Deep Learning for Android Application Ransomware Detection

Unknown Date

Smartphones and mobile tablets are rapidly growing, and very important nowadays. The most popular mobile operating system since 2012 has been Android. Android is an open source platform that allows developers to take full advantage of both the operating system and the applications itself. However, due to the open source community of an Android platform, some Android developers took advantage of this and created countless malicious applications such as Trojan, Malware, and Ransomware. All which are currently hidden in a large number of benign apps in official Android markets, such as Google PlayStore, and Amazon. Ransomware is a malware that once infected the victim’s device. It will encrypt files, unlock device system, and display a popup message which asks the victim to pay ransom in order to unlock their device or system which may include medical devices that connect through the internet. In this research, we propose to combine permission and API calls, then use Deep Learning techniques to detect ransomware apps from the Android market. Permissions setting and API calls are extracted from each app file by using a python library called AndroGuard. We are using Permissions and API call features to characterize each application, which can identify which application has potential to be ransomware or is benign. We implement our Android Ransomware Detection framework based on Keras, which uses MLP with back-propagation and a supervised algorithm. We used our method with experiments based on real-world applications with over 2000 benign applications and 1000 ransomware applications. The dataset came from ARGUS’s lab [1] which validated algorithm performance and selected the best architecture for the multi-layer perceptron (MLP) by trained our dataset with 6 various of MLP structures. Our experiments and validations show that the MLPs have over 3 hidden layers with medium sized of neurons achieved good results on both accuracy and AUC score of 98%. The worst score is approximately 45% to 60% and are from MLPs that have 2 hidden layers with large number of neurons. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2018. / FAU Electronic Theses and Dissertations Collection

Deep learning

Malware (Computer software)--Prevention

The impact of IT security psychological climate on salient user beliefs toward IT security: an empirical study

Unknown Date

There is a growing need to better understand what influences user behavior for developing comprehensive IT security systems. This study integrates two prominent bodies of research, the theory of planned behavior used to frame the factors influencing user behavior and individual level climate perceptions used to frame organizational environment influences, to develop a multidimensional IT security user behavior model. The model is then used as the basis for a survey based research to empirically test the hypotheses whether the perceived IT security climate of an organization significantly influences the users beliefs regarding the use of IT security. The intent of the study is to extend the theory of planned behavior and IT security literature by investigating salient IT security beliefs and environmental influences on those beliefs. First, anti-spyware was identified as an appropriate target IT security artifact, and then incorporated into a multi-phased research approach. Second, a semi-structured interview process was used to elicit salient beliefs regarding use of the IT security artifact. Third, IT security psychological climate was conceptualized based on the extant literature on organizational climate, safety climate and IT security in order to examine the organizational environment influences on these beliefs. Finally, a survey was used to collect data to validate the constructs and test the hypothesized relationships. / The study found that there was a significant positive relationship between IT security psychological climate and 1) the belief that anti-spyware will protect organizational interests such as privacy and data, 2) the belief that anti-spyware will prevent disruptions to work, 3) the belief that the approval of anti-spyware use by the technical support group is important, 4) the belief that monetary resources are needed to enable the use of anti-spyware, and 5) the belief that time is a facilitating condition for the use of anti-spyware. A discussion of the findings and their implications for theory and practice is provided. / by Janis A. Warner. / Thesis (Ph.D.)--Florida Atlantic University, 2009. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2009. Mode of access: World Wide Web.

Security (Psychology)

Electronic commerce--Security measures

Web sites--Design

Consumer behavior--Mathematical models

Organizational effectiveness

Patterns for secure interactions in social networks in Web 2.0

Unknown Date

A social network is a structure of individuals and organizations, which are connected by one or more types of interdependency, such as friendship, affinity, common interests or knowledge. Social networks use Web 2.0 technology, which is mostly based on a service-oriented architecture. We are studying patterns for social networks in this environment. A pattern is an encapsulated solution to a software problem in a given context, secure threats are possible in this context. We present a collection of patterns associated with the most important aspects of social networks, with emphasis on controlling the actions of the users of these networks. / by Carolina Marina. / Thesis (M.S.C.S.)--Florida Atlantic University, 2012. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2012. Mode of access: World Wide Web.

