首页 > 最新文献

EURASIP Journal on Information Security最新文献

英文 中文
Machine learning-based dynamic analysis of Android apps with improved code coverage 基于机器学习的Android应用动态分析,提高代码覆盖率
IF 3.6 Q1 Computer Science Pub Date : 2019-04-29 DOI: 10.1186/s13635-019-0087-1
Suleiman Y. Yerima, Mohammed K. Alzaylaee, Sakir Sezer
This paper investigates the impact of code coverage on machine learning-based dynamic analysis of Android malware. In order to maximize the code coverage, dynamic analysis on Android typically requires the generation of events to trigger the user interface and maximize the discovery of the run-time behavioral features. The commonly used event generation approach in most existing Android dynamic analysis systems is the random-based approach implemented with the Monkey tool that comes with the Android SDK. Monkey is utilized in popular dynamic analysis platforms like AASandbox, vetDroid, MobileSandbox, TraceDroid, Andrubis, ANANAS, DynaLog, and HADM. In this paper, we propose and investigate approaches based on stateful event generation and compare their code coverage capabilities with the state-of-the-practice random-based Monkey approach. The two proposed approaches are the state-based method (implemented with DroidBot) and a hybrid approach that combines the state-based and random-based methods. We compare the three different input generation methods on real devices, in terms of their ability to log dynamic behavior features and the impact on various machine learning algorithms that utilize the behavioral features for malware detection. Experiments performed using 17,444 applications show that overall, the proposed methods provide much better code coverage which in turn leads to more accurate machine learning-based malware detection compared to the state-of- the- art approach.
本文研究了代码覆盖率对基于机器学习的Android恶意软件动态分析的影响。为了最大化代码覆盖率,Android上的动态分析通常需要生成事件来触发用户界面,并最大化地发现运行时行为特征。在大多数现有的Android动态分析系统中,常用的事件生成方法是使用Android SDK附带的Monkey工具实现的基于随机的方法。Monkey被用于流行的动态分析平台,如AASandbox, vetDroid, MobileSandbox, TraceDroid, Andrubis, ANANAS, DynaLog和HADM。在本文中,我们提出并研究了基于有状态事件生成的方法,并将其代码覆盖能力与基于随机的Monkey方法进行了比较。提出的两种方法是基于状态的方法(由DroidBot实现)和结合基于状态和基于随机的方法的混合方法。我们在真实设备上比较了三种不同的输入生成方法,包括它们记录动态行为特征的能力,以及对利用行为特征进行恶意软件检测的各种机器学习算法的影响。使用17,444个应用程序进行的实验表明,总的来说,所提出的方法提供了更好的代码覆盖率,这反过来又导致了更准确的基于机器学习的恶意软件检测,而不是最先进的方法。
{"title":"Machine learning-based dynamic analysis of Android apps with improved code coverage","authors":"Suleiman Y. Yerima, Mohammed K. Alzaylaee, Sakir Sezer","doi":"10.1186/s13635-019-0087-1","DOIUrl":"https://doi.org/10.1186/s13635-019-0087-1","url":null,"abstract":"This paper investigates the impact of code coverage on machine learning-based dynamic analysis of Android malware. In order to maximize the code coverage, dynamic analysis on Android typically requires the generation of events to trigger the user interface and maximize the discovery of the run-time behavioral features. The commonly used event generation approach in most existing Android dynamic analysis systems is the random-based approach implemented with the Monkey tool that comes with the Android SDK. Monkey is utilized in popular dynamic analysis platforms like AASandbox, vetDroid, MobileSandbox, TraceDroid, Andrubis, ANANAS, DynaLog, and HADM. In this paper, we propose and investigate approaches based on stateful event generation and compare their code coverage capabilities with the state-of-the-practice random-based Monkey approach. The two proposed approaches are the state-based method (implemented with DroidBot) and a hybrid approach that combines the state-based and random-based methods. We compare the three different input generation methods on real devices, in terms of their ability to log dynamic behavior features and the impact on various machine learning algorithms that utilize the behavioral features for malware detection. Experiments performed using 17,444 applications show that overall, the proposed methods provide much better code coverage which in turn leads to more accurate machine learning-based malware detection compared to the state-of- the- art approach.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2019-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Spark-based real-time proactive image tracking protection model 基于spark的实时主动图像跟踪保护模型
IF 3.6 Q1 Computer Science Pub Date : 2019-04-03 DOI: 10.1186/s13635-019-0086-2
Yahong Hu, Xia Sheng, Jiafa Mao, Kaihui Wang, Danhong Zhong
With rapid development of the Internet, images are spreading more and more quickly and widely. The phenomenon of image illegal usage emerges frequently, and this has marked impacts on people’s normal life. Therefore, it is of great importance to protect image security and image owner’s rights. At present, most image protection is passive. Most of the time, only when the images had been used illegally and serious adverse consequences had appeared did the image owners discover it. In this paper, a Spark-based real-time proactive image tracking protection model (SRPITP) is proposed to monitor the status of images under protection in real time. Whenever illegal use is found, an alert will be issued to image owners. The model mainly includes image fingerprint extraction module, image crawling module, and image matching module. The experimental results show that in SRPITP, the image matching accuracy rate is above 98.9%, and compared with its stand-alone counterpart, the corresponding time reduction for image extraction and matching are about 58.78% and 61.67%.
