Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
-
- Computer Science Faculty Publications (1)
- Computer Science and Engineering Faculty Publications (1)
- Department of Computer Science and Engineering: Dissertations, Theses, and Student Research (1)
- Electrical & Computer Engineering Faculty Publications (1)
- Electrical & Computer Engineering and Computer Science Faculty Publications (1)
Articles 1 - 7 of 7
Full-Text Articles in Engineering
A Survey Of Using Machine Learning In Iot Security And The Challenges Faced By Researchers, Khawlah M. Harahsheh, Chung-Hao Chen
A Survey Of Using Machine Learning In Iot Security And The Challenges Faced By Researchers, Khawlah M. Harahsheh, Chung-Hao Chen
Electrical & Computer Engineering Faculty Publications
The Internet of Things (IoT) has become more popular in the last 15 years as it has significantly improved and gained control in multiple fields. We are nowadays surrounded by billions of IoT devices that directly integrate with our lives, some of them are at the center of our homes, and others control sensitive data such as military fields, healthcare, and datacenters, among others. This popularity makes factories and companies compete to produce and develop many types of those devices without caring about how secure they are. On the other hand, IoT is considered a good insecure environment for cyber …
C2 Microservices Api: Ch4rl3sch4l3m4gn3, Thai H. Nguyễn
C2 Microservices Api: Ch4rl3sch4l3m4gn3, Thai H. Nguyễn
School of Computer Science & Engineering Undergraduate Publications
In the 21st century, cyber-based attackers such as advance persistent threats are leveraging bots in the form of botnets to conduct a plethora of cyber-attacks. While there are several social engineering techniques used to get targets to unknowingly download these bots, it is the command-and-control techniques advance persistent threats use to control their bots that is of critical interest to the author. In this research paper, the author aims to develop a command-and-control microservice application programming interface infrastructure to facilitate botnet command-and-control attack simulations. To achieve this the author will develop a simple bot skeletal framework, utilize the latest …
Advanced Techniques To Detect Complex Android Malware, Zhiqiang Li
Advanced Techniques To Detect Complex Android Malware, Zhiqiang Li
Department of Computer Science and Engineering: Dissertations, Theses, and Student Research
Android is currently the most popular operating system for mobile devices in the world. However, its openness is the main reason for the majority of malware to be targeting Android devices. Various approaches have been developed to detect malware.
Unfortunately, new breeds of malware utilize sophisticated techniques to defeat malware detectors. For example, to defeat signature-based detectors, malware authors change the malware’s signatures to avoid detection. As such, a more effective approach to detect malware is by leveraging malware’s behavioral characteristics. However, if a behavior-based detector is based on static analysis, its reported results may contain a large number of …
Sec-Lib: Protecting Scholarly Digital Libraries From Infected Papers Using Active Machine Learning Framework, Nir Nissim, Aviad Cohen, Jian Wu, Andrea Lanzi, Lior Rokach, Yuval Elovici, Lee Giles
Sec-Lib: Protecting Scholarly Digital Libraries From Infected Papers Using Active Machine Learning Framework, Nir Nissim, Aviad Cohen, Jian Wu, Andrea Lanzi, Lior Rokach, Yuval Elovici, Lee Giles
Computer Science Faculty Publications
Researchers from academia and the corporate-sector rely on scholarly digital libraries to access articles. Attackers take advantage of innocent users who consider the articles' files safe and thus open PDF-files with little concern. In addition, researchers consider scholarly libraries a reliable, trusted, and untainted corpus of papers. For these reasons, scholarly digital libraries are an attractive-target and inadvertently support the proliferation of cyber-attacks launched via malicious PDF-files. In this study, we present related vulnerabilities and malware distribution approaches that exploit the vulnerabilities of scholarly digital libraries. We evaluated over two-million scholarly papers in the CiteSeerX library and found the library …
Androparse - An Android Feature Extraction Framework & Dataset, Robert Schmicker, Frank Breitinger, Ibrahim Baggili
Androparse - An Android Feature Extraction Framework & Dataset, Robert Schmicker, Frank Breitinger, Ibrahim Baggili
Electrical & Computer Engineering and Computer Science Faculty Publications
Android malware has become a major challenge. As a consequence, practitioners and researchers spend a significant time analyzing Android applications (APK). A common procedure (especially for data scientists) is to extract features such as permissions, APIs or strings which can then be analyzed. Current state of the art tools have three major issues: (1) a single tool cannot extract all the significant features used by scientists and practitioners (2) Current tools are not designed to be extensible and (3) Existing parsers do not have runtime efficiency. Therefore, this work presents AndroParse which is an open-source Android parser written in Golang …
Ransomware Behavioural Analysis On Windows Platforms, Nikolai Hampton, Zubair A. Baig, Sherali Zeadally
Ransomware Behavioural Analysis On Windows Platforms, Nikolai Hampton, Zubair A. Baig, Sherali Zeadally
Research outputs 2014 to 2021
Ransomware infections have grown exponentially during the recent past to cause major disruption in operations across a range of industries including the government. Through this research, we present an analysis of 14 strains of ransomware that infect Windows platforms, and we do a comparison of Windows Application Programming Interface (API) calls made through ransomware processes with baselines of normal operating system behaviour. The study identifies and reports salient features of ransomware as referred through the frequencies of API calls
Botsniffer: Detecting Botnet Command And Control Channels In Network Traffic, Guofei Gu, Junjie Zhang, Wenke Lee
Botsniffer: Detecting Botnet Command And Control Channels In Network Traffic, Guofei Gu, Junjie Zhang, Wenke Lee
Computer Science and Engineering Faculty Publications
Botnets are now recognized as one of the most serious security threats. In contrast to previous malware, botnets have the characteristic of a command and control (C&C) channel. Botnets also often use existing common protocols, e.g., IRC, HTTP, and in protocol-conforming manners. This makes the detection of botnet C&C a challenging problem. In this paper, we propose an approach that uses network-based anomaly detection to identify botnet C&C channels in a local area network without any prior knowledge of signatures or C&C server addresses. This detection approach can identify both the C&C servers and infected hosts in the network. Our …