Sohail Khan^1,*, Mohammad Nauman², Suleiman Ali Alsaif¹, Toqeer Ali Syed³, Hassan Ahmad Eleraky¹

CMC-Computers, Materials & Continua, Vol.70, No.3, pp. 5345-5362, 2022, DOI:10.32604/cmc.2022.021271

Abstract Mobile phones are an essential part of modern life. The two popular mobile phone platforms, Android and iPhone Operating System (iOS), have an immense impact on the lives of millions of people. Among these two, Android currently boasts more than 84% market share. Thus, any personal data put on it are at great risk if not properly protected. On the other hand, more than a million pieces of malware have been reported on Android in just 2021 till date. Detecting and mitigating all this malware is extremely difficult for any set of human experts. Due to this reason, machine learning–and… More >

Pagnchakneat C. Ouk¹, Wooguil Pak^2,*

CMC-Computers, Materials & Continua, Vol.70, No.2, pp. 3099-3116, 2022, DOI:10.32604/cmc.2022.020202

Abstract The Android operating system has become a leading smartphone platform for mobile and other smart devices, which in turn has led to a diversity of malware applications. The amount of research on Android malware detection has increased significantly in recent years and many detection systems have been proposed. Despite these efforts, however, most systems can be thwarted by sophisticated Android malware adopting obfuscation or native code to avoid discovery by anti-virus tools. In this paper, we propose a new static analysis technique to address the problems of obfuscating and native malware applications. The proposed system provides a unified technique for… More >

Marwan Albahar^*, Mohammed Thanoon, Monaj Alzilai, Alaa Alrehily, Munirah Alfaar, Maimoona Algamdi, Norah Alassaf

CMC-Computers, Materials & Continua, Vol.69, No.2, pp. 2181-2202, 2021, DOI:10.32604/cmc.2021.018260

Abstract Malicious Portable Document Format (PDF) files represent one of the largest threats in the computer security space. Significant research has been done using handwritten signatures and machine learning based on detection via manual feature extraction. These approaches are time consuming, require substantial prior knowledge, and the list of features must be updated with each newly discovered vulnerability individually. In this study, we propose two models for PDF malware detection. The first model is a convolutional neural network (CNN) integrated into a standard deviation based regularization model to detect malicious PDF documents. The second model is a support vector machine (SVM)… More >

Huizhong Sun¹, Guosheng Xu^1,*, Hewei Yu², Minyan Ma³, Yanhui Guo¹, Ruijie Quan⁴

Journal of Quantum Computing, Vol.3, No.2, pp. 55-63, 2021, DOI:10.32604/jqc.2021.017365

Abstract Language detection models based on system calls suffer from certain false negatives and detection blind spots. Hence, the normal behavior sequences of some malware applications for a short period can become malicious behavior within a certain time window. To detect such behaviors, we extract a multidimensional time distribution feature matrix on the basis of statistical analysis. This matrix mainly includes multidimensional time distribution features, multidimensional word pair correlation features, and multidimensional word frequency distribution features. A multidimensional time distribution model based on neural networks is built to detect the overall abnormal behavior within a given time window. Experimental evaluation is… More >

Zhangjie Fu^1,2,3,*, Yongjie Ding¹, Musaazi Godfrey¹

Journal of Cyber Security, Vol.3, No.1, pp. 11-28, 2021, DOI:10.32604/jcs.2021.016632

Abstract Mobile malware occupies a considerable proportion of cyberattacks. With the update of mobile device operating systems and the development of software technology, more and more new malware keep appearing. The emergence of new malware makes the identification accuracy of existing methods lower and lower. There is an urgent need for more effective malware detection models. In this paper, we propose a new approach to mobile malware detection that is able to detect newly-emerged malware instances. Firstly, we build and train the LSTM-based model on original benign and malware samples investigated by both static and dynamic analysis techniques. Then, we build… More >

Zhiguo Chen^1,*, Xiaorui Zhang^1,2, Sungryul Kim³

Intelligent Automation & Soft Computing, Vol.27, No.3, pp. 891-908, 2021, DOI:10.32604/iasc.2021.016933

Abstract The rapid growth of malware poses a significant threat to the security of computer systems. Analysts now need to examine thousands of malware samples daily. It has become a challenging task to determine whether a program is a benign program or malware. Making accurate decisions about the program is crucial for anti-malware products. Precise malware detection techniques have become a popular issue in computer security. Traditional malware detection uses signature-based strategies, which are the most widespread method used in commercial anti-malware software. This method works well against known malware but cannot detect new malware. To overcome the deficiency of the… More >

Zhengqiu Weng^1,2, Timing Chen^1,*, Tiantian Zhu¹, Hang Dong¹, Dan Zhou¹, Osama Alfarraj³

Computer Systems Science and Engineering, Vol.37, No.1, pp. 105-119, 2021, DOI:10.32604/csse.2021.015074

Abstract Internet traffic encryption is a very common traffic protection method. Most internet traffic is protected by the encryption protocol called transport layer security (TLS). Although traffic encryption can ensure the security of communication, it also enables malware to hide its information and avoid being detected. At present, most of the malicious traffic detection methods are aimed at the unencrypted ones. There are some problems in the detection of encrypted traffic, such as high false positive rate, difficulty in feature extraction, and insufficient practicability. The accuracy and effectiveness of existing methods need to be improved. In this paper, we present TLSmell,… More >

Rami Sihwail^*, Khairuddin Omar, Khairul Akram Zainol Ariffin

CMC-Computers, Materials & Continua, Vol.67, No.2, pp. 2301-2320, 2021, DOI:10.32604/cmc.2021.014510

Abstract The study of malware behaviors, over the last years, has received tremendous attention from researchers for the purpose of reducing malware risks. Most of the investigating experiments are performed using either static analysis or behavior analysis. However, recent studies have shown that both analyses are vulnerable to modern malware files that use several techniques to avoid analysis and detection. Therefore, extracted features could be meaningless and a distraction for malware analysts. However, the volatile memory can expose useful information about malware behaviors and characteristics. In addition, memory analysis is capable of detecting unconventional malware, such as in-memory and fileless malware.… More >

Yue Li¹, Guangquan Xu^2,3, Hequn Xian^1,*, Longlong Rao³, Jiangang Shi^4,*

Intelligent Automation & Soft Computing, Vol.25, No.3, pp. 637-647, 2019, DOI:10.31209/2019.100000118

Abstract In order to prevent the spread of Android malware and protect privacy information from being compromised, this study proposes a novel multidimensional hybrid features extraction and analysis method for Android malware detection. This method is based primarily on a multidimensional hybrid features vector by extracting the information of permission requests, API calls, and runtime behaviors. The innovation of this study is to extract greater amounts of static and dynamic features information and combine them, that renders the features vector for training completer and more comprehensive. In addition, the feature selection algorithm is used to further optimize the extracted information to… More >

Chunlai Du¹, Shenghui Liu¹, Lei Si², Yanhui Guo^{2, *}, Tong Jin¹

CMC-Computers, Materials & Continua, Vol.64, No.3, pp. 1785-1796, 2020, DOI:10.32604/cmc.2020.010091

Abstract In recent years, the number of exposed vulnerabilities has grown rapidly and more and more attacks occurred to intrude on the target computers using these vulnerabilities such as different malware. Malware detection has attracted more attention and still faces severe challenges. As malware detection based traditional machine learning relies on exports’ experience to design efficient features to distinguish different malware, it causes bottleneck on feature engineer and is also time-consuming to find efficient features. Due to its promising ability in automatically proposing and selecting significant features, deep learning has gradually become a research hotspot. In this paper, aiming to detect… More >