A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Filters
Whom Does Your Android App Talk To?
2015
2015 IEEE Global Communications Conference (GLOBECOM)
Preserved Fulltext
Smartphone privacy and security work has focused mostly on malicious apps. We take a different angle by questioning whether good apps suffer from a lack of judgment and interact with "bad" websites. ...
The focus of our work is this relatively neglected aspect of security: "Whom does an app talk to?" ...
The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the National Science Foundation ...
doi:10.1109/glocom.2015.7416952
fatcat:etpoi4vdmvcg3pkhzyen5mwii4
Evaluating the Flexibility of the Java Sandbox
2015
Proceedings of the 31st Annual Computer Security Applications Conference on - ACSAC 2015
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
We describe an empirical study of the ways benign open-source Java applications use and interact with the Java security manager. ...
clear differences between the ways benign and exploit programs interact with the security manager. ...
Summary of benign behaviors Recall that in Section 3, we refined the high-level research question-how do benign applications interact with the security manager? ...
doi:10.1145/2818000.2818003
dblp:conf/acsac/CokerMDGS15
fatcat:gmmzimr7hjf5jpqyttht2xipsa
State of the Art Analysis Approach for Identification of the Malignant URLs
2017
IOSR Journal of Computer Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Therefore efficiency of web security gets maintained. For such anatomization we developed an analyzer which identifies URLs and examine as malicious or benign. ...
In this paper we described a novel approach which analyze all types of attacks by identifying malicious URLs and secure the web users from them. ...
Length of URL 4. Length of hyphen 5. Length of domain 6. Domain name extension 7. Length of max-length in domain name 8. ...
doi:10.9790/0661-1901020612
fatcat:ssynebg73vg47insjhcwwfik4u
Analyzing Information Flow in JavaScript-Based Browser Extensions
2009
2009 Annual Computer Security Applications Conference
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
To enable a rich set of functionalities, browsers typically execute JSEs with elevated privileges. ...
We implemented Sabre by modifying the Firefox browser and evaluated it using both malicious JSEs as well as benign ones that contained exploitable vulnerabilities. ...
We thank Jan Jajalla for his help with experiments, members of DiscoLab and the anonymous reviewers for their comments. This work was supported by NSF awards 0831268, 0915394 and 0931992. ...
doi:10.1109/acsac.2009.43
dblp:conf/acsac/DhawanG09
fatcat:2qis6oqbtzduxepgq2zh2q3zpy
Secure Real-Time Computational Intelligence System Against Malicious QR Code Links
2021
International Journal of Computers Communications & Control
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
A dataset of 90 000 benign and malicious URLs was collected from various resources, and their lexical properties were extracted. ...
Several of these solutions are limited to malicious link detection methods or require knowledge of cryptographic techniques. ...
Acknowledgement The authors acknowledge the Deanship of Scientific Research at King Faisal University for the financial support under Nasher Track (Grant No. 206046). ...
doi:10.15837/ijccc.2021.3.4186
fatcat:g3kr3avt6rewrnbk6appv4lcfy
ASPIRE: Iterative Specification Synthesis for Security
2015
USENIX Workshop on Hot Topics in Operating Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
How to perform a systematic security analysis of complex applications is a challenging and open question. ...
We implement a prototype of AS-PIRE for synthesizing and checking specifications of web applications, although our approach is not limited to web security, and use it in three case studies to demonstrate ...
Interaction The set of endpoints consists of a benign client, a malicious client, a malicious server and a set of benign servers defined by the synthesized MDL specification. ...
dblp:conf/hotos/ChenHADMS15
fatcat:p6aesgfcyrbh5lpgnnc4zwku3a
Malicious Websites Detection and Search Engine Protection
2013
Journal of Advances in Computer Networks
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
With the development of the Internet, the amount of information is expanding rapidly. Naturally, search engine becomes the backbone of information management. ...
Nevertheless, the flooding of large number of malicious websites on search engine has posed tremendous threat to our users. ...
Many malicious websites from public blacklist can"t be accesses currently, so we gathered malicious websites from several security agencies.
1) Benign URLs We collected 22014 benign URLs from three following ...
doi:10.7763/jacn.2013.v1.52
fatcat:bwjozmqrcvgkth56dkgoy44tei
Experiences Deploying Multi-Vantage-Point Domain Validation at Let's Encrypt
2021
USENIX Security Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
We explore the design space of multi-vantage-point domain validation to achieve (1) security via sufficiently diverse vantage points, (2) performance by ensuring low latency and overhead in certificate ...
