Search results for: android malware detection

Authors: Doaa Wael, Naswa Abdelbaky

Abstract:

Malware is malicious software that is built to cause destructive actions and damage information systems and networks. Malware infections increase rapidly, and types of malware have become more sophisticated, which makes the malware detection process more difficult. On the other side, the Internet of Things IoT technology is vulnerable to malware attacks. These IoT devices are always connected to the internet and lack security. This makes them easy for hackers to access. These malware attacks are becoming the go-to attack for hackers. Thus, in order to deal with this challenge, new malware detection techniques are needed. Currently, building a blockchain solution that allows IoT devices to download any file from the internet and to verify/approve whether it is malicious or not is the need of the hour. In recent years, blockchain technology has stood as a solution to everything due to its features like decentralization, persistence, and anonymity. Moreover, using blockchain technology overcomes some difficulties in malware detection and improves the malware detection ratio over-than the techniques that do not utilize blockchain technology. In this paper, we study malware detection models which are based on blockchain technology. Furthermore, we elaborate on the effect of blockchain technology in malware detection, especially in the android environment.

Keywords: malware analysis, blockchain, malware attacks, malware detection approaches

Procedia PDF Downloads 40

Authors: Ji-Hoon Hong, Dong-Hee Kim, Nam-Uk Kim, Tai-Myoung Chung

Abstract:

Smartphone users are increasing rapidly. Accordingly, many companies are running BYOD (Bring Your Own Device: Policies to bring private-smartphones to the company) policy to increase work efficiency. However, smartphones are always under the threat of malware, thus the company network that is connected smartphone is exposed to serious risks. Most smartphone malware detection techniques are to perform an independent detection (perform the detection of a single target application). In this paper, we analyzed a variety of intrusion detection techniques. Based on the results of analysis propose an agent using the network IDS.

Keywords: android malware detection, software-defined network, interaction environment, android malware detection, software-defined network, interaction environment

Procedia PDF Downloads 401

Authors: Ratun Rahman, Rafid Islam, Akin Ahmed, Kamrul Hasan, Hasan Mahmud

Abstract:

Malware is becoming more prevalent, and several threat categories have risen dramatically in recent years. This paper provides a bird's-eye view of the world of malware analysis. The efficiency of five different machine learning methods (Naive Bayes, K-Nearest Neighbor, Decision Tree, Random Forest, and TensorFlow Decision Forest) combined with features picked from the retrieval of Android permissions to categorize applications as harmful or benign is investigated in this study. The test set consists of 1,168 samples (among these android applications, 602 are malware and 566 are benign applications), each consisting of 948 features (permissions). Using the permission-based dataset, the machine learning algorithms then produce accuracy rates above 80%, except the Naive Bayes Algorithm with 65% accuracy. Of the considered algorithms TensorFlow Decision Forest performed the best with an accuracy of 90%.

Keywords: android malware detection, machine learning, malware, malware analysis

Procedia PDF Downloads 121

Authors: Xiaoqing Wang, Junfeng Wang, Xiaolan Zhu

Abstract:

Android operating system has been recognized by most application developers because of its good open-source and compatibility, which enriches the categories of applications greatly. However, it has become the target of malware attackers due to the lack of strict security supervision mechanisms, which leads to the rapid growth of malware, thus bringing serious safety hazards to users. Therefore, it is critical to detect Android malware effectively. Generally, the permissions declared in the AndroidManifest.xml can reflect the function and behavior of the application to a large extent. Since current Android system has not any restrictions to the number of permissions that an application can request, developers tend to apply more than actually needed permissions in order to ensure the successful running of the application, which results in the abuse of permissions. However, some traditional detection methods only consider the requested permissions and ignore whether it is actually used, which leads to incorrect identification of some malwares. Therefore, a machine learning detection method based on the actually used permissions combination and API calls was put forward in this paper. Meanwhile, several experiments are conducted to evaluate our methodology. The result shows that it can detect unknown malware effectively with higher true positive rate and accuracy while maintaining a low false positive rate. Consequently, the AdaboostM1 (J48) classification algorithm based on information gain feature selection algorithm has the best detection result, which can achieve an accuracy of 99.8%, a true positive rate of 99.6% and a lowest false positive rate of 0.

