The Experts below are selected from a list of 93 Experts worldwide ranked by ideXlab platform
Zvonimir Rakamaric - One of the best experts on this subject based on the ideXlab platform.
-
evaluation of android malware detection based on system calls
International Workshop on Security, 2016Co-Authors: Marko Dimjasevic, Simone Atzeni, Ivo Ugrina, Zvonimir RakamaricAbstract:With Android being the most widespread mobile platform, protecting it against malicious applications is essential. Android users typically install applications from large remote repositories, which provides ample opportunities for malicious newcomers. In this paper, we evaluate a few techniques for detecting malicious Android applications on a repository level. The techniques perform automatic classification based on tracking system calls while applications are executed in a Sandbox Environment. We implemented the techniques in the maline tool, and performed extensive empirical evaluation on a suite of around 12,000 applications. The evaluation considers the size and type of inputs used in analyses. We show that simple and relatively small inputs result in an overall detection accuracy of 93% with a 5% benign application classification error, while results are improved to a 96% detection accuracy with up-sampling. This indicates that system-call based techniques are viable to be used in practice. Finally, we show that even simplistic feature choices are effective, suggesting that more heavyweight approaches should be thoroughly (re)evaluated.
Marko Dimjasevic - One of the best experts on this subject based on the ideXlab platform.
-
evaluation of android malware detection based on system calls
International Workshop on Security, 2016Co-Authors: Marko Dimjasevic, Simone Atzeni, Ivo Ugrina, Zvonimir RakamaricAbstract:With Android being the most widespread mobile platform, protecting it against malicious applications is essential. Android users typically install applications from large remote repositories, which provides ample opportunities for malicious newcomers. In this paper, we evaluate a few techniques for detecting malicious Android applications on a repository level. The techniques perform automatic classification based on tracking system calls while applications are executed in a Sandbox Environment. We implemented the techniques in the maline tool, and performed extensive empirical evaluation on a suite of around 12,000 applications. The evaluation considers the size and type of inputs used in analyses. We show that simple and relatively small inputs result in an overall detection accuracy of 93% with a 5% benign application classification error, while results are improved to a 96% detection accuracy with up-sampling. This indicates that system-call based techniques are viable to be used in practice. Finally, we show that even simplistic feature choices are effective, suggesting that more heavyweight approaches should be thoroughly (re)evaluated.
Ivo Ugrina - One of the best experts on this subject based on the ideXlab platform.
-
evaluation of android malware detection based on system calls
International Workshop on Security, 2016Co-Authors: Marko Dimjasevic, Simone Atzeni, Ivo Ugrina, Zvonimir RakamaricAbstract:With Android being the most widespread mobile platform, protecting it against malicious applications is essential. Android users typically install applications from large remote repositories, which provides ample opportunities for malicious newcomers. In this paper, we evaluate a few techniques for detecting malicious Android applications on a repository level. The techniques perform automatic classification based on tracking system calls while applications are executed in a Sandbox Environment. We implemented the techniques in the maline tool, and performed extensive empirical evaluation on a suite of around 12,000 applications. The evaluation considers the size and type of inputs used in analyses. We show that simple and relatively small inputs result in an overall detection accuracy of 93% with a 5% benign application classification error, while results are improved to a 96% detection accuracy with up-sampling. This indicates that system-call based techniques are viable to be used in practice. Finally, we show that even simplistic feature choices are effective, suggesting that more heavyweight approaches should be thoroughly (re)evaluated.
Simone Atzeni - One of the best experts on this subject based on the ideXlab platform.
-
evaluation of android malware detection based on system calls
International Workshop on Security, 2016Co-Authors: Marko Dimjasevic, Simone Atzeni, Ivo Ugrina, Zvonimir RakamaricAbstract:With Android being the most widespread mobile platform, protecting it against malicious applications is essential. Android users typically install applications from large remote repositories, which provides ample opportunities for malicious newcomers. In this paper, we evaluate a few techniques for detecting malicious Android applications on a repository level. The techniques perform automatic classification based on tracking system calls while applications are executed in a Sandbox Environment. We implemented the techniques in the maline tool, and performed extensive empirical evaluation on a suite of around 12,000 applications. The evaluation considers the size and type of inputs used in analyses. We show that simple and relatively small inputs result in an overall detection accuracy of 93% with a 5% benign application classification error, while results are improved to a 96% detection accuracy with up-sampling. This indicates that system-call based techniques are viable to be used in practice. Finally, we show that even simplistic feature choices are effective, suggesting that more heavyweight approaches should be thoroughly (re)evaluated.
Jan Vykopal - One of the best experts on this subject based on the ideXlab platform.
-
cloud based testbed for simulation of cyber attacks
Network Operations and Management Symposium, 2014Co-Authors: Daniel Kouril, Tomas Rebok, Tomas Jirsik, Jakub Cegan, Martin Drasar, Martin Vizvary, Jan VykopalAbstract:Cyber attacks have become ubiquitous and in order to face current threats it is important to understand them. Studying attacks in a real Environment however, is not viable and therefore it is necessary to find other methods how to examine the nature of attacks. Gaining detailed knowledge about them facilitates designing of new detection methods as well as understanding their impact. In this paper we present a testbed framework to simulate attacks that enables to study a wide range of security scenarios. The framework provides a notion of real-world arrangements, yet it retains full control over all the activities performed within the simulated infrastructures. Utilizing the Sandbox Environment, it is possible to simulate various security attacks and evaluate their impacts on real infrastructures. The design of the framework benefits from IaaS clouds. Therefore its deployment does not require dedicated facilities and the testbed can be deployed over miscellaneous contemporary clouds. The viability of the testbed has been verified by a simulation of particular DDoS attack.