We show that multi-vantage-point domain validation can thwart the vast majority of BGP attacks. ...
We are also grateful for support from the Open Technology Fund and International Republican Institute through their Securing Domain Validation project, the National Science Foundation under grant CNS-1553437 ...
dblp:conf/uss/Birge-LeeWMSRM21
fatcat:ch4tgxgmmfcyhorbvlqdpb7ifa
Quality of interaction among path computation elements for trust-aware inter-provider cooperation
2014
2014 IEEE International Conference on Communications (ICC)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
This work introduces the concepts of Quality of Interaction and trust ranking and elaborates a trust management model including effectiveness and security objectives regulating the cooperation among PCEs ...
Path Computation Element (PCE) architecture enables effective traffic engineering in multi-domain networks while limiting the exposure of intra-domain information. ...
QUALITY OF INTERACTION AND TRUST-AWARE PCE COLLABORATION In multi-domain PCE architecture, the PCEs belonging to different domains cooperate using client-server interactions for computing inter-domain ...
doi:10.1109/icc.2014.6883397
dblp:conf/icc/FungMGPGC14
fatcat:5qxupfvtmjhlbbu4teffm4wkwi
Machine Learning in Cyber-Security - Problems, Challenges and Data Sets
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
We also present a method to generate labels via pivoting, providing a solution to common problems of lack of labels in cyber-security. ...
We present cyber-security problems of high importance. We show that in order to solve these cyber-security problems, one must cope with certain machine learning challenges. ...
interactive command shell on host B. ...
arXiv:1812.07858v3
fatcat:j62uh2pw65cxdossot4w4ez72e
Code-Reuse Attacks for the Web
2017
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
In our data set 78.30% of all secondlevel domains had at least one data ow from an HTML attribute into a security-sensitive sink, whereas 59.51% of the sites exhibited such ows from dataattributes. ...
Because of this, we decided to deduplicate our nal results based on the rst domain before the top level domain (subsequently called "second level domains"). ...
doi:10.1145/3133956.3134091
dblp:conf/ccs/LekiesKGNJ17
fatcat:kaeubika4rfrpkmkvkym7l2aii
A Word-Level Analytical Approach for Identifying Malicious Domain Names Caused by Dictionary-Based DGA Malware
2021
Electronics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Our approach contributes to dramatically improving network security by providing a technique to address various types of malware encroachment. ...
are distinctly different from those of human-generated domains. ...
benign and malicious domains, which is 80% of the datasets, and to predict 646,224 benign and malicious domains, which is 20% of the datasets. ...
doi:10.3390/electronics10091039
doaj:6ffbaa98c18c4cb7956dcaadedbdadf6
fatcat:s4bxpyagyncglhjor4hnymkoie
Evasive Malicious Website Detection by Leveraging Redirection Subgraph Similarities
2019
IEICE transactions on information and systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
malicious, benign, and compromised websites. ...
Security researchers and vendors have tried to prevent the attacks by detecting malicious data, i.e., malicious URLs, web content, and redirections. ...
Feature 1 # of different domains 2 Path length 3 # of HTTP 3xx redirections 4 # of different domain HTTP 3xx redirections 5 # of consecutive HTTP 3xx redirections 6 # of consecutive different domain HTTP ...
doi:10.1587/transinf.2018fcp0007
fatcat:h7aszr7ujna75gjsezeradugyi
Self-protection of Android systems from inter-component communication attacks
2018
Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering - ASE 2018
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
analysis, SALMA models an Android system using seven domains, four component interaction domains and three permission domains. ...
Note that the communication domain also includes interactions between the Android framework and components of third-party apps. ...
The evaluation of RevealDroid using a large dataset consisting of more than 54,000 malicious and benign apps shows the accuracy and the resiliency of RevealDroid against code obfuscation. ...
doi:10.1145/3238147.3238207
dblp:conf/kbse/HammadGM18
fatcat:qht4e54ehjfltlht6wjuwzsata
An evasion and counter-evasion study in malicious websites detection
2014
2014 IEEE Conference on Communications and Network Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
models by taking advantage of this symmetry. ...
In this paper, we present a framework for characterizing the evasion and counter-evasion interactions between the attacker and the defender, where the attacker attempts to evade the defender's detection ...
This suggests that we might need to design new machine learning algorithms to best fit the domain of security problems. ...
doi:10.1109/cns.2014.6997494
dblp:conf/cns/XuZXY14
fatcat:luptx5v3yvc7jlbabxqzum6agq
« Previous
Showing results 1 — 15 out of 23,028 results