Keywords: android, API Calls, machine learning, permissions combination

Procedia PDF Downloads 304

Authors: Jorge Maestre Vidal, Ana Lucila Sandoval Orozco, Luis Javier García Villalba

Abstract:

With the increase in popularity of mobile devices, new and varied forms of malware have emerged. Consequently, the organizations for cyberdefense have echoed the need to deploy more effective defensive schemes adapted to the challenges posed by these recent monitoring environments. In order to contribute to their development, this paper presents a malware detection strategy for mobile devices based on sequence alignment algorithms. Unlike the previous proposals, only the system calls performed during the startup of applications are studied. In this way, it is possible to efficiently study in depth, the sequences of system calls executed by the applications just downloaded from app stores, and initialize them in a secure and isolated environment. As demonstrated in the performed experimentation, most of the analyzed malicious activities were successfully identified in their boot processes.

Keywords: android, information security, intrusion detection systems, malware, mobile devices

Procedia PDF Downloads 267

Authors: Preston Nabors, Nasseh Tabrizi

Abstract:

Portable Document Format (PDF) files have gained significant popularity for sharing and distributing documents due to their universal compatibility. However, the widespread use of PDF files has made them attractive targets for cybercriminals, who exploit vulnerabilities to deliver malware and compromise the security of end-user systems. This paper reviews notable contributions in PDF malware detection, including static, dynamic, signature-based, and hybrid analysis. It presents a comprehensive examination of PDF malware detection techniques, focusing on the emerging threat of adversarial sampling and the need for robust defense mechanisms. The paper highlights the vulnerability of machine learning classifiers to evasion attacks. It explores adversarial sampling techniques in PDF malware detection to produce mimicry and reverse mimicry evasion attacks, which aim to bypass detection systems. Improvements for future research are identified, including accessible methods, applying adversarial sampling techniques to malicious payloads, evaluating other models, evaluating the importance of features to malware, implementing adversarial defense techniques, and conducting comprehensive examination across various scenarios. By addressing these opportunities, researchers can enhance PDF malware detection and develop more resilient defense mechanisms against adversarial attacks.

Keywords: adversarial attacks, adversarial defense, adversarial machine learning, intrusion detection, PDF malware, malware detection, malware detection evasion

Procedia PDF Downloads 11

Authors: Vareesha Masood, Ammara Gul, Nabeeha Areej, Muhammad Asif Masood, Hamna Imran

Abstract:

The universal use of PDF files has prompted hackers to use them for malicious intent by hiding malicious codes in their victim’s PDF machines. Machine learning has proven to be the most efficient in identifying benign files and detecting files with PDF malware. This paper has proposed an approach using a decision tree classifier with parameters. A modern, inclusive dataset CIC-Evasive-PDFMal2022, produced by Lockheed Martin’s Cyber Security wing is used. It is one of the most reliable datasets to use in this field. We designed a PDF malware detection system that achieved 99.2%. Comparing the suggested model to other cutting-edge models in the same study field, it has a great performance in detecting PDF malware. Accordingly, we provide the fastest, most reliable, and most efficient PDF Malware detection approach in this paper.

Keywords: PDF, PDF malware, decision tree classifier, random forest classifier

Procedia PDF Downloads 48

Authors: Umm-E-Hani, Faiza Babar, Hanif Durad

Abstract:

Malware-detecting approaches suffer many limitations, due to which all anti-malware solutions have failed to be reliable enough for detecting zero-day malware. Signature-based solutions depend upon the signatures that can be generated only when malware surfaces at least once in the cyber world. Another approach that works by detecting the anomalies caused in the environment can easily be defeated by diligently and intelligently written malware. Solutions that have been trained to observe the behavior for detecting malicious files have failed to cater to the malware capable of detecting the sandboxed or protected environment. Machine learning and deep learning-based approaches greatly suffer in training their models with either an imbalanced dataset or an inadequate number of samples. AI-based anti-malware solutions that have been trained with enough samples targeted a selected feature vector, thus ignoring the input of leftover features in the maliciousness of malware just to cope with the lack of underlying hardware processing power. Our research focuses on producing an anti-malware solution for detecting malicious PE files by circumventing the earlier-mentioned shortcomings. Our proposed framework, which is based on automated feature engineering through autoencoders, trains the model over a fairly large dataset. It focuses on the visual patterns of malware samples to automatically extract the meaningful part of the visual pattern. Our experiment has successfully produced a state-of-the-art accuracy of 99.54 % over test data.

