Yazar "Sogukpinar, Ibrahim" seçeneğine göre listele

Listeleniyor 1 - 5 / 5
  • [ X ]
    Öğe
    DroidClone: Attack of the Android Malware Clones - A Step Towards Stopping Them
    (Comsis Consortium, 2021) Alam, Shahid; Sogukpinar, Ibrahim
    Code clones are frequent in use because they can be created fast with little effort and expense. Especially for malware writers, it is easier to create a clone of the original than writing a new malware. According to the recent Symantec threat reports, Android continues to be the most targeted mobile platform, and the number of new mobile malware clones grew by 54%. There is a need to develop techniques and tools to stop this attack of Android malware clones. To stop this attack, we propose DroidClone that exposes code clones (segments of code that are similar) in Android applications to help detect malware. DroidClone is the first such effort uses specific control flow patterns for reducing the effect of obfuscations and detect clones that are syntactically different but semantically similar up to a threshold. DroidClone is independent of the programming language of the code clones. When evaluated with real malware and benign Android applications, DroidClone obtained a detection rate of 94.2% and false positive rate of 5.6%. DroidClone, when tested against various obfuscations, was able to successfully provide resistance against all the trivial (Renaming methods, parameters, and nop insertion, etc) and some non-trivial (Call graph manipulation and function indirection, etc.) obfuscations.
  • [ X ]
    Öğe
    Mining and Detection of Anaroia Malware Based on Permissions
    (IEEE, 2018) Sahal, Abdirashid Ahmed; Alam, Shahid; Sogukpinar, Ibrahim
    Due to the open app distribution and more than two billion active users, Android platform continues to serve as low-hanging fruit for malware developers. According to the McAfee threat report, the number of malware families found in the Google Play increased by 30% in 2017. Permission-based access control model is one of the most important mechanisms to protect Android apps against malware. In this paper, we propose a new permission-based model that enhances the efficiency and accuracy of Android malware analysis and detection, and has the capability of potentially detecting previously unknown malware. In this new model, we improve the feature selection by introducing a new weighting method, named TF-IDFCF, based on the class frequency (CF) of the feature. The results of our experiments show that our proposed method has a detection rate of greater than 95.3% with a low false positive rate, when tested with different classifiers.
  • [ X ]
    Öğe
    Mining and Detection of Android Malware Based on Permissions
    (Institute of Electrical and Electronics Engineers Inc., 2018) Sahal, Abdirashid Ahmed; Alam, Shahid; Sogukpinar, Ibrahim
    Due to the open app distribution and more than two billion active users, Android platform continues to serve as low-hanging fruit for malware developers. According to the McAfee threat report, the number of malware families found in the Google Play increased by 30% in 2017. Permission-based access control model is one of the most important mechanisms to protect Android apps against malware. In this paper, we propose a new permission-based model that enhances the efficiency and accuracy of Android malware analysis and detection, and has the capability of potentially detecting previously unknown malware. In this new model, we improve the feature selection by introducing a new weighting method, named TF-IDFCF, based on the class frequency (CF) of the feature. The results of our experiments show that our proposed method has a detection rate of greater than 95.3% with a low false positive rate, when tested with different classifiers. © 2018 IEEE.
  • [ X ]
    Öğe
    Mining Dominance Tree of API Calls for Detecting Android Malware
    (IEEE, 2018) Alam, Shahid; Yildirim, Serdar; Hassan, Mahamat; Sogukpinar, Ibrahim
    According to the recent Symantec threat reports, Android continues to be the most targeted mobile platform, the number of new mobile malware attacks grew by 105% from 2015 to 2016, and the number of new discovered mobile malware variants grew by 54% from 2016 to 2017. A recent McAfee threat report confers that the number of malware families found in the Google play increased by 30% in 2017. There is a need to develop new techniques and methods to stop this inundation of mobile malware attacks. In this paper we propose a new technique named Droid-DomTree that mines dominance tree of API calls in an Android APK for detecting malware. We develop, a sequential model of the dominance tree of API calls and a weighing scheme for assigning weights to each node in the dominance tree for efficient feature selection. A detection rate of 94.3% was obtained with 4 classifiers.
  • [ X ]
    Öğe
    Mininng Dominance Tree of API Calls for Detecting Android Malware
    (Institute of Electrical and Electronics Engineers Inc., 2018) Alam, Shahid; Yildirim, Serdar; Hassan, Mahamat; Sogukpinar, Ibrahim
    According to the recent Symantec threat reports, Android continues to be the most targeted mobile platform, the number of new mobile malware attacks grew by 105% from 2015 to 2016, and the number of new discovered mobile malware variants grew by 54% from 2016 to 2017. A recent McAfee threat report confers that the number of malware families found in the Google play increased by 30% in 2017. There is a need to develop new techniques and methods to stop this inundation of mobile malware attacks. In this paper we propose a new technique named Droid-DomTree that mines dominance tree of API calls in an Android APK for detecting malware. We develop, a sequential model of the dominance tree of API calls and a weighing scheme for assigning weights to each node in the dominance tree for efficient feature selection. A detection rate of 94.3% was obtained with 4 classifiers. © 2018 IEEE.