Madihah Mohd Saudi

Mobile botnet detection: Proof of concept

Nowadays mobile devices such as smartphones had widely been used. People use smartphones not limited for phone calling or sending messages but also for web browsing, social networking and online banking transaction. To certain extend, all confidential information are kept in their smartphone. As a result, smartphones became as one of the cyber-criminal main target especially through an installation of mobile botnet. Eurograbber is an example of mobile botnet that being installed via infected mobile application without victim knowledge. It will pretense as mobile banking application software and steal financial transaction information from victims smartphone. In 2012, Eurograbber had caused a total loss of USD 47 Million accumulatively all over the world. Based on the implications posed by this botnet, this is the urge where this research comes in. This paper presents a proof of concept on how the botnet works and the ongoing research to detect and respond to the mobile botnet efficiently. Detection of botnet malicious activity is done through an analysis of Crusewind Botnet code using reverse engineering process and static analysis technique.

An overview of apoptosis for computer security

Immune system is essential to human body as it protects our bodies from pathogens in an orchestrated manner. From a computational viewpoint, the immune system has much to offer by way of inspiration. Recently, there has been growing interest in the use of natural immune system as inspiration for the creation novel approaches to computational problem. This field of research is referred as Immunological Computation or Artificial Immune System. The use of artificial system computer security is an appealing concept for two reasons. Firstly, the human immune system provides human body with a high level protection from invading pathogens in robust manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex nature of computer systems and their security. This paper introduces the concept of apoptosis for computer security. This term is borrowed from cell biology and designates the programmed cell death.

A Systematic Review Analysis of Root Exploitation for Mobile Botnet Detection

Nowadays, mobile botnet has become as one of the most dangerous threats for smartphone. It has the capabilities of committing many criminal activities, such as remote access, Denial of Service (DoS), phishing, spreading malwares, stealing information and building mobile devices for illegitimate exchange of information and it is crucial to have an efficient mobile botnet detection mechanism. Therefore, this research paper presents a systematic review analysis of root exploitation for mobile botnet detection and a proof of concept how the mobile botnet attacks. This proof of concept includes analysis of mobile botnet sample using reverse engineering technique and static analysis.

A Proposed System Concept on Enhancing the Encryption and Decryption Method for Cloud Computing

Individual user and organizations benefit from cloud computing services, which allow permanent online storage of files. The problem occurs when companies store highly confidential documents in cloud servers. Therefore, this paper aims to introduce a backbone structure for a cloud storage system where the security and personal privacy is highly maximized. It is very obvious that cloud computing servers are highly protected against unauthorized access, but in some cases these files stored can be accessible by the maintenance staffs. Fully protection is needed to ensure that the files stored in the server are only accessible to owners. This paper proposes a system that will employ Rivest-Shamir-Adleman (RSA) and Advanced Encryption Standard (AES) combination encryption process using USB device. The files may be accessed in the cloud but all the files will remain encrypted till the USB device is plugged into the computer. The point of applying such method is to fully protect the files and avoid using one single password. The randomly generated passkeys are very complex combinations thus user will not be able to fully memorize them. The proposed system will detect the USB that contains the private-key used for the files to be downloaded from the cloud.

Detecting worm attacks in cloud computing environment: Proof of concept

Cloud computing technology is a concept of providing dramatically scalable and virtualized resources, bandwidth, software and hardware on demand to users. Users can request cloud services via a web browser or web service. Cloud computing consists of valuable resources, such as, networks, servers, applications, storage and services with a shared network. By using cloud computing, users can save cost of hardware deployment, software licenses and system maintenance. Many security risks such as worm can interrupt cloud computing services; damage the spiteful service, application or virtual in the cloud structure. Nowadays the worm attacks are becoming more sophisticated and intelligent, makes it is harder to be detected than before. Based on the implications posed by this worm, this is the urge where this research comes in. This paper aims to build a new model to detect worm attacks in cloud computing environment based on worm signature extraction and features behavioral using dynamic analysis. Furthermore this paper presents a proof of concept on how the worm works and discusses the future challenges and the ongoing research to detect worm attacks in cloud computing efficiently.