Keywords: malware, auto encoders, automated feature engineering, classification

Procedia PDF Downloads 37

Authors: Seung-Hwan Ju, Yo-Han Choi, Hee-Suk Seo, Tae-Kyung Kim

Abstract:

This study investigates the permissions requested by Android applications, and the possibility of identifying suspicious applications based only on information presented to the user before an application is downloaded. The pattern analysis is based on a smaller data set consisting of confirmed malicious applications. The method is evaluated based on its ability to recognize malicious potential in the analyzed applications. In this study, we develop a system to monitor that mobile application permission at application update. This study is a service-based malware analysis. It will be based on the mobile security study.

Keywords: malware patterns, application permission, application analysis, security

Procedia PDF Downloads 483

Authors: Assad Maalouf, Lunjin Lu, James Lynott

Abstract:

We design and implement a precise model of string operations using finite state machine transformers and state transformers to approximate the values string variables can take throughout the execution of the program.We use our model to analyze Android program string variables. Our experimental results show that our string analysis is very efficient at detecting the contextual effect of string operations on the string variables. Our model proved to be very useful when it came to verifying statements about the string variables of the program.

Keywords: abstract interpretation, android, static analysis, string analysis

Procedia PDF Downloads 148

Authors: Andrii Shalaginov, Katrin Franke, Xiongwei Huang

Abstract:

One of the leading problems in Cyber Security today is the emergence of targeted attacks conducted by adversaries with access to sophisticated tools. These attacks usually steal senior level employee system privileges, in order to gain unauthorized access to confidential knowledge and valuable intellectual property. Malware used for initial compromise of the systems are sophisticated and may target zero-day vulnerabilities. In this work we utilize common behaviour of malware called ”beacon”, which implies that infected hosts communicate to Command and Control servers at regular intervals that have relatively small time variations. By analysing such beacon activity through passive network monitoring, it is possible to detect potential malware infections. So, we focus on time gaps as indicators of possible C2 activity in targeted enterprise networks. We represent DNS log files as a graph, whose vertices are destination domains and edges are timestamps. Then by using four periodicity detection algorithms for each pair of internal-external communications, we check timestamp sequences to identify the beacon activities. Finally, based on the graph structure, we infer the existence of other infected hosts and malicious domains enrolled in the attack activities.

Keywords: malware detection, network security, targeted attack, computational intelligence

Procedia PDF Downloads 224

Authors: A. Dinelka Panagoda, Bathiya Bandara, Chamod Wijetunga, Chathura Malinda, Lakmal Rupasinghe, Chethana Liyanapathirana

Abstract:

This research takes us forward with the concepts of Federated Learning and Software-Defined Networking (SDN) to introduce an efficient malware detection technique and provide a mitigation mechanism to give birth to a resilient and automated healthcare sector network system by also adding the feature of extended privacy preservation. Due to the daily transformation of new malware attacks on hospital Integrated Clinical Environment (ICEs), the healthcare industry is at an undefinable peak of never knowing its continuity direction. The state of blindness by the array of indispensable opportunities that new medical device inventions and their connected coordination offer daily, a factor that should be focused driven is not yet entirely understood by most healthcare operators and patients. This solution has the involvement of four clients in the form of hospital networks to build up the federated learning experimentation architectural structure with different geographical participation to reach the most reasonable accuracy rate with privacy preservation. While the logistic regression with cross-entropy conveys the detection, SDN comes in handy in the second half of the research to stack up the initial development phases of the system with malware mitigation based on policy implementation. The overall evaluation sums up with a system that proves the accuracy with the added privacy. It is no longer needed to continue with traditional centralized systems that offer almost everything but not privacy.