随着互联网的快速发展,图像传播的速度越来越快,范围越来越广。图像非法使用现象层出不穷,对人们的正常生活造成了明显的影响。因此,保护图像安全和图像所有者的权利是非常重要的。目前,大多数图像保护是被动的。大多数情况下,只有当图像被非法使用,并出现严重的不良后果时,图像所有者才会发现。本文提出了一种基于spark的实时主动图像跟踪保护模型(SRPITP),用于实时监测被保护图像的状态。一旦发现非法使用,将向图像所有者发出警告。该模型主要包括图像指纹提取模块、图像抓取模块和图像匹配模块。实验结果表明,在SRPITP中,图像匹配正确率达到98.9%以上,与单机相比,相应的图像提取和匹配时间分别减少了58.78%和61.67%。
{"title":"Spark-based real-time proactive image tracking protection model","authors":"Yahong Hu, Xia Sheng, Jiafa Mao, Kaihui Wang, Danhong Zhong","doi":"10.1186/s13635-019-0086-2","DOIUrl":"https://doi.org/10.1186/s13635-019-0086-2","url":null,"abstract":"With rapid development of the Internet, images are spreading more and more quickly and widely. The phenomenon of image illegal usage emerges frequently, and this has marked impacts on people’s normal life. Therefore, it is of great importance to protect image security and image owner’s rights. At present, most image protection is passive. Most of the time, only when the images had been used illegally and serious adverse consequences had appeared did the image owners discover it. In this paper, a Spark-based real-time proactive image tracking protection model (SRPITP) is proposed to monitor the status of images under protection in real time. Whenever illegal use is found, an alert will be issued to image owners. The model mainly includes image fingerprint extraction module, image crawling module, and image matching module. The experimental results show that in SRPITP, the image matching accuracy rate is above 98.9%, and compared with its stand-alone counterpart, the corresponding time reduction for image extraction and matching are about 58.78% and 61.67%.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2019-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506686","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Implementing a blockchain from scratch: why, how, and what we learned 从头开始实现区块链:为什么,如何,以及我们学到了什么
IF 3.6 Q1 Computer Science Pub Date : 2019-03-11 DOI: 10.1186/s13635-019-0085-3
F. Knirsch, A. Unterweger, D. Engel
{"title":"Implementing a blockchain from scratch: why, how, and what we learned","authors":"F. Knirsch, A. Unterweger, D. Engel","doi":"10.1186/s13635-019-0085-3","DOIUrl":"https://doi.org/10.1186/s13635-019-0085-3","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2019-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-019-0085-3","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"65684314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 64
ELSA: efficient long-term secure storage of large datasets (full version) ∗ ELSA:大型数据集的高效长期安全存储(完整版)*
IF 3.6 Q1 Computer Science Pub Date : 2018-10-28 DOI: 10.1186/s13635-020-00108-9
Matthias Geihs, J. Buchmann
{"title":"ELSA: efficient long-term secure storage of large datasets (full version) ∗","authors":"Matthias Geihs, J. Buchmann","doi":"10.1186/s13635-020-00108-9","DOIUrl":"https://doi.org/10.1186/s13635-020-00108-9","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2018-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-020-00108-9","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49498885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Detecting data manipulation attacks on physiological sensor measurements in wearable medical systems 检测可穿戴医疗系统中对生理传感器测量的数据操纵攻击
IF 3.6 Q1 Computer Science Pub Date : 2018-09-29 DOI: 10.1186/s13635-018-0082-y
Hang Cai, K. Venkatasubramanian
{"title":"Detecting data manipulation attacks on physiological sensor measurements in wearable medical systems","authors":"Hang Cai, K. Venkatasubramanian","doi":"10.1186/s13635-018-0082-y","DOIUrl":"https://doi.org/10.1186/s13635-018-0082-y","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2018-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-018-0082-y","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42798231","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A generic integrity verification algorithm of version files for cloud deduplication data storage 一种通用的云重复数据存储版本文件完整性验证算法
