Filters








190 Hits in 7.7 sec

To believe or not to believe: Validating explanation fidelity for dynamic malware analysis [article]

Li Chen, Carter Yagemann, Evan Downing
2019 arXiv   pre-print
In this work, via two case studies of dynamic malware classification, we extend the local interpretable model-agnostic explanation algorithm to explain image-based dynamic malware classification and examine  ...  the results back to the samples to validate whether the algorithmic insights are consistent with security domain expertise.  ...  dynamic malware analysis.  ... 
arXiv:1905.00122v1 fatcat:pxnv4gvxdnfjpjeod2paodnrtm

Android Security using NLP Techniques: A Review [article]

Sevil Sen, Burcu Can
2021 arXiv   pre-print
We mainly focus on NLP-based solutions under four categories: description-to-behaviour fidelity, description generation, privacy and malware detection.  ...  In addition to the application code, Android applications have some metadata that could be useful for security analysis of applications.  ...  The authors would like to thank TUBITAK for its support.  ... 
arXiv:2107.03072v1 fatcat:yo3qc3w5jbhu7kb6db76hq2d2e

Towards interpreting ML-based automated malware detection models: a survey [article]

Yuzhou Lin, Xiaolin Chang
2021 arXiv   pre-print
Malware is being increasingly threatening and malware detectors based on traditional signature-based analysis are no longer suitable for current malware detection.  ...  This paper aims to examine and categorize the existing researches on ML-based malware detector interpretability.  ...  Acknowledgements Not applicable.  ... 
arXiv:2101.06232v1 fatcat:rw3f3ban7nfvzcjriqyegqhffq

DeepReflect: Discovering Malicious Functionality through Binary Reconstruction

Evan Downing, Yisroel Mirsky, Kyuhong Park, Wenke Lee
2021 USENIX Security Symposium  
To increase the productivity of static (or manual) reverse engineering, we propose DEEPREFLECT: a tool for localizing and identifying malware components within a malicious binary.  ...  Deep learning has continued to show promising results for malware classification.  ...  Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of ONR or DARPA.  ... 
dblp:conf/uss/DowningMPL21 fatcat:hjqgm3vkj5bvjehgpqaxwskly4

Web Adoption: An Attempt Toward Classifying Risky Internet Web Browsing Behavior

Alexander D. Kent, Lorie M. Liebrock, Joshua Neil
2013 Workshop on Learning from Authoritative Security Experiment Results  
adopters) or browses to unique web sites that no other computer visited (unique adopters) in a given time period. • Method.  ...  uniqueness from dynamic content while preserving key characteristics. • Conclusions.  ...  Borders et al. provide an intriguing, though more complex, method of dealing with the dynamic URL's generated by dynamic web content to enable site comparison and analysis [3] .  ... 
dblp:conf/laseres/KentLN13 fatcat:nqybyqsul5hcbg7i7p3dd74xfq

CADE: Detecting and Explaining Concept Drift Samples for Security Applications

Limin Yang, Wenbo Guo, Qingying Hao, Arridhana Ciptadi, Ali Ahmadzadeh, Xinyu Xing, Gang Wang
2021 USENIX Security Symposium  
Due to the dynamic behavior changes of attackers (and/or the benign counterparts), the testing data distribution is often shifting from the original training data over time, causing major failures to the  ...  We evaluate CADE with two case studies: Android malware classification and network intrusion detection. We further work with a security company to test CADE on its malware database.  ...  Acknowledgment We thank our shepherd David Freeman and anonymous reviewers for their constructive comments and suggestions.  ... 
dblp:conf/uss/Yang0HCAX021 fatcat:arsnqyt2knhalauto5agmoju5a

Securing Canada's Information-Technology Infrastructure: Context, Principles, and Focus Areas of Cybersecurity Research

Dan Craigen, D'Arcy Walsh, David Whyte
2013 Technology Innovation Management Review  
The main focus of his research is on the development of network-based behavioural analysis techniques for the detection of rapidly propagating malware.  ...  The "end goal" for dynamic defence can, in fact, be twofold: i) to mitigate the degree of damage attributed to a detected compromise by adapting the network or host environment in a timely fashion to actively  ... 
doi:10.22215/timreview/704 fatcat:r66pqzcqqvdwxmaf6ndhs76thy

Software engineering techniques for statically analyzing mobile apps: research trends, characteristics, and potential for industrial adoption

Marco Autili, Ivano Malavolta, Alexander Perucci, Gian Luca Scoccia, Roberto Verdecchia
2021 Journal of Internet Services and Applications  
) better position their (past and future) approaches for static analysis of mobile apps.  ...  The results of this study give a solid foundation for assessing existing and future approaches for static analysis of mobile apps, especially in terms of their industrial adoptability.Researchers and practitioners  ...  We established the need for performing a review on static analysis of mobile app (Section 3), we identified the main research questions (Section 4.1), and we defined the protocol to be followed by the  ... 
doi:10.1186/s13174-021-00134-x fatcat:mlzjbkdi7fhezisn3tcv7wzlbi

