑,ψ,JQ,R,∑,ψ,J and TT. This paper produces a mathematical equation to calculate FQFQ

Hermes ransomware v2.1 action monitoring using next generation security operation center (NGSOC) complex correlation rules

A new malware is identified every fewer than five seconds in today's threat environment, which is changing at a rapid speed. As part of cybercrime, there is a lot of malware activity that can infect the system and make it problematic. Cybercrime is a rapidly growing field, allowing cyber thieves to engage in a wide range of damaging activities. Hacking, scams, child pornography, and identity theft are all examples of cybercrime. Cybercrime victims might be single entities or groups of persons who are being targeted for harm. Cybercrime and malware become more hazardous and damaging because of these factors. Subsequent to these factors, there is a need to construct Next Generation Security Operation Centers (NGSOCs). SOC consists of human resources, processes, and technology designed to deal with security events derived from the Security Incident Event Management (SIEM) log analysis. This research examines how Next Generation Security Operation Centers (NGSOCs) respond to malicious activity. This study develops a use case to detect the latest Hermes Ransomware v2.1 malware using complex correlation rules for the SIEM anomalies engine. This study aims to analyze and detect Hermes Ransomware v2.1. As a result, NGSOC distinguishes malware activities' initial stages by halting traffic attempts to download malware. By forwarding logs to SIEM, the use case can support Threat Analyst in finding other Indicators of Compromise (IOC) to assist organizations in developing a systematic and more preemptive approach for ransomware detection