IF 3.6 Q1 Computer Science Pub Date : 2018-09-20 DOI: 10.1186/s13635-018-0083-x
Guangwei Xu, Miaolin Lai, Jing Li, Li Sun, Xiujin Shi
{"title":"A generic integrity verification algorithm of version files for cloud deduplication data storage","authors":"Guangwei Xu, Miaolin Lai, Jing Li, Li Sun, Xiujin Shi","doi":"10.1186/s13635-018-0083-x","DOIUrl":"https://doi.org/10.1186/s13635-018-0083-x","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2018-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-018-0083-x","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43095948","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
OMMA: open architecture for Operator-guided Monitoring of Multi-step Attacks OMMA:用于操作员指导的多步骤攻击监控的开放体系结构
IF 3.6 Q1 Computer Science Pub Date : 2018-05-02 DOI: 10.1186/s13635-018-0075-x
Julio Navarro, V. Legrand, A. Deruyver, P. Parrend
{"title":"OMMA: open architecture for Operator-guided Monitoring of Multi-step Attacks","authors":"Julio Navarro, V. Legrand, A. Deruyver, P. Parrend","doi":"10.1186/s13635-018-0075-x","DOIUrl":"https://doi.org/10.1186/s13635-018-0075-x","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2018-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-018-0075-x","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44789279","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
POS-originated transaction traces as a source of contextual information for risk management systems in EFT transactions pos发起的交易跟踪作为EFT交易中风险管理系统的上下文信息来源
IF 3.6 Q1 Computer Science Pub Date : 2018-04-27 DOI: 10.1186/s13635-018-0076-9
A. Sitek, Z. Kotulski
{"title":"POS-originated transaction traces as a source of contextual information for risk management systems in EFT transactions","authors":"A. Sitek, Z. Kotulski","doi":"10.1186/s13635-018-0076-9","DOIUrl":"https://doi.org/10.1186/s13635-018-0076-9","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2018-04-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-018-0076-9","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48298902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Foundations and applications of artificial Intelligence for zero-day and multi-step attack detection 零日和多步骤攻击检测的人工智能基础和应用
IF 3.6 Q1 Computer Science Pub Date : 2018-04-24 DOI: 10.1186/s13635-018-0074-y
P. Parrend, Julio Navarro, Fabio Guigou, A. Deruyver, P. Collet
{"title":"Foundations and applications of artificial Intelligence for zero-day and multi-step attack detection","authors":"P. Parrend, Julio Navarro, Fabio Guigou, A. Deruyver, P. Collet","doi":"10.1186/s13635-018-0074-y","DOIUrl":"https://doi.org/10.1186/s13635-018-0074-y","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2018-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-018-0074-y","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"65684194","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 35
Security evaluation of Tree Parity Re-keying Machine implementations utilizing side-channel emissions 利用侧信道发射的树奇偶校验重密钥机实现的安全性评估
IF 3.6 Q1 Computer Science Pub Date : 2018-04-13 DOI: 10.1186/s13635-018-0073-z
Jonathan Martínez Padilla, Uwe Meyer-Baese, S. Foo
{"title":"Security evaluation of Tree Parity Re-keying Machine implementations utilizing side-channel emissions","authors":"Jonathan Martínez Padilla, Uwe Meyer-Baese, S. Foo","doi":"10.1186/s13635-018-0073-z","DOIUrl":"https://doi.org/10.1186/s13635-018-0073-z","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2018-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-018-0073-z","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"65684164","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
EURASIP Journal on Information Security
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1