Using Failure Information Analysis to Detect Enterprise Zombies [chapter]

Zhaosheng Zhu, Vinod Yegneswaran, Yan Chen
2009 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
We propose failure information analysis as a novel strategy for uncovering malware activity and other anomalies in enterprise network traffic.  ...  We believe it would be a useful complement to existing defenses.  ...  This did not occur in the malware traces, i.e., failures were restricted to fewer ports and typically occurred in one or two ports.  ... 
doi:10.1007/978-3-642-05284-2_11 fatcat:2klhpaekdbftvgjrqrl4rwnmte

Understanding Adversarial Strategies from Bot Recruitment to Scheduling [chapter]

Wentao Chang, Aziz Mohaisen, An Wang, Songqing Chen
2018 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
Furthermore, our study to measure dynamics of botnet activity reveals that botmasters start to deliberately schedule their bots to hibernate and alternate in attacks so that the detection window becomes  ...  Our analysis shows that different from the common perception that bots are randomly recruited in a best-effort manner, bots recruitment has strong geographical and organizational locality, offering defenses  ...  Furthermore, the efforts of identifying malware that is used for operating a botnet family provide high fidelity: the techniques involve a combination of dynamic and static analysis utilizing deep understanding  ... 
doi:10.1007/978-3-319-78813-5_20 fatcat:alwbpawxovgkzfxpti3g7tdazi

Enhancing the Description-to-Behavior Fidelity in Android Apps with Privacy Policy

Le Yu, Xiapu Luo, Chenxiong Qian, Shuai Wang, Hareton K. N. Leung
2018 IEEE Transactions on Software Engineering  
Since more than 96% of mobile malware targets the Android platform, various techniques based on static code analysis or dynamic behavior analysis have been proposed to detect malicious apps.  ...  To address these challenging issues, we first propose a novel data flow model for analyzing privacy policy, and then develop a new system, named TAPVerifier, for carrying out investigation of individual  ...  Moreover, TAPVerifier does not conduct dynamic analysis, native code analysis, and dynamic code loading analysis, which can be exploited by malware to evade the detection.  ... 
doi:10.1109/tse.2017.2730198 fatcat:u5e3nxhyjzfxfnkewzwuwzwxku

Short paper

Ian Timothy Fischer, Cynthia Kuo, Ling Huang, Mario Frank
2012 Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '12  
This is a research-rich area, and we outline future research directions for developing and evaluating dynamic security mechanisms using contextual information.  ...  This paper exhorts the security community to re-design authentication mechanisms for users on mobile devices.  ...  Another explanation is that users do not believe that extra passwords or PINs are needed. Users' reluctance to use authentication on their devices may be rational.  ... 
doi:10.1145/2381934.2381941 dblp:conf/ccs/FischerKHF12 fatcat:orcxwdg66rfq7bqufjiiv36txm

Spamalytics

Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, Stefan Savage
2008 Proceedings of the 15th ACM conference on Computer and communications security - CCS '08  
Using a parasitic infiltration of an existing botnet's infrastructure, we analyze two spam campaigns: one designed to propagate a malware Trojan, the other marketing on-line pharmaceuticals.  ...  For nearly a half billion spam e-mails we identify the number that are successfully delivered, the number that pass through popular anti-spam filters, the number that elicit user visits to the advertised  ...  Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage  ... 
doi:10.1145/1455770.1455774 dblp:conf/ccs/KanichKLEVPS08 fatcat:2jy2x45n3zc6zjm5k6qdotg4pa

Improving Smartphone Security and Reliability

IULIAN NEAMTIU, XUETAO WEI, MICHALIS FALOUTSOS, LORENZO GOMEZ, TANZIRUL AZIM, YONGJIAN HU, ZHIYONG SHAN
2017 Journal of Interconnection Networks (JOIN)  
high-fidelity record-and-replay.  ...  Our tools can analyze substantial, widely-popular apps running directly on smartphones, and do not require access to the app's source code.  ...  Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation here on.  ... 
doi:10.1142/s0219265917400023 fatcat:yq7yda6d4ras7a75jr33mzm3la

A Survey of App Store Analysis for Software Engineering

William Martin, Federica Sarro, Yue Jia, Yuanyuan Zhang, Mark Harman
2017 IEEE Transactions on Software Engineering  
Findings from App Store Analysis have a direct and actionable impact on the software teams that develop software for app stores, and have led to techniques for requirements engineering, release planning  ...  App Store Analysis combines this non-technical information with technical information to learn trends and behaviours within these forms of software repositories.  ...  ACKNOWLEDGMENTS We thank the anonymous reviewers for their very helpful feedback, and our many colleagues who responded with their valuable comments on an earlier version of this survey.  ... 
doi:10.1109/tse.2016.2630689 fatcat:tuqtkqnzordklgq2thihhc6sxy
« Previous Showing results 1 — 15 out of 190 results