Khaled Soliman^1,*, Mohamed Sobh², Ayman M. Bahaa-Eldin²

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 1419-1439, 2024, DOI:10.32604/cmc.2024.048883

Abstract The continuous development of cyberattacks is threatening digital transformation endeavors worldwide and leads to wide losses for various organizations. These dangers have proven that signature-based approaches are insufficient to prevent emerging and polymorphic attacks. Therefore, this paper is proposing a Robust Malicious Executable Detection (RMED) using Host-based Machine Learning Classifier to discover malicious Portable Executable (PE) files in hosts using Windows operating systems through collecting PE headers and applying machine learning mechanisms to detect unknown infected files. The authors have collected a novel reliable dataset containing 116,031 benign files and 179,071 malware samples from diverse sources to ensure the efficiency… More >

Qiang Fu¹, Jun Wang^1,*, Changfu Si¹, Jiawei Liu²

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 329-349, 2024, DOI:10.32604/cmc.2024.048117

Abstract As industrialization and informatization become more deeply intertwined, industrial control networks have entered an era of intelligence. The connection between industrial control networks and the external internet is becoming increasingly close, which leads to frequent security accidents. This paper proposes a model for the industrial control network. It includes a malware containment strategy that integrates intrusion detection, quarantine, and monitoring. Based on this model, the role of key nodes in the spread of malware is studied, a comparison experiment is conducted to validate the impact of the containment strategy. In addition, the dynamic behavior of the model is analyzed, the… More >

Ahsan Wajahat¹, Jingsha He¹, Nafei Zhu¹, Tariq Mahmood^2,3, Tanzila Saba², Amjad Rehman Khan², Faten S. Alamri^4,*

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 651-673, 2024, DOI:10.32604/cmc.2024.047530

Abstract The growing usage of Android smartphones has led to a significant rise in incidents of Android malware and privacy breaches. This escalating security concern necessitates the development of advanced technologies capable of automatically detecting and mitigating malicious activities in Android applications (apps). Such technologies are crucial for safeguarding user data and maintaining the integrity of mobile devices in an increasingly digital world. Current methods employed to detect sensitive data leaks in Android apps are hampered by two major limitations they require substantial computational resources and are prone to a high frequency of false positives. This means that while attempting to… More >

Muhammad Binsawad^*

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 3645-3663, 2024, DOI:10.32604/cmc.2024.048183

Abstract Malware is an ever-present and dynamic threat to networks and computer systems in cybersecurity, and because of its complexity and evasiveness, it is challenging to identify using traditional signature-based detection approaches. The study article discusses the growing danger to cybersecurity that malware hidden in PDF files poses, highlighting the shortcomings of conventional detection techniques and the difficulties presented by adversarial methodologies. The article presents a new method that improves PDF virus detection by using document analysis and a Logistic Model Tree. Using a dataset from the Canadian Institute for Cybersecurity, a comparative analysis is carried out with well-known machine learning… More >

Rahul Gupta¹, Kapil Sharma^1,*, R. K. Garg²

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 4283-4301, 2024, DOI:10.32604/cmc.2024.046890

Abstract The prevalence of smartphones is deeply embedded in modern society, impacting various aspects of our lives. Their versatility and functionalities have fundamentally changed how we communicate, work, seek entertainment, and access information. Among the many smartphones available, those operating on the Android platform dominate, being the most widely used type. This widespread adoption of the Android OS has significantly contributed to increased malware attacks targeting the Android ecosystem in recent years. Therefore, there is an urgent need to develop new methods for detecting Android malware. The literature contains numerous works related to Android malware detection. As far as our understanding… More >

Younghoon Ban, Myeonghyun Kim, Haehyun Cho^*

CMES-Computer Modeling in Engineering & Sciences, Vol.139, No.3, pp. 3535-3563, 2024, DOI:10.32604/cmes.2023.046658