Web 2.0

Computer network architectures

Social media

Pattern recognition systems

Smart campus

Unknown Date

The Smart Campus project envisions a university campus where technology assists faculty, staff, students and visitors to improve and more efficiently accomplish their daily activities. The objective of this project is to develop a smart phone application that assists users in finding a certain location on campus, locating their friends and professors, interacting with any student or professors of the campus, get the count of users at certain locations and remain updated about all the events and campus news. Through this project, an idea of ‘Futuristic Social Network’ in a Campus is modeled and developed on Android platform. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2014. / FAU Electronic Theses and Dissertations Collection

Ubiquitous computing

Universities and colleges -- Design

Signature schemes in single and multi-user settings

Unknown Date

In the first chapters we will give a short introduction to signature schemes in single and multi-user settings. We give the definition of a signature scheme and explain a group of possible attacks on them. In Chapter 6 we give a construction which derives a subliminal-free RSA public key. In the construction we use a computationally binding and unconditionally hiding commitment scheme. To establish a subliminal-free RSA modulus n, we have to construct the secret primes p and q. To prove p and q are primes we use Lehmann's primality test on the commitments. The chapter is based on the paper, "RSA signature schemes with subliminal-free public key" (Tatra Mountains Mathematical Publications 41 (2008)). In chapter 7 a one-time signature scheme using run-length encoding is presented, which in the random oracle model offers security against chosen-message attacks. For parameters of interest, the proposed scheme enables about 33% faster verification with a comparable signature size than a construction of Merkle and Winternitz. The public key size remains unchanged (1 hash value). The main cost for the faster verification is an increase in the time required for signing messages and for key generation. The chapter is based on the paper "A one-time signature using run-length encoding" (Information Processing Letters Vol. 108, Issue 4, (2008)). / by Viktoria Villanyi. / Thesis (Ph.D.)--Florida Atlantic University, 2009. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2009. Mode of access: World Wide Web.

Cryptography

Coding theory

Data encryption (Computer science)

DIgital watermarking

Resilient system design and efficient link management for the wireless communication of an ocean current turbine test bed

Unknown Date

To ensure that a system is robust and will continue operation even when facing disruptive or traumatic events, we have created a methodology for system architects and designers which may be used to locate risks and hazards in a design and enable the development of more robust and resilient system architectures. It uncovers design vulnerabilities by conducting a complete exploration of a systems’ component operational state space by observing the system from multi-dimensional perspectives and conducts a quantitative design space analysis by means of probabilistic risk assessment using Bayesian Networks. Furthermore, we developed a tool which automated this methodology and demonstrated its use in an assessment of the OCTT PHM communication system architecture. To boost the robustness of a wireless communication system and efficiently allocate bandwidth, manage throughput, and ensure quality of service on a wireless link, we created a wireless link management architecture which applies sensor fusion to gather and store platform networked sensor metrics, uses time series forecasting to predict the platform position, and manages data transmission for the links (class based, packet scheduling and capacity allocation). To validate our architecture, we developed a link management tool capable of forecasting the link quality and uses cross-layer scheduling and allocation to modify capacity allocation at the IP layer for various packet flows (HTTP, SSH, RTP) and prevent congestion and priority inversion. Wireless sensor networks (WSN) are vulnerable to a plethora of different fault types and external attacks after their deployment. To maintain trust in these systems and increase WSN reliability in various scenarios, we developed a framework for node fault detection and prediction in WSNs. Individual wireless sensor nodes sense characteristics of an object or environment. After a smart device successfully connects to a WSN’s base station, these sensed metrics are gathered, sent to and stored on the device from each node in the network, in real time. The framework issues alerts identifying nodes which are classified as faulty and when specific sensors exceed a percentage of a threshold (normal range), it is capable of discerning between faulty sensor hardware and anomalous sensed conditions. Furthermore we developed two proof of concept, prototype applications based on this framework. / Includes bibliography. / Dissertation (Ph.D.)--Florida Atlantic University, 2013.

