| 1. |
- Hussain, Syed Asad, et al.
(författare)
-
Multilevel classification of security concerns in cloud computing
- 2017
-
Ingår i: Applied Computing and Informatics. - : Elsevier B.V.. - 2210-8327. ; 13:1, s. 57-65
-
Tidskriftsartikel (refereegranskat)abstract
- Threats jeopardize some basic security requirements in a cloud. These threats generally constitute privacy breach, data leakage and unauthorized data access at different cloud layers. This paper presents a novel multilevel classification model of different security attacks across different cloud services at each layer. It also identifies attack types and risk levels associated with different cloud services at these layers. The risks are ranked as low, medium and high. The intensity of these risk levels depends upon the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorization for different cloud services. The multilevel classification model leads to the provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider. © 2016 King Saud University
|
|
| 2. |
- Shahid, Muhammad, et al.
(författare)
-
Selection of a Graduate Thesis Topic in a Multicultural Educational Environment
- 2013
-
Konferensbidrag (refereegranskat)abstract
- This article presents a case study, performed at Blekinge Institute of Technology (BTH), Sweden, about the topic selection routines for a graduate thesis. The study focuses on the international graduate students who are having different academic cultures of their respective countries. Given that BTH has succeeded in the provision of an academic environment that has been efficient in absorbing different academic cultures in a productive manner at a reasonably good scale. However, in a multi-cultural educational environment, it is a challenge for most international students to adapt to the new academic culture and select the graduate thesis topic according to their real potential. Our findings gathered through an online survey, questionnaire, and focus group discussion is presented. The conclusions indicate, albeit, BTH has well defined routines for the thesis selection, the international graduate students face problems at the stage of thesis selection. The article concludes with suggestions to refine the thesis selection process at the micro level to help both students and staff.
|
|
| 3. |
|
|
| 4. |
- Shahzad, Raja Khurram, et al.
(författare)
-
Accurate Adware Detection using Opcode Sequence Extraction
- 2011
-
Konferensbidrag (refereegranskat)abstract
- Adware represents a possible threat to the security and privacy of computer users. Traditional signature-based and heuristic-based methods have not been proven to be successful at detecting this type of software. This paper presents an adware detection approach based on the application of data mining on disassembled code. The main contributions of the paper is a large publicly available adware data set, an accurate adware detection algorithm, and an extensive empirical evaluation of several candidate machine learning techniques that can be used in conjunction with the algorithm. We have extracted sequences of opcodes from adware and benign software and we have then applied feature selection, using different configurations, to obtain 63 data sets. Six data mining algorithms have been evaluated on these data sets in order to find an efficient and accurate detector. Our experimental results show that the proposed approach can be used to accurately detect both novel and known adware instances even though the binary difference between adware and legitimate software is usually small.
|
|
| 5. |
- Shahzad, Raja Khurram
(författare)
-
Android malware detection using feature fusion and artificial data
- 2018
-
Ingår i: 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec. - : Institute of Electrical and Electronics Engineers (IEEE). - 9781538675182 ; , s. 702-709
-
Konferensbidrag (refereegranskat)abstract
- For the Android malware detection / classification anti-malware community has relied on traditional malware detection methods as a countermeasure. However, traditional detection methods are developed for detecting the computer malware, which is different from Android malware in structure and characteristics. Thus, they may not be useful for Android malware detection. Moreover, majority of suggested detection approaches may not be generalized and are incapable of detecting zero-day malware due to different reasons such as available data set with specific set of examples. Thus, their detection accuracy may be questionable. To address this problem, this paper presents a malware classification approach with a reliable detection accuracy and evaluate the approach using artificially generated examples. The suggested approach generates the signature profiles and behavior profiles of each application in the data set, which are further used as input for the classification task. For improving the detection accuracy, feature fusion of features from filter methods and wrapper method and algorithm fusion is investigated. Without affecting the detection accuracy, the optimal balance between real world examples and synthetic examples is also investigated. The experimental results suggest that both AUC and F1 can be obtained up to 0.94 for both known and unknown malware using original examples and synthetic examples.
|
|
| 6. |
- Shahzad, Raja Khurram, et al.
