-
Chapter and Conference Paper
Evaluating the Security Posture of 5G Networks by Combining State Auditing and Event Monitoring
5G network technology is being rapidly adopted in various critical infrastructures, mainly due to its unique benefits (e.g., higher throughput, lower latency, and better scalability). This wide-spread and fast...
-
Chapter and Conference Paper
Accurify: Automated New Testflows Generation for Attack Variants in Threat Hunting
In the ever-evolving landscape of cyber security, threat hunting has emerged as a proactive defense line to detect advanced threats. To evade detection, the attackers constantly change their techniques and tac...
-
Chapter and Conference Paper
Modularizing Directed Greybox Fuzzing for Binaries over Multiple CPU Architectures
Directed Greybox Fuzzing has proven effective in vulnerability detection areas such as bug reproduction and patch testing. However, existing directed fuzzers are often difficult to customize, lack modularity a...
-
Chapter and Conference Paper
Seum Spread: Discerning Security Flaws in IoT Firmware via Call Sequence Semantics
Internet-of-Things (IoT) devices play a central role in the modern digital landscape by providing uninterrupted convenience, but their history has been marked by the opportunities they provide bad actors desir...
-
Chapter and Conference Paper
SecMonS: A Security Monitoring Framework for IEC 61850 Substations Based on Configuration Files and Logs
Substations are critical components of the smart grid since compromising them can lead to significant consequences, such as blackouts. Threat modeling aims to model different ways critical networks, such as su...
-
Chapter and Conference Paper
An Enhanced Interface-Based Probabilistic Compositional Verification Approach
In this paper, we aim to advance the state of the art in the verification process of systems, predominantly modeled as Probabilistic Automata (PA). This model accommodates both nondeterministic and probabilist...
-
Chapter
Introduction
Mobile apps have become essential in our life and work, as many of the services we use are provided to us through mobile apps. Moreover, Android OS has become the dominant platform not only for mobile phones a...
-
Chapter
Conclusion
At the heart of the rapid growth of software technologies, the development of mobile apps enhances both economic and social interactions. Mobile apps running on smart devices are nowadays ubiquitous due to the...
-
Chapter
Fingerprinting Android Malware Packages
A fuzzy (hashing) or approximate fingerprint of binary software is a digest that captures its static content, in similar manner to cryptographic hashing fingerprints such as MD5 and SHA1. Still, the fuzzy fing...
-
Chapter
Android Malware Fingerprinting Using Dynamic Analysis
In this chapter, we elaborate a data driven framework for detecting Android malware using automatically engineered features derived from dynamic analyses. The state-of-the-art solutions, such as Chen et al., (...
-
Chapter
Portable Supervised Malware Fingerprinting Using Deep Learning
In this chapter, we propose MalDozer, an innovative and efficient framework for Android malware detection, leveraging sequence mining via neural networks. MalDozer focuses on portable malware detection based on a...
-
Chapter
Background and Related Work
In this chapter, we review and compare the state-of-the-art proposals on Android malware analysis and detection according to a novel taxonomy. Due to the large number of published contributions, we focus our r...
-
Chapter
Robust Android Malicious Community Fingerprinting
Security practitioners can combat large-scale Android malware by decreasing the analysis window size of newly detected malware. The window starts from the first detection until signature generation by anti-malwar...
-
Chapter
Fingerprinting Cyber-Infrastructures of Android Malware
In this chapter, we propose ToGather, an automatic investigation framework for Android malware cyber-infrastructures. In our context, a malware cyber-infrastructure is a set of IP addresses and domain names orche...
-
Chapter and Conference Paper
PetaDroid: Adaptive Android Malware Detection Using Deep Learning
Android malware detection is a significant problem that affects billions of users using millions of Android applications (apps) in existing markets. Thiss paper proposes PetaDroid, a framework for accurate Androi...
-
Chapter
Resilient and Adaptive Android Malware Fingerprinting and Detection
In this chapter, we present PetaDroid, an Android detection system that provides, in contrast to MalDozer (previous chapter), (1) resiliency to common obfuscation techniques by introducing code randomization duri...
-
Chapter
Analyzing Network Level Information
This chapter provides a brief description of the methods employed for collecting initial information about a given suspicious online communication message, including header and network information; and how to ...
-
Chapter
Authorship Characterization
A problem of authorship characterization is to determine the sociolinguistic characteristics of the potential author of a given anonymous text message. Unlike the problems of authorship attribution, where the ...
-
Chapter
Conclusion
The rise of malware attacks in recent years has significantly increased the importance of binary code analysis for extracting intelligence that could be used to propose countermeasures that will attenuate the ...
-
Chapter
Introduction
Binary code fingerprinting is essential to many security use cases and applications; examples include reverse engineering, , malware detection and analysis , threat and vulnerability analysis , patch analysis...
