José Gaviria de la Puerta

Supervised machine learning for the detection of troll profiles in twitter social network: application to a real case of cyberbullying

The use of new technologies along with the popularity of social networks has given the power of anonymity to the users. The ability to create an alter-ego with no relation to the actual user, creates a situation in which no one can certify the match between a profile and a real person. This problem generates situations, repeated daily, in which users with fake accounts, or at least not related to their real identity, publish news, reviews or multimedia material trying to discredit or attack other people who may or may not be aware of the attack. These acts can have great impact on the affected victims’ environment generating situations in which virtual attacks escalate into fatal consequences in real life. In this paper, we present a methodology to detect and associate fake profiles on Twitter social network which are employed for defamatory activities to a real profile within the same network by analysing the content of comments generated by both profiles. Accompanying this approach we also present a successful real life use case in which this methodology was applied to detect and stop a cyberbullying situation in a real elementary school.

International Joint Conference SOCO’13-CISIS’13-ICEUTE’13

This volume of Advances in Intelligent and Soft Computing contains accepted papers presented at SOCO 2013, CISIS 2013 and ICEUTE 2013, all conferences held in the beautiful and historic city of Salamanca (Spain), in September 2013.Soft computing represents a collection or set of computational techniques in machine learning, computer science and some engineering disciplines, which investigate, simulate, and analyze very complex issues and phenomena.After a through peer-review process, the 8th SOCO 2013 International Program Committee selected 40 papers which are published in these conference proceedings, and represents an acceptance rate of 41%. In this relevant edition a special emphasis was put on the organization of special sessions. Four special sessions were organized related to relevant topics as: Systems, Man, and Cybernetics, Data Mining for Industrial and Environmental Applications, Soft Computing Methods in Bioinformatics, and Soft Computing Methods, Modelling and Simulation in Electrical Engineer.The aim of the 6th CISIS 2013 conference is to offer a meeting opportunity for academic and industry-related researchers belonging to the various, vast communities of Computational Intelligence, Information Security, and Data Mining. The need for intelligent, flexible behaviour by large, complex systems, especially in mission-critical domains, is intended to be the catalyst and the aggregation stimulus for the overall event.After a through peer-review process, the CISIS 2013 International Program Committee selected 23 papers which are published in these conference proceedings achieving an acceptance rate of 39%.In the case of 4th ICEUTE 2013, the International Program Committee selected 11 papers which are published in these conference proceedings.The selection of papers was extremely rigorous in order to maintain the high quality of the conference and we would like to thank the members of the Program Committees for their hard work in the reviewing process. This is a crucial process to the creation of a high standard conference and the SOCO, CISIS and ICEUTE conferences would not exist without their help.

Using Dalvik Opcodes for Malware Detection on Android

Over the last few years, computers and smartphones have become essential tools in our ways of communicating with each-other. Nowadays, the amount of applications in the Google store has grown exponentially, therefore, malware developers have introduced malicious applications in that market. The Android system uses the Dalvik virtual machine. Through reverse engineering, we may be able to get the different opcodes for each application. For this reason, in this paper an approach to detect malware on Android is presented, by using the techniques of reverse engineering and putting an emphasis on operational codes used for these applications. After obtaining these opcodes, machine learning techniques are used to classify apps.

Supervised classification of packets coming from a HTTP botnet

The posibilities that the management of a vast amount of computers and/or networks offer, is attracting an increasing number of malware writers. In this document, the authors propose a methodology thought to detect malicious botnet traffic, based on the analysis of the packets flow that circulate in the network. This objective is achieved by means of the parametrization of the static characteristics of packets, which are lately analysed using supervised machine learning techniques focused on traffic labelling so as to face proactively to the huge volume of information nowadays filters work with.

Using Dalvik opcodes for malware detection on android

Over the last few years, computers and smartphones have become essential tools in our ways of communicating with each-other. Nowadays, the amount of applications in the Google store has grown exponentially, therefore, malware developers have introduced malicious applications in that market. The Android system uses the Dalvik virtual machine. Through reverse engineering, we may be able to get the di erent opcodes for each application. For this reason, in this paper an approach to detect malware on Android is presented, by using the techniques of reverse engineering and putting an emphasis on operational codes used for these applications. After obtaining these opcodes, machine learning techniques are used to classify apps.

The Evolution of Permission as Feature for Android Malware Detection

Over the last few years, the presence of mobile devices in our lives has increased, offering us almost the same functionality as personal computers. Since the arrival of Android devices, the amount of applications available for this operating system has increased exponentially. Android has become one of the most popular operating systems in these devices. In fact, malware writers insert malicious applications into Android using the Play store and other alternative markets. Lately, many new approaches have been made. Sanz et al., for instance, presented PUMA, a method used to detect malicious apps just by taking a look at the permissions. In this paper, we present the differences between that interesting approach and a newer and bigger dataset. Besides, we also present an evolution in the permissions along the years.

C&C Techniques in Botnet Development

Botnets are one of the most important threats towards nowadays users of the Internet. The joint of malware capabilities to be exploited in the network services and the increasing number of daily transactions performed in the cloud, makes them an attractive target for cybercriminals who have evolved their old IRC-based communication channels, into decentralized P2P networks, HTTP/S botnets and even Twitter-controlled networks. Against this background, this article analyses the threat that will affect computer networks in the upcoming years by going through these different Command & Control channels used by botmasters to keep the control of their hijacked networks.