Vijay Naidu

A Syntactic Approach for Detecting Viral Polymorphic Malware Variants

Polymorphic malware is currently difficult to identify. Such malware is able to mutate into functionally equivalent variants of themselves. Modern detection techniques are not adequate against this rapidly-mutating polymorphic malware. The age-old approach of signature-based detection is the only one that has the highest detection rate in real time and is used by almost all antivirus software products. The process of current signature extraction has so far been by manual evaluation. Even the most advanced malware detection process which employs heuristic-based approaches requires progressive evaluation and modification by humans to keep up with new malware variants. The aim of the research reported here is to investigate efficient and effective techniques of string matching algorithm for the automatic identification of some or all new polymorphic malware. We demonstrate how our proposed syntactic-based approach using the well-known string matching Smith-Waterman algorithm can successfully detect the known polymorphic variants of JS.Cassandra virus. Our string-matching approach may revolutionize our understanding of polymorphic variant generation and may lead to a new phase of syntactic-based anti-viral software.

Further experiments in biocomputational structural analysis of malware

Initial work on structural analysis of malware using the nature-inspired technique of projecting malware signatures into the amino acid/protein domain was promising in a number of ways, including the demonstration of potential links with real-world pathogen proteins. That initial work was necessarily speculative and limited by a number of experimental factors. The aim of the research reported here is to address some of these limitations and to repeat, with malware code and signatures that can be assured as genuine, the experiments previously reported but with enhancements and improvements. Intriguingly, the outcome is the same: for some reason that is not yet known, matching artificial malware code consensuses after multiple alignment against protein databases returns a high proportion of naturally occurring viral proteins.

Needleman-Wunsch and Smith-Waterman Algorithms for Identifying Viral Polymorphic Malware Variants

Polymorphic malware is currently hard to detect. Such malware is able to mutate into functionally identical variants of themselves. There are no known techniques for automatically identifying such polymorphic malware. Even the most state-of-the-art malware identification system which uses heuristic-based techniques requires ongoing analysis and refinement by humans to compete with new (unknown) malware variants. Initial work investigating string-based approaches for the automatic generation of signatures for the identification of some or all new polymorphic variants was originally encouraging. Nevertheless, that initial work was restricted by a number of experimental aspects. The objective of the research addressed here is to examine the effects of using Needleman-Wunsch and Smith-Waterman algorithms (both enhanced by dynamic programming) in string-based approaches for the automatic identification of signatures for the detection of some or all new polymorphic variants. We show how our proposed syntactic-based technique using the widely known string matching Needleman-Wunsch (global alignment) and Smith-Waterman (local alignment) algorithms can successfully identify the known viral polymorphic malware variants of JS.Cassandra virus and W32.Kitti virus. This string-matching technique, if generalizable to other viruses, may transform our understanding of polymorphic variant generation and may facilitate a new age of syntactic-based anti-viral approaches.

Using different substitution matrices in a string-matching technique for identifying viral polymorphic malware variants

Antivirus systems have difficulty in detecting polymorphic variants of known viruses without explicit signatures for such variants. Initial work on investigating efficient and effective string-based approaches for the automatic generation of signatures for the identification of some or all new polymorphic variants, was initially encouraging. That initial work was restricted by a number of experimental aspects. The aim of the research reported here is to examine the effects of using different substitution matrices in a string-based methods for the automatic generation of signatures for the detection of some or all new polymorphic variants. We establish how our proposed syntactic-based method using the well-known string matching Smith-Waterman algorithm can successfully identify the known polymorphic variants of JS. Cassandra virus. Our string-matching technique may metamorphose our understanding of polymorphic variant generation and may lead to a new phase of syntactic-based anti-viral software.

Analysis and Prevention of Account Hijacking Based INCIDENTS in Cloud Environment

Cloud computing is a technological breakthrough in computing. It has affected each and every part of the information technology, from infrastructure to the software deployment, from programming to the application maintenance. Cloud offers a wide array of solutions for the current day computing needs aided with benefits like elasticity, affordability and scalability. But at the same time, the incidence of malicious cyber activity is progressively increasing at an unprecedented rate posing critical threats to both government and enterprise IT infrastructure. Account or service hijacking is a kind of identity theft and has evolved to be one of the most rapidly increasing types of cyber-attack aimed at deceiving end users. This paper presents an in depth analysis of a cloud security incident that happened on The New York Times online using account hijacking. Further, we present incident prevention methods and detailed incident prevention plan to stop future occurrence of such incidents.

SNP-SNP interactions as risk factors for aggressive prostate cancer

Prostate cancer (PCa) is one of the most significant male health concerns worldwide. Single nucleotide polymorphisms (SNPs) are becoming increasingly strong candidate biomarkers for identifying susceptibility to PCa. We identified a number of SNPs reported in genome-wide association analyses (GWAS) as risk factors for aggressive PCa in various European populations, and then defined SNP-SNP interactions, using PLINK software, with nucleic acid samples from a New Zealand cohort. We used this approach to find a gene x environment marker for aggressive PCa, as although statistically gene x environment interactions can be adjusted for, it is highly impossible in practicality, and thus must be incorporated in the search for a reliable biomarker for PCa. We found two intronic SNPs statistically significantly interacting with each other as a risk for aggressive prostate cancer on being compared to healthy controls in a New Zealand population.