Article
Computer Science, Artificial Intelligence
Hakan Gunduz
Summary: This study proposed a malware detection model based on API-call graphs and used GVAE to reduce the size of graph node features. The results showed that combining RFE-selected LightGBM model with 50 features achieved the highest accuracy and F-measure rates. Using GVAE-reduced embeddings improved the accuracy and F-measure rates.
PEERJ COMPUTER SCIENCE
(2022)
Article
Computer Science, Artificial Intelligence
Namita Prachi, Namita Dabas, Prabha Sharma
Summary: Continuously evolving malware and their variants pose severe threats to information systems. To address these concerns, researchers propose a novel and lightweight API call sequence-based Windows malware detection system, MalAnalyser. MalAnalyer extracts frequent API call subsequences, applies a particle swarm optimization algorithm, and enriches malware patterns using genetic algorithm. Experimental results demonstrate high accuracy and outperformance compared to similar approaches.
EXPERT SYSTEMS WITH APPLICATIONS
(2023)
Article
Computer Science, Artificial Intelligence
Zikai Zhang, Yidong Li, Wei Wang, Haifeng Song, Hairong Dong
Summary: Malware detection is a vital task for cybersecurity, but it is still challenging due to the disregard of temporal correlations between malicious behaviors. In this study, a Dynamic Evolving Graph Convolutional Network (DEGCN) model is proposed to capture the dynamic evolving pattern of software behaviors, using multiscaled API graph sequences.
INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS
(2022)
Article
Computer Science, Artificial Intelligence
Xiao-Wang Wu, Yan Wang, Yong Fang, Peng Jia
Summary: The surge of malware poses a huge threat to cyberspace security. Existing malware analysis methods rely on feature engineering, increasing the complexity of analysis. This research proposes a new method based on function call graph and graph embedding network, which automatically extracts semantic features for efficient malware analysis.
NEURAL COMPUTING & APPLICATIONS
(2022)
Article
Computer Science, Information Systems
Han Gao, Shaoyin Cheng, Weiming Zhang
Summary: The paper introduces a novel approach for Android malware detection and familial classification based on Graph Convolutional Network (GCN). Through experiments, GDroid system shows promising results in detecting Android malware and classifying malware families, outperforming existing methods.
COMPUTERS & SECURITY
(2021)
Article
Computer Science, Theory & Methods
Syed Ibrahim Imtiaz, Saif ur Rehman, Abdul Rehman Javed, Zunera Jalil, Xuan Liu, Waleed S. Alnumay
Summary: As the use of Android smartphones becomes more widespread, there is an increasing need for more efficient methods to detect and prevent malicious applications from attacking and compromising user devices.
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE
(2021)
Article
Computer Science, Information Systems
Yang Yang, Xuehui Du, Zhi Yang, Xing Liu
Summary: The openness of the Android operating system brings convenience to users but also poses a threat of attack from malicious applications, making malware detection a key research focus in mobile security. The DGCNDroid method proposed in this paper effectively addresses the issues of feature selection and feature loss in graph structures in current malware detection methods, achieving higher detection accuracy through experimentation on a dataset of 11,120 Android apps.
Article
Computer Science, Information Systems
Tieming Chen, Huan Zeng, Mingqi Lv, Tiantian Zhu
Summary: In this paper, the authors propose a deep learning based dynamic malware detection method called CTIMD, which integrates threat knowledge from CTIs into the learning process of API call sequences with runtime parameters. Experimental results show that CTIMD outperforms existing methods in terms of performance.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Artificial Intelligence
Minghui Cai, Yuan Jiang, Cuiying Gao, Heng Li, Wei Yuan
Summary: This paper aims to learn behavior level features of Android apps from function calls, using enhanced function call graphs (E-FCGs) and a Graph Convolutional Network (GCN) based algorithm. Experimental results show that the method outperforms traditional static features in malware detection.
Article
Computer Science, Artificial Intelligence
Zhen Liu, Ruoyu Wang, Nathalie Japkowicz, Heitor Murilo Gomes, Bitao Peng, Wenbin Zhang
Summary: This paper proposes a novel Android malware detection method called SeGDroid, which focuses on learning semantic knowledge from sensitive function call graphs. The method achieves efficient malware detection and provides model explanation to trace malicious behavior. Experimental results demonstrate its excellent performance in malware detection and family classification.