Fault tolerance (Engineering)

Reliability (Engineering)

Sensor networks -- Security measures

Systems engineering

Misuse Patterns for the SSL/TLS Protocol

Unknown Date

The SSL/TLS is the main protocol used to provide secure data connection between a client and a server. The main concern of using this protocol is to avoid the secure connection from being breached. Computer systems and their applications are becoming more complex and keeping these secure connections between all the connected components is a challenge. To avoid any new security flaws and protocol connections weaknesses, the SSL/TLS protocol is always releasing newer versions after discovering security bugs and vulnerabilities in any of its previous version. We have described some of the common security flaws in the SSL/TLS protocol by identifying them in the literature and then by analyzing the activities from each of their use cases to find any possible threats. These threats are realized in the form of misuse cases to understand how an attack happens from the point of the attacker. This approach implies the development of some security patterns which will be added as a reference for designing secure systems using the SSL/TLS protocol. We finally evaluate its security level by using misuse patterns and considering the threat coverage of the models. / Includes bibliography. / Dissertation (Ph.D.)--Florida Atlantic University, 2017. / FAU Electronic Theses and Dissertations Collection

Computer networks--Security measures.

Computer network protocols.

Computer software--Development.

Computer architecture.

Content identification using video tomography

Unknown Date

Video identification or copy detection is a challenging problem and is becoming increasingly important with the popularity of online video services. The problem addressed in this thesis is the identification of a given video clip in a given set of videos. For a given query video, the system returns all the instance of the video in the data set. This identification system uses video signatures based on video tomography. A robust and low complexity video signature is designed and implemented. The nature of the signature makes it independent to the most commonly video transformations. The signatures are generated for video shots and not individual frames, resulting in a compact signature of 64 bytes per video shot. The signatures are matched using simple Euclidean distance metric. The results show that videos can be identified with 100% recall and over 93% precision. The experiments included several transformations on videos. / by Gustavo A. Leon. / Thesis (M.S.C.S.)--Florida Atlantic University, 2008. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2008. Mode of access: World Wide Web.

Biometric identification

High performance computing

Image processing--Digital techniques

Multimedia systems--Security measures

Password-authenticated two-party key exchange with long-term security

Unknown Date

In the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the intractability of solving a specied number of instances v of the underlying computational problem. Such a design strategy seems particularly interesting when aiming at long-term security guarantees for a protocol, where expensive special purpose equipment might become available to an adversary. In this thesis, we give one protocol for the special case when v = 1 in the random oracle model, then we provide the generalized protocol in the random oracle model and a variant of the generalized protocol in the standard model for v being a polynomial of the security parameter `. / by WeiZheng Gao. / Thesis (Ph.D.)--Florida Atlantic University, 2012. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2012. Mode of access: World Wide Web.

Data encryption (Computer science)

Computer networks (Security measures)

Software protection

Computers--Access control--Passwords

Examining the relationship between fear of crime, self-protective behavior, and situational crime prevention among college students

Unknown Date

Previous researchers have recommended that universities should be deemed very safe places. However, reports of crime have dominated the news, including shootings and mass murders at schools and universities. The issue of reality versus perception is of foremost importance when student safety is at stake. In this paper, the researcher presents the findings from unique data collected from university students related to situational crime prevention, fear of crime, self-protective behaviors, and perceptions of crime prevention programs to better understand the antecedent variables relating to crime prevention. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2014. / FAU Electronic Theses and Dissertations Collection

Campus violence

College students -- Crimes against

Fear of crime