Detecting Malicious Activity on Smartphones Using Sensor Measurements

AbstractComplex systems are challenging to control because the system responds to the controller in a nonlinear fashion, often incorporating feedback mechanisms. Interdependence of systems poses additional difficulties, as cross-system connections enable malicious activity to spread between layers, increasing systemic risk. In this paper we explore the conditions for an optimal control of cascading failures in a system of interdependent networks. Specifically, we study the Bak–Tang–Wiesenfeld sandpile model incorporating a control mechanism, which affects the frequency of cascades occurring in individual layers. This modification allows us to explore sandpile-like dynamics near the critical state, with supercritical region corresponding to infrequent large cascades and subcritical zone being characterized by frequent small avalanches. Topological coupling between networks introduces dependence of control settings adopted in respective layers, causing the control strategy of a given layer to be influenced by choices made in other connected networks. We find that the optimal control strategy for a layer operating in a supercritical regime is to be coupled to a layer operating in a subcritical zone, since such condition corresponds to reduced probability of inflicted avalanches. However this condition describes a parasitic relation, in which only one layer benefits. Second optimal configuration is a mutualistic one, where both layers adopt the same control strategy. Our results provide valuable insights into dynamics of cascading failures and and its control in interdependent complex systems.

Download Full-text

Detecting Malicious Activity With DNS Backscatter Over Time

IEEE/ACM Transactions on Networking ◽

10.1109/tnet.2017.2724506 ◽

2017 ◽

Vol 25 (5) ◽

pp. 3203-3218 ◽

Cited By ~ 9

Author(s):

Kensuke Fukuda ◽

John Heidemann ◽

Abdul Qadeer

Keyword(s):

Malicious Activity ◽

Over Time

Download Full-text

Malicious Activity Recognition on SCADA Network IEC 60870-5-104 Protocol

10.1109/ict-pep53949.2021.9601066 ◽

2021 ◽

Author(s):

M. Agus Syamsul Arifin ◽

Deris Stiawan ◽

Susanto ◽

Dwi Prasetya ◽

Mohd. Yazid Idris ◽

...

Keyword(s):

Activity Recognition ◽

Malicious Activity

Download Full-text

ARP Request Trend Fitting for Detecting Malicious Activity in LAN

Advances in Intelligent Systems and Computing - Proceedings of the 13th International Conference on Ubiquitous Information Management and Communication (IMCOM) 2019 ◽

10.1007/978-3-030-19063-7_8 ◽

2019 ◽

pp. 89-96

Author(s):

Kai Matsufuji ◽

Satoru Kobayashi ◽

Hiroshi Esaki ◽

Hideya Ochiai

Keyword(s):

Malicious Activity

Download Full-text

Architectural Design of Trusted Platform for IaaS Cloud Computing

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2018040103 ◽

2018 ◽

Vol 8 (2) ◽

pp. 47-65 ◽

Cited By ~ 4

Author(s):

Ubaidullah Alias Kashif ◽

Zulfiqar Ali Memon ◽

Shafaq Siddiqui ◽

Abdul Rasheed Balouch ◽

Rakhi Batra

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Architectural Design ◽

Cloud Services ◽

Core Component ◽

Malicious Activity ◽

The Core ◽

Potential Benefits ◽

Trusted Platform ◽

Access Right

This article describes how the enormous potential benefits provided by the cloud services, made enterprises to show huge interest in adopting cloud computing. As the service provider has control over the entire data of an organization stored onto the cloud, a malicious activity, whether internal or external can tamper with the data and computation. This causes enterprises to lack trust in adopting services due to privacy, security and trust issues. Despite of having such issues, the consumer has no root level access right to secure and check the integrity of procured resources. To establish a trust between the consumer and the provider, it is desirable to let the consumer to check the procured platform hosted at provider side for safety and security. This article proposes an architectural design of a trusted platform for the IaaS cloud computing by the means of which the consumer can check the integrity of a guest platform. TCG's TPM is deployed and used on the consumer side as the core component of the proposed architecture and it is distributed between the service provider and the consumer.