EXPERT SYSTEMS WITH APPLICATIONS
(2024)
Article
Chemistry, Multidisciplinary
Yuxin Zhang, Shumian Yang, Lijuan Xu, Xin Li, Dawei Zhao
Summary: With the rapid growth of malware, learning API call sequences is effective for malware detection, but it is troublesome in practice to mine API call features. A novel method based on semantic information is proposed for malware detection, which outperforms the baseline method in terms of accuracy.
APPLIED SCIENCES-BASEL
(2023)
Article
Computer Science, Information Systems
Cagatay Catal, Hakan Gunduz, Alper Ozcan
Summary: Intelligent Transportation Systems (ITS) aim to make transportation smarter, safer, reliable, and environmentally friendly, facing security issues due to their complex, dynamic, and non-linear properties. This study improves malware detection models using Graph Attention Networks, proposing a GAN-based framework for addressing malware attacks in the ITS field. Experimental results show that integrating GAN and Node2Vec models provides the best performance in terms of F-measure and accuracy parameters.
Article
Computer Science, Information Systems
Ce Li, Zijun Cheng, He Zhu, Leiqi Wang, Qiujian Lv, Yan Wang, Ning Li, Degang Sun
Summary: In this study, we propose a novel malware analysis framework called DMalNet, which extracts semantic features from API names and arguments, converts the relationship between API calls into the structural information of a graph, and achieves accurate malware detection and classification.
COMPUTERS & SECURITY
(2022)
Article
Computer Science, Information Systems
Eslam Amer, Ivan Zelinka, Shaker El-Sappagh
Summary: The widespread development of the malware industry poses a major threat to electronic society, hence the need for intelligent heuristic tools in malware analysis; studies show that generic behavioral graph models can effectively characterize the differences in behaviors between malicious and non-malicious processes.
COMPUTERS & SECURITY
(2021)
Article
Computer Science, Information Systems
Weina Niu, Yihang Wang, Xingyu Liu, Ran Yan, Xiong Li, Xiaosong Zhang
Summary: This article proposes an Android malware detection and classification method called GCDroid based on a graph compression algorithm with reachability relationship extraction (GCRR). The method efficiently extracts reachability relationships among APKs and compresses a heterogeneous APK-API relationship graph into a homogeneous APKs graph, reducing time consumption while improving detection accuracy. Compared to existing static Android malware detection methods, GCDroid improves detection accuracies by 1.53%-39.13% on different data sets, and outperforms benchmark methods in Android malware classification. Furthermore, GCDroid's time consumption for model training and other aspects is only one-tenth or even less compared to baseline methods similar to GCDroid.
IEEE INTERNET OF THINGS JOURNAL
(2023)
Article
Computer Science, Information Systems
Kashan Ahmed, Syed Khaldoon Khurshid, Sadaf Hina
Summary: This paper mainly introduces the construction of the cyber threat intelligence knowledge graph and the information extraction technique. By using joint extraction technique, it solves the problem of traditional techniques becoming ineffective due to the increasing size of CTI data. Experimental results show that this technique outperforms state-of-the-art models in knowledge triple extraction on CTI data and improves the F1 score.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Xinlong He, Yang Xu, Sicong Zhang, Weida Xu, Jiale Yan
Summary: This paper proposes a new membership inference attack method in federated learning, which utilizes data poisoning and sequence prediction confidence. The attack is effective and results in minimal overall model performance degradation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Tieming Chen, Huan Zeng, Mingqi Lv, Tiantian Zhu
Summary: In this paper, the authors propose a deep learning based dynamic malware detection method called CTIMD, which integrates threat knowledge from CTIs into the learning process of API call sequences with runtime parameters. Experimental results show that CTIMD outperforms existing methods in terms of performance.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wonwoo Choi, Minjae Seo, Seongman Lee, Brent Byunghoon Kang
Summary: This paper proposes SUM, a backward-edge control flow protection scheme for ARM Cortex-M processors. It combines MPU and the overlooked hardware feature FaultMask to achieve efficient and robust protection. The empirical evaluation shows minimal runtime overhead for the proposed solution.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Liliana Ribeiro, Ines Sousa Guedes, Carla Sofia Cardoso
