Sequence Feature Extraction for Malware Family Analysis via Graph Neural Network

25 de September de 2022 18 de August de 2022

Malicious software (malware) causes much harm to our devices and life. We are eager to understand the malware behavior and the threat it made. Most of the record files of malware are variable length and text-based files with time stamps, such as event log data and dynamic analysis profiles. Using the time stamps, we can sort such data into sequence-based data for the following analysis. However, dealing with the text-based sequences with variable lengths is difficult. In addition, unlike natural language text data, most sequential data in information security have specific properties and structure, such as loop, repeated call, noise, etc. To deeply analyze the API call sequences with their structure, we use graphs to represent the sequences, which can further investigate the information and structure, such as the Markov model. Therefore, we design and implement an Attention Aware Graph Neural Network (AWGCN) to analyze the API call sequences. Through AWGCN, we can obtain the sequence embeddings to analyze the behavior of the malware. Moreover, the classification experiment result shows that AWGCN outperforms other classifiers in the call-like datasets, and the embedding can further improve the classic model’s performance.

Pages: 1 2 3

R0:b67b54ef535ceeaf4b3bf38c0cdf8c0b-Framework based on parameterized images on ResNet to identify intrusions in smartwatches or other related devices

Framework based on parameterized images on ResNet to identify intrusions in smartwatches or other related devices

29 de August de 2021 10 de August de 2021

The continuous appearance and improvement of mobile devices in the form of smartwatches, smartphones and other similar devices has led to a growing and unfair interest in putting their users under the magnifying glass and control of applications.

Pages: 1 2 3

R0:a4d69dca3fc7b4bb1e9ce3992edead0d-'Framework' basado en imágenes parametrizadas sobre ResNet para identificar intrusiones en 'smartwatches' u otros dispositivos afines

‘Framework’ basado en imágenes parametrizadas sobre ResNet para identificar intrusiones en ‘smartwatches’ u otros dispositivos afines

1 de August de 2021 29 de August de 2021

La continua aparición y mejora de dispositivos móviles en forma de ‘smartwatches’, ‘smartphones’ y otros dispositivos similares ha propicio un creciente y desleal interés en poner bajo la lupa y el control de los aplicativos a sus usuarios. De forma ofuscada por los fabricantes.

Pages: 1 2 3

TechDispatch #1/2020: Contact Tracing with Mobile Applications

28 de May de 2020 28 de May de 2020

In public health, contact tracing is the process to identify individuals who have been in contact with infected persons. Proximity tracing with smartphone applications and sensors could support contact tracing. It involves processing of sensitive personal data.

Pages: 1 2 3

https://editorialia.com/wp-content/uploads/2020/04/e74ee944-e7de-480c-9b60-665e97c78261.png

Encrypted Traffic Analysis

27 de April de 2020 27 de April de 2020

This report explores the current state of affairs in Encrypted Traffic Analysis and in particular discusses research and methods in 6 key use cases; viz. application identification, network analytics, user information identification, detection of encrypted malware, file/device/website/location fingerprinting and DNS tunnelling detection.

Pages: 1 2

Cyber Attack Detection thanks to Machine Learning Algorithms

9 de February de 2020 9 de February de 2020

Cybersecurity attacks are growing both in frequency and sophistication over the years. This increasing sophistication and complexity call for more advancement and continuous innovation in defensive strategies. Traditional methods of intrusion detection and deep packet inspection, while still largely used
and recommended, are no longer sufficient to meet the demands of growing security threats.

Cybersecurity (Paper)