Computer Sciences Commons^™

Fine-Grained In-Context Permission Classification For Android Apps Using Control-Flow Graph Embedding, Vikas Kumar Malviya, Naing Tun Yan, Chee Wei Leow, Ailys Xynyn Tee, Lwin Khin Shar, Lingxiao Jiang

Research Collection School Of Computing and Information Systems

Android is the most popular operating system for mobile devices nowadays. Permissions are a very important part of Android security architecture. Apps frequently need the users’ permission, but many of them only ask for it once—when the user uses the app for the first time—and then they keep and abuse the given permissions. Longing to enhance Android permission security and users’ private data protection is the driving factor behind our approach to explore fine-grained contextsensitive permission usage analysis and thereby identify misuses in Android apps. In this work, we propose an approach for classifying the fine-grained permission uses for each …

Unlocking User Identity: A Study On Mouse Dynamics In Dual Gaming Environments For Continuous Authentication, Marcho Setiawan Handoko

All Graduate Theses, Dissertations, and Other Capstone Projects

With the surge in information management technology reliance and the looming presence of cyber threats, user authentication has become paramount in computer security. Traditional static or one-time authentication has its limitations, prompting the emergence of continuous authentication as a frontline approach for enhanced security. Continuous authentication taps into behavior-based metrics for ongoing user identity validation, predominantly utilizing machine learning techniques to continually model user behaviors. This study elucidates the potential of mouse movement dynamics as a key metric for continuous authentication. By examining mouse movement patterns across two contrasting gaming scenarios - the high-intensity "Team Fortress" and the low-intensity strategic …

Signature Identification And Verification Systems: A Comparative Study On The Online And Offline Techniques, Nehal Hamdy Al-Banhawy, Heba Mohsen, Neveen I. Ghali Prof.

Future Computing and Informatics Journal

Handwritten signature identification and verification has become an active area of research in recent years. Handwritten signature identification systems are used for identifying the user among all users enrolled in the system while handwritten signature verification systems are used for authenticating a user by comparing a specific signature with his signature that is stored in the system. This paper presents a review for commonly used methods for preprocessing, feature extraction and classification techniques in signature identification and verification systems, in addition to a comparison between the systems implemented in the literature for identification techniques and verification techniques in online and …

Transfer Learning For Detecting Unknown Network Attacks, Juan Zhao, Sachin Shetty, Jan Wei Pan, Charles Kamhoua, Kevin Kwiat

VMASC Publications

Network attacks are serious concerns in today’s increasingly interconnected society. Recent studies have applied conventional machine learning to network attack detection by learning the patterns of the network behaviors and training a classification model. These models usually require large labeled datasets; however, the rapid pace and unpredictability of cyber attacks make this labeling impossible in real time. To address these problems, we proposed utilizing transfer learning for detecting new and unseen attacks by transferring the knowledge of the known attacks. In our previous work, we have proposed a transfer learning-enabled framework and approach, called HeTL, which can find the common …

Malware Image Classification Using Machine Learning With Local Binary Pattern, Jhu-Sin Luo, Dan Lo

Master of Science in Computer Science Theses

Malware classification is a critical part in the cybersecurity.

Traditional methodologies for the malware classification

typically use static analysis and dynamic analysis to identify malware.

In this paper, a malware classification methodology based

on its binary image and extracting local binary pattern (LBP)

features are proposed. First, malware images are reorganized into

3 by 3 grids which is mainly used to extract LBP feature. Second,

the LBP is implemented on the malware images to extract features

in that it is useful in pattern or texture classification. Finally,

Tensorflow, a library for machine learning, is applied to classify

malware images with …

Denial-Of-Service Attack Modelling And Detection For Http/2 Services, Erwin Adi

Theses: Doctorates and Masters

Businesses and society alike have been heavily dependent on Internet-based services, albeit with experiences of constant and annoying disruptions caused by the adversary class. A malicious attack that can prevent establishment of Internet connections to web servers, initiated from legitimate client machines, is termed as a Denial of Service (DoS) attack; volume and intensity of which is rapidly growing thanks to the readily available attack tools and the ever-increasing network bandwidths. A majority of contemporary web servers are built on the HTTP/1.1 communication protocol. As a consequence, all literature found on DoS attack modelling and appertaining detection techniques, addresses only …

