Farida Ridzuan

A Proposed System Concept on Enhancing the Encryption and Decryption Method for Cloud Computing

Individual user and organizations benefit from cloud computing services, which allow permanent online storage of files. The problem occurs when companies store highly confidential documents in cloud servers. Therefore, this paper aims to introduce a backbone structure for a cloud storage system where the security and personal privacy is highly maximized. It is very obvious that cloud computing servers are highly protected against unauthorized access, but in some cases these files stored can be accessible by the maintenance staffs. Fully protection is needed to ensure that the files stored in the server are only accessible to owners. This paper proposes a system that will employ Rivest-Shamir-Adleman (RSA) and Advanced Encryption Standard (AES) combination encryption process using USB device. The files may be accessed in the cloud but all the files will remain encrypted till the USB device is plugged into the computer. The point of applying such method is to fully protect the files and avoid using one single password. The randomly generated passkeys are very complex combinations thus user will not be able to fully memorize them. The proposed system will detect the USB that contains the private-key used for the files to be downloaded from the cloud.

Android Mobile Malware Surveillance Exploitation via Call Logs: Proof of Concept

The invention of smartphone have made life easier as it is capable of providing important functions used in users daily life. While different operating system (OS) platform was built for smartphone, Android has become one of the most popular choice. Nonetheless, it is also the most targeted platform for mobile malware attack causing financial loss to the victims. Therefore, in this research, the exploitation on system calls in Android OS platform caused by mobile malware that could lead to financial loss were examined. The experiment was conducted in a controlled lab environment using open source tools by implementing dynamic analysis on 1260 datasets from the Android Malware Genome Project. Based on the experiment conducted, a new system call classification to exploit call logs for mobile attacks has been developed using Covering Algorithm. This new system call classification can be used as a reference for other researcher in the same field to secure against mobile malware attacks by exploiting call logs. In the future, this new system call classification could be used as a basis to develop a new model to detect mobile attacks exploitation via call logs.

Android Mobile Malware Classification Using a Tokenization Approach

Android is one of the most commonly targeted platforms in terms of mobile malware attacks on the part of many users worldwide. Different types of attacks and exploitations have been developed to masquerade as genuine mobile applications in order to obtain confidential information from the victim’s smartphone. Therefore, to overcome these challenges, a new mobile malware classification based on system calls and permissions using a tokenization approach is developed in this paper. The experiment was conducted in a controlled lab environment by using static and dynamic analyses to extract permissions and system calls from call logs. A total of 5560 samples from Drebin were used as training dataset, and 500 samples from Google Playstore were used as testing dataset. The new classification involving the use of a tokenization approach produced a 99.86% accuracy rate and has outperformed existing methods. This new classification can be used as guidance, and reference for other researchers with the same interests. In the future it can be used as input for the formation of a mobile malware detection model.

Text Steganography using Extensions Kashida based on the Moon and Sun Letters Concept

Existing steganography methods are still lacking in terms of capacity. Hence, a new steganography method for Arabic text is proposed. The method hides secret information bits within Arabic letters using two features, which are the moon and sun letters and the redundant Arabic extension character “-” known as Kashida. The Arabic alphabet contains 28 letters, which are classified into 14 sun letters and 14 moon letters. This classification is based on the way these letters affect the pronunciation of the definite article (ال) at the beginning of words. This method uses the sun letters with one extension to hold the secret bits ‘01’, the sun letters with two extensions to hold the secret bits ‘10’, the moon letters with one extension to hold the secret bits ‘00’ and the moon letters with two extensions to hold the secret bits ‘11’. The capacity performance of the proposed method is then compared to three popular text steganographic methods. Capacity is measured based on two factors which are Embedding Ratio (ER) and The Efficiency Ratio (TER). The results show that the Letter Points and Extensions Method produces 24.91% and 21.56% as the average embedding ratio and the average efficiency ratio correspondingly. For the Two Extensions ‘Kashida’ Character Method, the results for the average embedding ratio and the efficiency ratio are 56.76% and 41.81%. For the Text Using Kashida Variation Algorithm method, the average embedding ratio and the average efficiency ratio are 31.61% and 27.82% respectively. Meanwhile, the average embedding ratio and the efficiency ratio for the Proposed Method are 61.16% and 55.70%. Hence, it is concluded that the Proposed Method outweighs the other three methods in terms of their embedding ratio and efficiency ratio which leads to the conclusion that the Proposed Method could provide higher capacity than the other methods.

A New Android Botnet Classification for GPS Exploitation Based on Permission and API Calls

The target of botnet attacks has shifted from the personal computers to smartphones and mobile devices due to computational power and functionality of the mobile devices. Mobile botnet is a network consists of compromised mobile devices controlled by a botmaster through a command and control (C&C) network. Nowadays mobile botnets attacks are increasingly being used for advanced political or financial interest. Due to its popularity amongst the mobile operating system, Android has become the most targeted platform by the mobile botnets. The popularity of Android attracts the attackers to develop malicious applications with the botnet capability to hijack users’ devices. In this paper, a new Android botnet classification based on GPS exploitation based on permissions and API calls is proposed using feature selection. The training was carried out using malware dataset from the Drebin and tested using 800 mobile apps from the Google Play store. The experiment was conducted using static analysis and open source tools in a controlled lab environment. This new classification can be used as a reference for other researchers in the same field to secure against GPS exploitation from Android botnet attacks.

An Efficient Easy Computer Emergency Response Team Malware Reservoir System(eZCERT)

Prior conducting malware analysis, many researchers were facing difficulties to clean up the dataset and they took longer time to complete these processes due to lack of malware dataset that are free from any noise or any irrelevant data and lack of malware analysis skill. Therefore, an efficient Easy Computer Emergency Response Team Malware Reservoir System (eZCERT) has been developed to overcome such problems. It is a comprehensive and an efficient malwares incident handling system where it consists of standard operating procedures (SOP) for malware incident handling. It also has the capability to detect and respond to malware attacks. Furthermore, the novelty of this system is based on the integration of the incident response, apoptosis, case-based reasoning (CBR) and Knowledge Data Discovery (KDD). The evaluation testing result showed that the eZCERT managed to produce a better accuracy detection rate. Hence, this eZCERT can be used as the basis guideline for malware researchers in building malware dataset and doing malware analysis.