(författare)
-
Comparative Analysis of Voting Schemes for Ensemble-based Malware Detection
- 2013
-
Ingår i: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications. - : Innovative Information Science & Technology Research Group. - 2093-5374 .- 2093-5382. ; 4:1, s. 98-117
-
Tidskriftsartikel (refereegranskat)abstract
- Malicious software (malware) represents a threat to the security and the privacy of computer users. Traditional signature-based and heuristic-based methods are inadequate for detecting some forms of malware. This paper presents a malware detection method based on supervised learning. The main contributions of the paper are two ensemble learning algorithms, two pre-processing techniques, and an empirical evaluation of the proposed algorithms. Sequences of operational codes are extracted as features from malware and benign files. These sequences are used to create three different data sets with different configurations. A set of learning algorithms is evaluated on the data sets. The predictions from the learning algorithms are combined by an ensemble algorithm. The predicted outcome of the ensemble algorithm is decided on the basis of voting. The experimental results show that the veto approach can accurately detect both novel and known malware instances with the higher recall in comparison to majority voting, however, the precision of the veto voting is lower than the majority voting. The veto voting is further extended as trust-based veto voting. A comparison of the majority voting, the veto voting, and the trust-based veto voting is performed. The experimental results indicate the suitability of each voting scheme for detecting a particular class of software. The experimental results for the composite F1-measure indicate that the majority voting is slightly better than the trusted veto voting while the trusted veto is significantly better than the veto classifier.
|
|
| 7. |
- Shahzad, Raja Khurram, et al.
(författare)
-
Consensus decision making in random forests
- 2015
-
Ingår i: Revised Selected Papers of the First International Workshop on Machine Learning, Optimization, and Big Data. - Cham : Springer International Publishing. ; , s. 347-358
-
Konferensbidrag (refereegranskat)abstract
- The applications of Random Forests, an ensemble learner, are investigated in different domains including malware classification. Random Forests uses the majority rule for the outcome, however, a decision from the majority rule faces different challenges such as the decision may not be representative or supported by all trees in Random Forests. To address such problems and increase accuracy in decisions, a consensus decision making (CDM) is suggested. The decision mechanism of Random Forests is replaced with the CDM. The updated Random Forests algorithm is evaluated mainly on malware data sets, and results are compared with unmodified Random Forests. The empirical results suggest that the proposed Random Forests, i.e., with CDM performs better than the original Random Forests.
|
|
| 8. |
- Shahzad, Raja Khurram, et al.
(författare)
-
Detecting Scareware by Mining Variable Length Instruction Sequences
- 2011
-
Konferensbidrag (refereegranskat)abstract
- Scareware is a recent type of malicious software that may pose financial and privacy-related threats to novice users. Traditional countermeasures, such as anti-virus software, require regular updates and often lack the capability of detecting novel (unseen) instances. This paper presents a scareware detection method that is based on the application of machine learning algorithms to learn patterns in extracted variable length opcode sequences derived from instruction sequences of binary files. The patterns are then used to classify software as legitimate or scareware but they may also reveal interpretable behavior that is unique to either type of software. We have obtained a large number of real world scareware applications and designed a data set with 550 scareware instances and 250 benign instances. The experimental results show that several common data mining algorithms are able to generate accurate models from the data set. The Random Forest algorithm is shown to outperform the other algorithms in the experiment. Essentially, our study shows that, even though the differences between scareware and legitimate software are subtler than between, say, viruses and legitimate software, the same type of machine learning approach can be used in both of these dissimilar cases.
|
|
| 9. |
- Shahzad, Raja Khurram, et al.
(författare)
-
Detection of Spyware by Mining Executable Files
- 2010
-
Konferensbidrag (refereegranskat)abstract
- Spyware represents a serious threat to confidentiality since it may result in loss of control over private data for computer users. This type of software might collect the data and send it to a third party without informed user consent. Traditionally two approaches have been presented for the purpose of spyware detection: Signature-based Detection and Heuristic-based Detection. These approaches perform well against known Spyware but have not been proven to be successful at detecting new spyware. This paper presents a Spyware detection approach by using Data Mining (DM) technologies. Our approach is inspired by DM-based malicious code detectors, which are known to work well for detecting viruses and similar software. However, this type of detector has not been investigated in terms of how well it is able to detect spyware. We extract binary features, called n-grams, from both spyware and legitimate software and apply five different supervised learning algorithms to train classifiers that are able to classify unknown binaries by analyzing extracted n-grams. The experimental results suggest that our method is successful even when the training data is scarce.
|
|
| 10. |
- Shahzad, Raja Khurram, et al.
(författare)
-
Extended Abstract : Detecting Scareware by Mining Variable Length Instruction Sequences
- 2011
-
Konferensbidrag (refereegranskat)abstract
- This paper presents a scareware detection method that is based on performing data mining on extracted variable length opcode sequences derived from instruction sequences of binary files. Our experimental results show that many common supervised learning algorithms generate accurate models from subsets of our data set.
|
|