Keywords: software-defined network, federated learning, privacy, integrated clinical environment, decentralized learning, malware detection, malware mitigation

Procedia PDF Downloads 134

Authors: Cristina Vatamanu, Doina Cosovan, Dragos Gavrilut, Henri Luchian

Abstract:

In the past few years, the amount of malicious software increased exponentially and, therefore, machine learning algorithms became instrumental in identifying clean and malware files through semi-automated classification. When working with very large datasets, the major challenge is to reach both a very high malware detection rate and a very low false positive rate. Another challenge is to minimize the time needed for the machine learning algorithm to do so. This paper presents a comparative study between different machine learning techniques such as linear classifiers, ensembles, decision trees or various hybrids thereof. The training dataset consists of approximately 2 million clean files and 200.000 infected files, which is a realistic quantitative mixture. The paper investigates the above mentioned methods with respect to both their performance (detection rate and false positive rate) and their practicability.

Keywords: ensembles, false positives, feature selection, one side class algorithm

Procedia PDF Downloads 257

Authors: Yuni Rochmawati, Luluk Il Mukarromah

Abstract:

Android is a mobile operating system (OS) based on the linux kerrnel and currently developed by google. With a user interface based on direct manipulation, Android is designed primarily for touchscreen mobile deviced such as smartphone and tablet computer, with specialized user interface for television (Android TV), cars (Android Auto), and wrist watches (Android Wear). Now, almost all peoples using smartphone. Smartphone seems to be a must-have object, because smartphone has many benefits. In addition, of course smartphone have many benefits for education, like resume of lesson that form of e-book. However, this article is not about resume of lesson. This article is about practical based on android, exactly for physics. Therefore, we will explain our idea about physics’s practical based on android and for output, we wish many students will be like to studying physics and always remember about physics’s phenomenon by physics’s practical based on android.

Keywords: android, smartphone, physics, practical

Procedia PDF Downloads 206

Authors: Awad A. Younis, Elise Stronberg, Shifa Noor

Abstract:

Malware attacks due to end-user vulnerabilities have been noticeably increased in the past few years. Investigating the factors that make an end-user vulnerable to those attacks is critical because they can be utilized to set up proactive strategies such as awareness and education to mitigate the impacts of those attacks. Some existing studies investigated demographic, behavioral, and cultural factors that make an end-user susceptible to malware attacks. However, it has been challenging to draw more general conclusions from individual studies due to the varieties in the type of end-users and different types of malware. Therefore, we conducted a systematic literature review (SLR) of the existing research for end-user susceptibility factors to malware attacks. The results showed while some demographic factors are mostly associated with malware infection regardless of the end users' type, age, and gender are not consistent among the same and different types of end-users. Besides, the association of culture and personality factors with malware infection are consistent in most of the selected studies and for all type of end-users. Moreover, malware infection varies based on age, geographic location, and host types. We propose that future studies should carefully take into consideration the type of end-users because different end users may be exposed to different threats or be targeted based on their user domains’ characteristics. Additionally, as different types of malware use different tactics to trick end-users, taking the malware types into consideration is important.

Keywords: cybersecurity, malware, end-users, demographics, personality, culture, systematic literature review

Procedia PDF Downloads 201

Authors: Cebrail Çiflikli, Emre Öner Tartan

Abstract:

Parallel to the fast worldwide increase of elderly population and spreading unhealthy life habits, there is a significant rise in the number of patients and health problems. The supervision of people who have health problems and oversight in detection of people who have potential risks, bring a considerable cost to health system and increase workload of physician. To provide an efficient solution to this problem, in the recent years mobile applications have shown their potential for wide usage in health monitoring. In this paper we present an Android mobile application that records and evaluates ECG signal using Pan-Tompkins algorithm for QRS detection. The application model includes an alarm mechanism that is proposed to be used for sending message including abnormality information and location information to health supervisor.

Keywords: Android mobile application, ECG monitoring, QRS detection, Pan-Tompkins Algorithm

Procedia PDF Downloads 202

Authors: Leidy M. Aldana, Jorge E. Camargo

Abstract:

Adversarial Machine Learning has gained importance in recent years as Cybersecurity has gained too, especially malware, it has affected different entities and people in recent years. This paper shows a literature review about defense methods created to prevent adversarial machine learning attacks, firstable it shows an introduction about the context and the description of some terms, in the results section some of the attacks are described, focusing on detecting adversarial examples before coming to the machine learning algorithm and showing other categories that exist in defense. A method with five steps is proposed in the method section in order to define a way to make the literature review; in addition, this paper summarizes the contributions in this research field in the last seven years to identify research directions in this area. About the findings, the category with least quantity of challenges in defense is the Detection of adversarial examples being this one a viable research route with the adaptive approach in attack and defense.

