Nurlida Basir

Security metrics to improve misuse case model

Assessing security at an early stage of the web application development life cycle helps to design a secure system that can withstand malicious attacks. Measuring security at the requirement stage of the system development life cycle assists in mitigating vulnerabilities and increasing the security of the developed system, which reduces cost and rework. In this paper, we present a security metrics model based on the Goal Question Metric approach, focusing on the design of the misuse case model. The security metrics model assists in examining the misuse case model to discover and fix defects and vulnerabilities before moving to the next stages of system development. The presented security metrics are based on the OWASP top 10-2010, in addition to misuse case modelling antipattern.

A Systematic Review Analysis of Root Exploitation for Mobile Botnet Detection

Nowadays, mobile botnet has become as one of the most dangerous threats for smartphone. It has the capabilities of committing many criminal activities, such as remote access, Denial of Service (DoS), phishing, spreading malwares, stealing information and building mobile devices for illegitimate exchange of information and it is crucial to have an efficient mobile botnet detection mechanism. Therefore, this research paper presents a systematic review analysis of root exploitation for mobile botnet detection and a proof of concept how the mobile botnet attacks. This proof of concept includes analysis of mobile botnet sample using reverse engineering technique and static analysis.

Extending V-model practices to support SRE to build secure web application

Technological advancements and rapid growth in the use of the Internet by the society have had a huge impact on information security. It has triggered the need for a major shift in the way web applications are developed. The high level security of these applications is crucial to their success. Therefore, information security has become a core requirement for producing trustworthy software driven by the need to guard critical assets. To develop a web application with adequate security features, it is highly recommended to capture security requirements early in the development lifecycle. In this paper, we propose a way of extending the V-Model requirements engineering phase to aid developers to engineer security requirements for a web application being developed, as well as, handling the security test planning. The aim is to support the proactive definition of security requirements by integrating security requirements engineering (SRE) activities with requirements engineering (RE) activities of the V-model.

Web Accessibility Challenges

Despite the importance of web accessibility in recent years, websites remain partially or completely inaccessible to certain sectors of the population. This is due to several reasons, including web developers’ little or no experience in accessibility and the lack of accurate information about the best ways to quickly and easily identify accessibility problems using different Accessibility Evaluation Methods (AEMs). This paper surveys accessibility literature and presents a general overview of the primary challenges of accessibility barriers on websites. In this sense, we critically investigate main challenges forms related to accessibility including standards and guidelines (WCAG 2.0), during website’s design and development and during evaluation. Finally, a set of recommendations such as enforcing accessibility legislations are presented to overcome some challenges.

A Review of Client-Side Toolbars as a User-Oriented Anti-Phishing Solution

Phishing is a cybercrime in which, Internet users are delivered, commonly through emails, to simulated websites where they could be lured to disclose their personal information for attackers’ benefit. Phishing attacks were increased about 60 % in the second half of 2013 over what was seen in first half of the same year. Although the number of proposed anti-phishing solutions, phishers still able to bypasses anti-phishing systems, in many cases, through users’ inattention behaviour. Therefore, phishing becomes a layered problem that require addressing issues at both of technical and non-technical (human) layers. Numerous of client-side toolbars were proposed as a technical solution to combat phishing attacks at user’s layer. Anti-phishing toolbars however, still unable to completely protect users from phishing attacks. This paper has reviewed theses toolbars to provide a clear understanding about their performance and limitation points. Such a review is required to draw clear directions of future solutions to alliviate these limitations.

Android Mobile Malware Surveillance Exploitation via Call Logs: Proof of Concept

The invention of smartphone have made life easier as it is capable of providing important functions used in users daily life. While different operating system (OS) platform was built for smartphone, Android has become one of the most popular choice. Nonetheless, it is also the most targeted platform for mobile malware attack causing financial loss to the victims. Therefore, in this research, the exploitation on system calls in Android OS platform caused by mobile malware that could lead to financial loss were examined. The experiment was conducted in a controlled lab environment using open source tools by implementing dynamic analysis on 1260 datasets from the Android Malware Genome Project. Based on the experiment conducted, a new system call classification to exploit call logs for mobile attacks has been developed using Covering Algorithm. This new system call classification can be used as a reference for other researcher in the same field to secure against mobile malware attacks by exploiting call logs. In the future, this new system call classification could be used as a basis to develop a new model to detect mobile attacks exploitation via call logs.

Android Mobile Malware Classification Using a Tokenization Approach

Android is one of the most commonly targeted platforms in terms of mobile malware attacks on the part of many users worldwide. Different types of attacks and exploitations have been developed to masquerade as genuine mobile applications in order to obtain confidential information from the victim’s smartphone. Therefore, to overcome these challenges, a new mobile malware classification based on system calls and permissions using a tokenization approach is developed in this paper. The experiment was conducted in a controlled lab environment by using static and dynamic analyses to extract permissions and system calls from call logs. A total of 5560 samples from Drebin were used as training dataset, and 500 samples from Google Playstore were used as testing dataset. The new classification involving the use of a tokenization approach produced a 99.86% accuracy rate and has outperformed existing methods. This new classification can be used as guidance, and reference for other researchers with the same interests. In the future it can be used as input for the formation of a mobile malware detection model.

A Similarity Precision for Selecting Ontology Component in an Incomplete Sentence

Most of the existing methods focus on extracting concepts and identifying the hierarchy of concepts. However, in order to provide the whole view of the domain, the non-taxonomic relationships between concepts are also needed. Most of extracting techniques for non-taxonomic relation only identify concepts and relations in a complete sentence. However, the domain texts may not be properly presented as some sentences in domain text have missing or unsure term of concepts. This paper proposes a technique to overcome the issue of missing concepts in incomplete sentence. The proposed technique is based on the similarity precision for selecting missing concept in incomplete sentence. The approach has been tested with Science corpus. The experiment results were compared with the results that have been evaluated by the domain experts manually. The result shows that the proposed method has increased the relationships of domain texts thus providing better results compared to several existing method.

A New System Call Classification for Android Mobile Malware Surveillance Exploitation via SMS Message

Nowadays, Android has become the most widely used platform for smartphones. Due to the active used of smartphones, the floodgates of mobile malware threats are open every single day. Mobile malware harms users by illegally disable a mobile device, allowing malicious user to remotely control the device and steal personal information stored on the device. One of the surveillance features that attackers could abuse to gain those benefits is by exploiting the SMS message. Therefore, this paper introduces a new system call classification for SMS exploitation using a covering algorithm. The new system call classification can be used as a guidance to defend against mobile malware attacks. 1260 malware samples related to SMS exploitation from the Android Malware Genome Project have been analysed. The experiment was conducted using the dynamic analysis and open source tools in a controlled lab environment.

An Efficient Easy Computer Emergency Response Team Malware Reservoir System(eZCERT)

Prior conducting malware analysis, many researchers were facing difficulties to clean up the dataset and they took longer time to complete these processes due to lack of malware dataset that are free from any noise or any irrelevant data and lack of malware analysis skill. Therefore, an efficient Easy Computer Emergency Response Team Malware Reservoir System (eZCERT) has been developed to overcome such problems. It is a comprehensive and an efficient malwares incident handling system where it consists of standard operating procedures (SOP) for malware incident handling. It also has the capability to detect and respond to malware attacks. Furthermore, the novelty of this system is based on the integration of the incident response, apoptosis, case-based reasoning (CBR) and Knowledge Data Discovery (KDD). The evaluation testing result showed that the eZCERT managed to produce a better accuracy detection rate. Hence, this eZCERT can be used as the basis guideline for malware researchers in building malware dataset and doing malware analysis.