Mohd Zaki Mas'ud

Analysis of Features Selection and Machine Learning Classifier in Android Malware Detection

The proliferation of Android-based mobile devices and mobile applications in the market has triggered the malware author to make the mobile devices as the next profitable target. With user are now able to use mobile devices for various purposes such as web browsing, ubiquitous services, online banking, social networking, MMS and etc, more credential information is expose to exploitation. Applying a similar security solution that work in Desktop environment to mobile devices may not be proper as mobile devices have a limited storage, memory, CPU and power consumption. Hence, there is a need to develop a mobile malware detection that can provide an effective solution to defence the mobile user from any malicious threat and at the same time address the limitation of mobile devices environment. Prior to this matter, this research focused on evaluating the best features selection to be used in the best machine-learning classifiers. To find the best combination of both features selection and classifier, five sets of different feature selection are applies to five different machine learning classifiers. The classifier outcome is evaluated using the True Positive Rate (TPR), False Positive Rate (FPR), and Accuracy. The best combination of both features selection and classifier can be used to reduce features selection and at the same time able to classify the infected android application accurately.

Profiling mobile malware behaviour through hybrid malware analysis approach

Nowadays, the usage of mobile device among the community worldwide has been tremendously increased. With this proliferation of mobile devices, more users are able to access the internet for variety of online application and services. As the use of mobile devices and applications grows, the rate of vulnerabilities exploitation and sophistication of attack towards the mobile user are increasing as well. To date, Googles Android Operating System (OS) are among the widely used OS for the mobile devices, the openness design and ease of use have made them popular among developer and user. Despite the advantages the android-based mobile devices have, it also invited the malware author to exploit the mobile application on the market. Prior to this matter, this research focused on investigating the behaviour of mobile malware through hybrid approach. The hybrid approach correlates and reconstructs the result from the static and dynamic malware analysis in producing a trace of malicious event. Based on the finding, this research proposed a general mobile malware behaviour model that can contribute in identifying the key features in detecting mobile malware on an Android Platform device.

Preliminary study of host and network-based analysis on P2P Botnet detection

Botnet is a network of compromised computer that running malicious software remotely controlled by an attacker known as Botmaster. The threat of Botnet threaten is widely dangerous and it is crucially to overcome this crisis. Some new bots use P2P protocols to construct command and control system are known as peer-to-peer (P2P) Botnet. More severe when P2P Botnet incorporated the centralized and distributed communication which make it more robust and complicated for detection. Hence, the analysis is necessary to be conducted especially in the combination of host-based and network-based in order to detect bots accurately. This paper provides the details analysis on host-based analysis and network-based analysis to detect P2P bots that will reveal their unique characteristic and behaviors. The result of experimental testbed on datasets show that it is possible to detect effectively P2P Botnet in standalone host and network packets payload. Thus, this analysis can be used for early warning of P2P Botnet activities in the host-and network-level as prevention mechanism.

Enhanced P2P botnets detection framework architecture with hybrid analyzer: Host-based and network-based

Nowadays, botnets are the most advanced cybercrime as being powerful threaten to the internet infrastructure by risking the Internet stability and security. Millions of computers have been hijacking and infecting by botnets especially during peak activity. The P2P botnets exploit users and dominating the P2P technology which make botnets are harder to detect and terminated. As P2P botnets issues been highlighted as its dramatically evolvement, this paper addresses on current problems relate to P2P botnets faced by users and recommending the improvement. Also, this paper concentrated on proposing P2P botnets detection framework. Also, an in-depth analysis of P2P botnets has been conducted to understand and cope with their behaviors and characteristics. The new improvement has been introduced at the propose botnets framework architecture to improve the effectiveness of P2P detection analysis. The framework architecture has been structuralized with hybrid analyzer through the marriage of host-based and network based. Prior to this matter, this research has proposed a new enhancement on framework architecture that has been reinforced by hybrid detection technique to improve the effectiveness and efficiency of P2P botnets detection.

Performance enhancements in IEEE 802.11 DCF MANET through variation of SIFS values in distance vector routing environment

This paper describes and investigates the performance enhancement techniques used in IEEE 802.11g MANET in AODV and DSDV routing environment. Through variation of Short Interframe Space (SIFS) values, a better scheme to enhance the wireless network performance can be achieved. This is important especially to assign high priority network nodes that carry time sensitive data to reach the intended receiver in a timely manner. Using NS-2, network simulations are done and the findings are presented. It is showed that nodes using the variated SIFS values can achieve higher throughput compared to nodes using the default SIFS values.