Summary: Phishing susceptibility is influenced by individual and contextual factors. The study found that individuals who perceive themselves as capable of detecting phishing and those who use online services more frequently are more susceptible to phishing. However, technology competencies and other individual variables do not predict phishing susceptibility.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wenjie Wang, Yuanhai Shao, Yiju Wang
Summary: In this paper, we investigate the adversarial perturbations of twin support vector machines (TWSVMs) and propose an optimization framework, which provides explicit solutions to increase the interpretability of the conclusion and convenience for calculation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Snofy D. Dunston, V. Mary Anita Rajam
Summary: This paper proposes a novel adversarial attack technique that can synthesize adversarial images to mislead deep learning models, and also studies interpretability plots. The research findings show that the proposed attack technique influences the interpretability plots, regardless of the success of the attack.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Junchen Li, Guang Cheng, Zongyao Chen, Peng Zhao
Summary: Protocol Reverse Engineering (PRE) is a direct approach for analyzing unknown traffic. This paper proposes a method for clustering unknown traffic based on private protocol labels, and the experimental results demonstrate its advantages on real-world network traffic.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Rafal Kozik, Massimo Ficco, Aleksandra Pawlicka, Marek Pawlicki, Francesco Palmieri, Michal Choras
Summary: The inclusion of Explainability of Artificial Intelligence (xAI) has become a mandatory requirement for designing and implementing reliable, interpretable, and ethical AI solutions. However, it has been shown that xAI can enable successful adversarial attacks in the domain of fake news detection, leading to a decrease in AI security. This paper presents an attack scheme that uses an explainable solution to reshape the structure of the original message, allowing the adversary to manipulate the model's prediction while keeping the message's meaning intact.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Benyuan Yang, Lili Luo, Zhimeng Wang
Summary: Interoperation is widely used in practical industrial applications, but merging local access control policies may lead to security violations. Dealing with these issues in a multidomain environment is critical, but finding the maximum secure interoperation among individual systems poses a challenge due to the large number of entities and access involved.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Binghui Zou, Chunjie Cao, Longjuan Wang, Sizheng Fu, Tonghua Qiao, Jingzhang Sun
Summary: The ongoing struggle between security researchers and malware has led to the exploration of using convolutional neural networks and capsule networks for classification and identification of malware. However, training these networks requires a significant amount of data and parameters, and the research on capsule networks is still in its early stages, posing challenges.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Hongsong Chen, Xingyu Li, Wenmao Liu
Summary: Multivariate time-series anomaly detection is crucial for maintaining normal operation of physical equipment. Recent advances have been made in this field, but two challenges have limited the model's ability to generalize. To address these challenges, a multivariate time-series anomaly detection model consisting of a characterization network and a forecasting network is proposed. Experimental results demonstrate that this method outperforms baseline methods in terms of detection performance and robustness.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Roberto Doriguzzi-Corin, Domenico Siracusa
Summary: This paper discusses the application of federated learning in the field of cybersecurity and proposes an adaptive mechanism-based federated learning solution for DDoS attack detection in dynamic cybersecurity scenarios. Through experiments, it is demonstrated that the proposed solution outperforms state-of-the-art federated learning algorithms in terms of convergence time and accuracy.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Antonio Giovanni Schiavone
Summary: The usage of HTTPS protocol is crucial for secure communication with websites, ensuring the confidentiality, integrity, and authenticity of online data transmissions. The Municipality2HTTPS research project analyzed the implementation of HTTPS in Italian municipalities' websites and identified areas for improvement.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Domna Bilika, Nikoletta Michopoulou, Efthimios Alepis, Constantinos Patsakis
Summary: Voice Assistants (VAs) are widely used in smart devices, but are vulnerable to attacks, as shown by experiments with popular VAs revealing successful attack rates exceeding 30% and statistical variations among vendors, calling for additional countermeasures to protect user information.
COMPUTERS & SECURITY
(2024)