Abstract Antivirus vendors and the research community employ Machine Learning (ML) or Deep Learning (DL)-based static analysis techniques for efficient identification of new threats, given the continual emergence of novel malware variants. On the other hand, numerous researchers have reported that Adversarial Examples (AEs), generated by manipulating previously detected malware, can successfully evade ML/DL-based classifiers. Commercial antivirus systems, in particular, have been identified as vulnerable to such AEs. This paper firstly focuses on conducting black-box attacks to circumvent ML/DL-based malware classifiers. Our attack method utilizes seven different perturbations, including Overlay Append, Section Append, and Break Checksum, capitalizing on the ambiguities present… More >

Syeda Wajiha Zahra¹, Muhammad Nadeem², Ali Arshad^3,*, Saman Riaz³, Muhammad Abu Bakr⁴, Ashit Kumar Dutta⁵, Zaid Alzaid⁶, Badr Almutairi⁷, Sultan Almotairi⁸

CMC-Computers, Materials & Continua, Vol.78, No.1, pp. 589-616, 2024, DOI:10.32604/cmc.2023.042386

Abstract Various organizations store data online rather than on physical servers. As the number of user’s data stored in cloud servers increases, the attack rate to access data from cloud servers also increases. Different researchers worked on different algorithms to protect cloud data from replay attacks. None of the papers used a technique that simultaneously detects a full-message and partial-message replay attack. This study presents the development of a TKN (Text, Key and Name) cryptographic algorithm aimed at protecting data from replay attacks. The program employs distinct ways to encrypt plain text [P], a user-defined Key [K], and a Secret Code… More >

Asma A. Alhashmi¹, Abdulbasit A. Darem^1,*, Sultan M. Alanazi¹, Abdullah M. Alashjaee², Bader Aldughayfiq³, Fuad A. Ghaleb^4,5, Shouki A. Ebad¹, Majed A. Alanazi¹

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3483-3498, 2023, DOI:10.32604/cmc.2023.041038

Abstract In an era marked by escalating cybersecurity threats, our study addresses the challenge of malware variant detection, a significant concern for a multitude of sectors including petroleum and mining organizations. This paper presents an innovative Application Programmable Interface (API)-based hybrid model designed to enhance the detection performance of malware variants. This model integrates eXtreme Gradient Boosting (XGBoost) and an Artificial Neural Network (ANN) classifier, offering a potent response to the sophisticated evasion and obfuscation techniques frequently deployed by malware authors. The model’s design capitalizes on the benefits of both static and dynamic analysis to extract API-based features, providing a holistic… More >

Nida Aslam^1,*, Irfan Ullah Khan², Salma Abdulrahman Bader², Aisha Alansari³, Lama Abdullah Alaqeel², Razan Mohammed Khormy², Zahra Abdultawab AlKubaish², Tariq Hussain^4,*

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3167-3188, 2023, DOI:10.32604/cmc.2023.039721

Abstract One of the most widely used smartphone operating systems, Android, is vulnerable to cutting-edge malware that employs sophisticated logic. Such malware attacks could lead to the execution of unauthorized acts on the victims’ devices, stealing personal information and causing hardware damage. In previous studies, machine learning (ML) has shown its efficacy in detecting malware events and classifying their types. However, attackers are continuously developing more sophisticated methods to bypass detection. Therefore, up-to-date datasets must be utilized to implement proactive models for detecting malware events in Android mobile devices. Therefore, this study employed ML algorithms to classify Android applications into malware… More >

Yi Qing¹, Xiangyu Liu², Yanhui Du^2,*

CMC-Computers, Materials & Continua, Vol.76, No.2, pp. 2095-2119, 2023, DOI:10.32604/cmc.2023.039980

Abstract Distributed Denial of Service (DDoS) attacks have always been a major concern in the security field. With the release of malware source codes such as BASHLITE and Mirai, Internet of Things (IoT) devices have become the new source of DDoS attacks against many Internet applications. Although there are many datasets in the field of IoT intrusion detection, such as Bot-IoT, Constrained Application Protocol–Denial of Service (CoAP-DoS), and LATAM-DDoS-IoT (some of the names of DDoS datasets), which mainly focus on DDoS attacks, the datasets describing new IoT DDoS attack scenarios are extremely rare, and only N-BaIoT and IoT-23 datasets used IoT… More >