Keywords: Malware, adversarial, machine learning, defense, attack

Procedia PDF Downloads 22

Authors: Azita Ramezani, Atousa Ramezani

Abstract:

In the ever-escalating landscape of windows malware the necessity for pioneering defense strategies turns into undeniable this study introduces an avant-garde approach fusing the capabilities of clustering random forests and support vector machines SVM to combat the intricate web of cyber threats our fusion model triumphs with a staggering accuracy of 98.67 and an equally formidable f1 score of 98.68 a testament to its effectiveness in the realm of windows malware defense by deciphering the intricate patterns within malicious code our model not only raises the bar for detection precision but also redefines the paradigm of cybersecurity preparedness this breakthrough underscores the potential embedded in the fusion of diverse analytical methodologies and signals a paradigm shift in fortifying against the relentless evolution of windows malicious threats as we traverse through the dynamic cybersecurity terrain this research serves as a beacon illuminating the path toward a resilient future where innovative fusion models stand at the forefront of cyber threat defense.

Keywords: fusion models, cyber threat defense, windows malware, clustering, random forests, support vector machines (SVM), accuracy, f1-score, cybersecurity, malicious code detection

Procedia PDF Downloads 28

Authors: Hermann Dornhackl, Konstantin Kadletz, Robert Luh, Paul Tavolato

Abstract:

In this paper we describe the use of formal methods to model malware behaviour. The modelling of harmful behaviour rests upon syntactic structures that represent malicious procedures inside malware. The malicious activities are modelled by a formal grammar, where API calls’ components are the terminals and the set of API calls used in combination to achieve a goal are designated non-terminals. The combination of different non-terminals in various ways and tiers make up the attack vectors that are used by harmful software. Based on these syntactic structures a parser can be generated which takes execution traces as input for pattern recognition.

Keywords: malware behaviour, modelling, parsing, search, pattern matching

Procedia PDF Downloads 300

Authors: Sulaiman Al amro, Ali Alkhalifah

Abstract:

The growing number of computer viruses and the detection of zero day malware have been the concern for security researchers for a large period of time. Existing antivirus products (AVs) rely on detecting virus signatures which do not provide a full solution to the problems associated with these viruses. The use of logic formulae to model the behaviour of viruses is one of the most encouraging recent developments in virus research, which provides alternatives to classic virus detection methods. In this paper, we proposed a comparative study about different virus detection techniques. This paper provides the advantages and drawbacks of different detection techniques. Different techniques will be used in this paper to provide a discussion about what technique is more effective to detect computer viruses.

Keywords: computer viruses, virus detection, signature-based, behaviour-based, heuristic-based

Procedia PDF Downloads 439

Authors: Mochamad Beta Auditama, Yusuf Kurniawan

Abstract:

A smartphone or tablet require a strong randomness to establish secure encrypted communication, encrypt files, etc. Therefore, random number generation is one of the main keys to provide secrecy. Android devices are equipped with hardware-based sensors, such as accelerometer, gyroscope, etc. Each of these sensors provides a stochastic process which has a potential to be used as an extra randomness source, in addition to /dev/random and /dev/urandom pseudorandom number generators. Android sensors can provide randomness automatically. To obtain randomness from Android sensors, each one of Android sensors shall be used to construct an entropy source. After all entropy sources are constructed, output from these entropy sources are combined to provide more entropy. Then, a deterministic process is used to produces a sequence of random bits from the combined output. All of these processes are done in accordance with NIST SP 800-22 and the series of NIST SP 800-90. The operation conditions are done 1) on Android user-space, and 2) the Android device is placed motionless on a desk.

Keywords: Android hardware-based sensor, deterministic process, entropy source, random number generation/generators

Procedia PDF Downloads 334

Authors: Haowei Chen, Kaiqi Xiong

Abstract:

This paper aims to answer how malware will propagate in Wireless Mesh Networks (WMNs) and how communication radius and distributed density of nodes affects the process of spreading. The above analysis is essential for devising network-wide strategies to counter malware. We answer these questions by developing an improved dynamical system that models malware propagation in the area where nodes were uniformly distributed. The proposed model captures both the spatial and temporal dynamics regarding the malware spreading process. Equilibrium and stability are also discussed based on the threshold of the system. If the threshold is less than one, the infected nodes disappear, and if the threshold is greater than one, the infected nodes asymptotically stabilize at the endemic equilibrium. Numerical simulations are investigated about communication radius and distributed density of nodes in WMNs, which allows us to draw various insights that can be used to guide security defense.