Designing a new E-Commerce authentication framework for a cloud-based environment

The functional need of executing transaction on Electronic Commerce has made security a necessary built-in feature. Also, placing the E-Commerce portal in cloud through cloud computing technologies has undoubtedly increased the security challenges. Thus necessitate a design of secured authentication framework to be employed by the web-based E-Commerce portals. Existing works on XML-based authentication and comparison with non-XML signature-based security mechanism showed the strength in employing XML digital signature approach in authenticating Business to Consumer E-Commerce. Also the review revealed the limitations in the previously applied XML signature and its application approach. Therefore, this paper aims to design a novel algorithmic security framework for authentication using XML digital signature in conjunction with PKI standard using elliptic curve in B2C cloud-based E-Commerce portal. The novel algorithmic framework will be validated through simulation with C++ as the programming language using Microsoft Windows Environment. The outcome of this research will be an improved authentication mechanism for XML digital signature.

An overview of STAKCERT framework in confronting worms attack

A procedure is one of the most important elements that should be emphasized when handling any incident related with the cyber world. It is easily forgotten by many organizations, IT administrator and users, especially when dealing with the worms attack. Using the incident response methodology as the basis to build up the STAKCERT framework, the researchers have proposed this novel framework which helps to increase the efficiency in handling worm incident, thus facilitate the process of responding to the worm incident. The STAKCERT framework consists of 2 phases where in phase 1, a novel standard operating procedure in worm detection and analysis have been introduced. In phase 2 of the framework, the worm isolation procedure is inspired by apoptosis. Apoptosis is also known as cell programmed death borrowed from the biology term.

STAKCERT Framework in Eradicating Worms Attack

A worm attack is one of the most eye-catching and challenging issues in the cyber world. New and different types of worm attacks are being introduced day by day. Different names have been given to these worms as they evolve such as the ‘superworm’ and researchers all over the world are trying to find the best remedy to counter such attacks. Loss of money, productivity and reputation are amongst some of the well know implication from these types of attacks. Motivated by the consequences caused by the worm attacks, a new framework called STAKCERT is being proposed. STAKCERT stands for Starter Kit Computer Emergency Response Team. This framework is a novel framework for effective detection, analysis and worm isolation inspired by apoptosis. Apoptosis is also known as cell programmed death; borrowed from the biology term. The STAKCERT framework consists of two stages. The first stage involves the detection and analysis of the worm attack, followed by isolation as the second stage. The uniqueness of this framework is based on the integration of worm, incident response and apoptosis.

An efficient network security system through an ontology approach

Ontology analysis has been shown to be an effective first step in the construction of robust knowledge based system. Moreover, the popularity of semantic technologies and the semantic Web has provided several beneficial opportunities for the modeling and computer security communities of interest. This paper describes the role of ontologies in facilitating network security modeling. It outlines the technical challenges in distributed network security simulation modeling and describes how ontology-based methods may be applied to address these challenges. The paper concludes by describing an ontology-based solution framework for network security simulation modeling and analysis and outlining the benefits of this solution approach.

A Review of Client-Side Toolbars as a User-Oriented Anti-Phishing Solution

Phishing is a cybercrime in which, Internet users are delivered, commonly through emails, to simulated websites where they could be lured to disclose their personal information for attackers’ benefit. Phishing attacks were increased about 60 % in the second half of 2013 over what was seen in first half of the same year. Although the number of proposed anti-phishing solutions, phishers still able to bypasses anti-phishing systems, in many cases, through users’ inattention behaviour. Therefore, phishing becomes a layered problem that require addressing issues at both of technical and non-technical (human) layers. Numerous of client-side toolbars were proposed as a technical solution to combat phishing attacks at user’s layer. Anti-phishing toolbars however, still unable to completely protect users from phishing attacks. This paper has reviewed theses toolbars to provide a clear understanding about their performance and limitation points. Such a review is required to draw clear directions of future solutions to alliviate these limitations.