Immunology Inspired Detection Of Data Theft From Autonomous Network Activity, Theodore O. Cochran

CCE Theses and Dissertations

The threat of data theft posed by self-propagating, remotely controlled bot malware is increasing. Cyber criminals are motivated to steal sensitive data, such as user names, passwords, account numbers, and credit card numbers, because these items can be parlayed into cash. For anonymity and economy of scale, bot networks have become the cyber criminal’s weapon of choice. In 2010 a single botnet included over one million compromised host computers, and one of the largest botnets in 2011 was specifically designed to harvest financial data from its victims. Unfortunately, current intrusion detection methods are unable to effectively detect data extraction techniques …

Automatically Discovering The Number Of Clusters In Web Page Datasets, Zhongmei Yao

Zhongmei Yao

Clustering is well-suited for Web mining by automatically organizing Web pages into categories, each of which contains Web pages having similar contents. However, one problem in clustering is the lack of general methods to automatically determine the number of categories or clusters. For the Web domain in particular, currently there is no such method suitable for Web page clustering. In an attempt to address this problem, we discover a constant factor that characterizes the Web domain, based on which we propose a new method for automatically determining the number of clusters in Web page data sets. We discover that the …

Intelligent Network Intrusion Detection Using An Evolutionary Computation Approach, Samaneh Rastegari

Theses: Doctorates and Masters

With the enormous growth of users' reliance on the Internet, the need for secure and reliable computer networks also increases. Availability of effective automatic tools for carrying out different types of network attacks raises the need for effective intrusion detection systems.

Generally, a comprehensive defence mechanism consists of three phases, namely, preparation, detection and reaction. In the preparation phase, network administrators aim to find and fix security vulnerabilities (e.g., insecure protocol and vulnerable computer systems or firewalls), that can be exploited to launch attacks. Although the preparation phase increases the level of security in a network, this will never completely …

Determining What Characteristics Constitute A Darknet, Symon Aked, Christopher Bolan, Murray Brand

Australian Information Security Management Conference

Privacy on the Internet has always been a concern, but monitoring of content by both private corporations and Government departments has pushed people to search for ways to communicate over the Internet in a more secure manner. This has given rise to the creations of Darknets, which are networks that operate “inside” the Internet, and allow anonymous participation via a de‐centralised, encrypted, peer‐to‐peer network topology. This research investigates some sources of known Internet content monitoring, and how they provided the template for the creation of a system to avoid such surveillance. It then highlights how communications on the Clearnet is …

Recognizing Patterns In Transmitted Signals For Identification Purposes, Baha' A. Alsaify

Graduate Theses and Dissertations

The ability to identify and authenticate entities in cyberspace such as users, computers, cell phones, smart cards, and radio frequency identification (RFID) tags is usually accomplished by having the entity demonstrate knowledge of a secret key. When the entity is portable and physically accessible, like an RFID tag, it can be difficult to secure given the memory, processing, and economic constraints. This work proposes to use unique patterns in the transmitted signals caused by manufacturing differences to identify and authenticate a wireless device such as an RFID tag. Both manufacturer identification and tag identification are performed on a population of …

Automatically Discovering The Number Of Clusters In Web Page Datasets, Zhongmei Yao

Computer Science Faculty Publications

Clustering is well-suited for Web mining by automatically organizing Web pages into categories, each of which contains Web pages having similar contents. However, one problem in clustering is the lack of general methods to automatically determine the number of categories or clusters. For the Web domain in particular, currently there is no such method suitable for Web page clustering. In an attempt to address this problem, we discover a constant factor that characterizes the Web domain, based on which we propose a new method for automatically determining the number of clusters in Web page data sets. We discover that the …

Development Of A Classification System For Computer Viruses In The Ibm Pc Environment Using The Dos Operating System, Hugh R. Browne

Theses : Honours

The threat to computers worldwide from computer viruses is increasing as new viruses and variants proliferate. Availability of virus construction tools to facilitate 'customised' virus production and wider use of more sophisticated means of evading detection, such as encryption, polymorphic transformation and memory resident 'stealth' techniques increase this problem. Some viruses employ methods to guard against their own eradication from an infected computer, whilst other viruses adopt measures to prevent disassembly of the virus for examination and analysis. Growth in computer numbers and connectivity provide a growing pool of candidate hosts for infection. Standardised and flexible systems for classification and …