Keywords: Bluetooth security, malware propagation, wireless mesh networks, stability analysis

Procedia PDF Downloads 61

Authors: Babak Bashari Rad

Abstract:

A metamorphic computer virus uses different code transformation techniques to mutate its body in duplicated instances. Characteristics and function of new instances are mostly similar to their parents, but they cannot be easily detected by the majority of antivirus in market, as they depend on string signature-based detection techniques. The purpose of this research is to propose a Hidden Markov Model for classification of metamorphic viruses in executable files. In the proposed solution, portable executable files are inspected to extract the instructions opcodes needed for the examination of code. A Hidden Markov Model trained on portable executable files is employed to classify the metamorphic viruses of the same family. The proposed model is able to generate and recognize common statistical features of mutated code. The model has been evaluated by examining the model on a test data set. The performance of the model has been practically tested and evaluated based on False Positive Rate, Detection Rate and Overall Accuracy. The result showed an acceptable performance with high average of 99.7% Detection Rate.

Keywords: malware classification, computer virus classification, metamorphic virus, metamorphic malware, Hidden Markov Model

Procedia PDF Downloads 281

Authors: Saidatul A'isyah Ahmad Shukri, Haslina Arshad

Abstract:

This study was conducted to develop an application that provides Augmented Reality experience in identifying halal food products and beverages based on Malaysian Islamic Development Department (JAKIM) database for Muslim consumers in Malaysia. The applications is operating on the mobile device using the Android platform. This application aims to provide a new experience to the user how to use the Android application implements Augmentation Reality technology The methodology used is object-oriented analysis and design (OOAD). The programming language used is JAVA programming using the Android Software Development Kit (SDK) and XML. Android operating system is selected, and it is an open source operating system. Results from the study are implemented to further enhance diversity in presentation of information contained in this application and so can bring users using these applications from different angles.

Keywords: android, augmented reality, food, halal, Malaysia, products, XML

Procedia PDF Downloads 425

Authors: Arvinder Kaur, Deepti Chopra

Abstract:

Software Entropy Metrics for bug prediction have been validated on various software systems by different researchers. In our previous research, we have validated that Software Entropy Metrics calculated for Mozilla subsystem’s predict the future bugs reasonably well. In this study, the Software Entropy metrics are calculated for a subsystem of Android and it is noticed that these metrics are not suitable for bug prediction. The results are compared with a subsystem of Mozilla and a comparison is made between the two software systems to determine the reasons why Software Entropy metrics are not applicable for Android.

Keywords: android, bug prediction, mining software repositories, software entropy

Procedia PDF Downloads 546

Authors: Jie Zhang, Qianyu Guo, Tieyi Zhang, Zhiyong Feng, Xiaohong Li

Abstract:

With the widespread popularity of mobile devices and the development of artificial intelligence (AI), deep learning (DL) has been extensively applied in Android apps. Compared with traditional Android apps (traditional apps), deep learning based Android apps (DL-based apps) need to use more third-party application programming interfaces (APIs) to complete complex DL inference tasks. However, existing methods (e.g., FlowDroid) for detecting sensitive information leakage in Android apps cannot be directly used to detect DL-based apps as they are difficult to detect third-party APIs. To solve this problem, we design DLtrace; a new static information flow analysis tool that can effectively recognize third-party APIs. With our proposed trace and detection algorithms, DLtrace can also efficiently detect privacy leaks caused by sensitive APIs in DL-based apps. Moreover, using DLtrace, we summarize the non-sequential characteristics of DL inference tasks in DL-based apps and the specific functionalities provided by DL models for such apps. We propose two formal definitions to deal with the common polymorphism and anonymous inner-class problems in the Android static analyzer. We conducted an empirical assessment with DLtrace on 208 popular DL-based apps in the wild and found that 26.0% of the apps suffered from sensitive information leakage. Furthermore, DLtrace has a more robust performance than FlowDroid in detecting and identifying third-party APIs. The experimental results demonstrate that DLtrace expands FlowDroid in understanding DL-based apps and detecting security issues therein.

