Gürol Canbek

Keyloggers: Increasing threats to computer security and privacy

Keyloggers are powerful tools that can perform many task. Standard security measures for machine-to-machine interfaces do not protect computer systems from keylogger attacks. Human-to-machine interfaces must be considered to combat keylogger intrusions. The judicious use of keyloggers by employers and computer owners could, in some situations, improve security, privacy, and efficiency. But the possible positive effects must be balanced against the possible negative effects on employees, users, and children.

Clustering and visualization of mobile application permissions for end users and malware analysts

Application permissions at the core of Android security mechanism are the first leading transparent feature for users to assess any mobile application before download or installation and for experts to analyse any malware. Representing vast, dispersed permissions and achieving clarity is not a trivial matter. In this study, we first examined Android permissions, their groups and formal representations with the limitations. We also surveyed limited studies on clustering/visualization of permissions. We grouped 251 Android permissions into 12 clusters semantically and proposed a new visualization approach that looks more conventional to both end users and experts and helps comprehending permissions easily and quickly. We applied the proposed clustering and visualization on calculated discriminative malign permissions concept for malware analysis and demonstrated potential effectiveness of the approach. Our approach improves expressing and understanding of large number of mobile application permissions in a better context, provides more understanding and insight, and helps interpreting or inferring interesting patterns related to permissions for malware classification.

CASUS YAZILIMLAR: BULAŞMA YÖNTEMLERİ VE ÖNLEMLER

Casus yazilimlar, bilgi ve bilgisayar guvenliginde en onemli ve gittikce yayginlasan tehdit ve saldirilarin basindagelmektedir. Bu yazilimlarin kotu niyetli kullanimi sonucunda, bilisim teknolojilerinden yararlanmak isteyen herturlu kullanici ve kurum oldukca ciddi zararlara maruz kalmaktadir. Bu calismada, casus yazilimlarin bilgisayarsistemlerine bulasabilmek icin sik bir sekilde kullandiklari yontemler incelenmistir. Bu yontemler oldukca somutorneklerle desteklenmistir. Casus yazilimlara karsi kullanici ve sistem yoneticisi seviyesinde alinabilecekonlemler, bir araya getirilerek sunulmustur. Casus yazilimlarin bulasma tekniklerinin farkinda olunmasi, buyazilimlara karsi uyanik olunmasini saglayacak; belirtilen onlemlerin takip edilip uygulanmasi etkin bir korunmasaglayacaktir.