Download Full-text

A Novel Monte-Carlo Simulation-Based Model for Malware Detection (eRBCM)

Electronics ◽

10.3390/electronics10222881 ◽

2021 ◽

Vol 10 (22) ◽

pp. 2881

Author(s):

Muath Alrammal ◽

Munir Naveed ◽

Georgios Tsaramirsis

Keyword(s):

Monte Carlo Simulation ◽

Monte Carlo ◽

Information Systems ◽

Malware Detection ◽

New Model ◽

Malicious Activity ◽

Model Based ◽

Simulation Based ◽

Computer Based ◽

Reinforcement Model

The use of innovative and sophisticated malware definitions poses a serious threat to computer-based information systems. Such malware is adaptive to the existing security solutions and often works without detection. Once malware completes its malicious activity, it self-destructs and leaves no obvious signature for detection and forensic purposes. The detection of such sophisticated malware is very challenging and a non-trivial task because of the malware’s new patterns of exploiting vulnerabilities. Any security solutions require an equal level of sophistication to counter such attacks. In this paper, a novel reinforcement model based on Monte-Carlo simulation called eRBCM is explored to develop a security solution that can detect new and sophisticated network malware definitions. The new model is trained on several kinds of malware and can generalize the malware detection functionality. The model is evaluated using a benchmark set of malware. The results prove that eRBCM can identify a variety of malware with immense accuracy.

Download Full-text

DeepOSN: Bringing deep learning as malicious detection scheme in online social network

IAES International Journal of Artificial Intelligence (IJ-AI) ◽

10.11591/ijai.v9.i1.pp146-154 ◽

2020 ◽

Vol 9 (1) ◽

pp. 146

Author(s):

Putra Wanda ◽

Marselina Endah Hiswati ◽

Huang J. Jie

Keyword(s):

Social Networks ◽

Computer Vision ◽

Deep Learning ◽

Online Social Networks ◽

Link Prediction ◽

Online Social Network ◽

Detection Scheme ◽

Malicious Activity ◽

Manual Analysis ◽

Learning Techniques

Manual analysis for malicious prediction in Online Social Networks (OSN) is time-consuming and costly. With growing users within the environment, it becomes one of the main obstacles. Deep learning is growing algorithm that gains a big success in computer vision problem. Currently, many research communities have proposed deep learning techniques to automate security tasks, including anomalous detection, malicious link prediction, and intrusion detection in OSN. Notably, this article describes how deep learning makes the OSN security technique more intelligent for detecting malicious activity by establishing a classifier model.

Download Full-text

Detecting and analysis malicious activity on remote desktop protocols using integrated security system

2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus) ◽

10.1109/eiconrus.2018.8317024 ◽

2018 ◽

Author(s):

Nikita M. Danchenko ◽

Grigoriy A. Mazurenko

Keyword(s):

Security System ◽

Malicious Activity

Download Full-text

A Three-Vector Approach to Blind Spots in Cybersecurity

Advanced Methodologies and Technologies in System Security, Information Privacy, and Forensics - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-7492-7.ch009 ◽

2019 ◽

pp. 93-104

Author(s):

Mika Westerlund ◽

Dan Craigen ◽

Tony Bailetti ◽

Uruemu Agwae

Keyword(s):

Decision Making ◽

Economic Losses ◽

Malicious Activity ◽

The Core ◽

Human Decision ◽

Blind Spots ◽

Vector Approach

Cyberattacks are often successful due to “blind spots”: biases and preconceived information that affect human decision making. Blind spots that obstruct a person's view of malicious activity may result in massive economic losses. This chapter examines eight cases of successful cyberattacks from economic, technological, and psychological perspectives to blind spots, termed the “core vectors.” While previous research has focused on these vectors in isolation, this chapter combines the vectors for an integrated view. As a result, the chapter provides a novel list of blind spots that enable cybercrime.

Download Full-text

Secure and Reliable Knowledge-Based Intrusion Detection Using Mobile Base Stations in Smart Environments

Encyclopedia of Information Science and Technology, Fifth Edition - Advances in Information Quality and Management ◽

10.4018/978-1-7998-3479-3.ch036 ◽

2021 ◽

pp. 500-513

Author(s):

Ambika N.

Keyword(s):

Intrusion Detection ◽

Mobile Agent ◽

Low Cost ◽

Sensor Nodes ◽

Base Stations ◽

Wireless Sensor Nodes ◽

Detection Scheme ◽

Malicious Activity ◽

Knowledge Based ◽

Reliable Knowledge

Wireless sensor nodes are low cost tiny devices deployed in unsupervised environment. These devices require some kind of security mechanism to tackle different kinds of attacks. Intrusion detection is one such methodology used where the malicious activity is observed, and the target is isolated. Many authors have suggested different methodologies which are detailed in the work. The article also uses intrusion detection scheme to provide reliable network. A mobile agent and an assistance node aids in increasing security and efficiency of the work. The illegitimacy of the node is inferred using the data provided by the assistance and mobile agent. The work minimizes 12.9% of energy consumption, increases security by 3.025%, and increases reliability by 7.07% compared to the previous work.

Download Full-text