Keywords: mobile computing, deep learning apps, sensitive information, static analysis

Procedia PDF Downloads 119

Authors: Aw Adi Arryansyah

Abstract:

Using electronic stethoscope for detecting heartbeat sound, and breath sounds, are the effective way to investigate cardiovascular diseases. On the other side, technology is growing towards mobile. Almost everyone has a smartphone. Smartphone has many platforms. Creating mobile applications also became easier. We also can use HTML5 technology to creating mobile apps. Android is the most widely used type. This is the reason for us to make a wireless electronic stethoscope based on Android mobile. Android based Wireless Electronic Stethoscope designed by a simple system, uses sound sensors mounted membrane, then connected with Bluetooth module which will send the heart auscultation voice input data by Bluetooth signal to an android platform. On the software side, android will read the voice input then it will translate to beautiful visualization and release the voice output which can be regulated about how much of it is going to be released. We can change the heart beat sound into BPM data, and heart beat analysis, like normal beat, bradycardia or tachycardia.

Keywords: wireless, HTML 5, auscultation, bradycardia, tachycardia

Procedia PDF Downloads 318

Authors: Jessemyn Modiini, Timothy Lynar, Elena Sitnikova

Abstract:

We present a novel enhanced compartmental model for malware spread analysis in cyber security. This paper applies cyber security data features to epidemiological compartmental models to model the infectious potential of malware. Compartmental models are most efficient for calculating the infectious potential of a disease. In this paper, we discuss and profile epidemiologically relevant data features from a Domain Name System (DNS) dataset. We then apply these features to epidemiological compartmental models to network traffic features. This paper demonstrates how epidemiological principles can be applied to the novel analysis of key cybersecurity behaviours and trends and provides insight into threat modelling above that of kill-chain analysis. In applying deterministic compartmental models to a cyber security use case, the authors analyse the deficiencies and provide an enhanced stochastic model for cyber epidemiology. This enhanced compartmental model (SUEICRN model) is contrasted with the traditional SEIR model to demonstrate its efficacy.

Keywords: cybersecurity, epidemiology, cyber epidemiology, malware

Procedia PDF Downloads 81

Authors: Shih-Yu Wang, Shun-Wen Hsiao

Abstract:

In the field of cybersecurity, there exists many vendors giving malware samples classified results, namely naming after the label that contains some important information which is also called AV label. Lots of researchers relay on AV labels for research. Unfortunately, AV labels are too cluttered. They do not have a fixed format and fixed naming rules because the naming results were based on each classifiers' viewpoints. A way to fix the problem is taking a majority vote. However, voting can sometimes create problems of bias. Thus, we create a novel ensemble approach which does not rely on the cacophonous naming result but depend on group identification to aggregate everyone's opinion. To achieve this purpose, we develop an scoring system called Pairwise Consensus Score (PCS) to calculate result similarity. The entire method architecture combine Genetic Algorithm and PCS to find maximum consensus in the group. Experimental results revealed that our method outperformed the majority voting by 10% in term of the score.

Keywords: genetic algorithm, ensemble learning, malware family, malware labeling, AV labels

Procedia PDF Downloads 51

Authors: Kuei-Chun Liu, Yu-Yu Lai, Ching-Hong Wu, Hsiao-Han Huang

Abstract:

The number of Android applications (Apps) has increased rapidly in recent years. In order to get better programmatic control over Apps, we designed a record-and-replay mechanism to record Android input events and accessibility service events then make shortcuts. The shortcut is useful for complicated routine works and to Android beginners. We also generated graphical user interface (GUI) API by these shortcuts. GUI API helps developers make integrated Apps which can control other third-party Apps even if the official API is not offered by their providers. We demonstrated the usage of GUI API with two integrated Apps: Universal Bank App and Universal Communication App. Universal Bank App integrates three accounts from different banks and Universal Communication App integrates Line with WhatsApp. Both of them show the advantage of extendable GUI API. Furthermore, using our mechanism, shortcuts could replay almost all of the Top-100 Apps on Google Play correctly. In sum, the approach we present can help both Android developers and general users.

Keywords: graphical user interface, GUI API, record-and-replay, third-party apps

Procedia PDF Downloads 378