• Journal of Internet Technology
• /
• 제22권2호
• /
• pp.423-439
• /
• 2021

Android is one of the most popular platforms for the mobile and Internet of Things (IoT) devices. This popularity has made Android-based devices a valuable target of malicious apps. Thus, it is essential to devise automatic and portable malware detection approaches for the Android platform. There are many studies on detecting mobile malware using machine learning techniques. In these studies, however, the dataset is imbalanced or is not large enough to generalize the machine learning model, or the dimensionality of features is too high to apply nonlinear classifiers. In this article, we propose a machine learning-based Android malware detection scheme that uses API calls and permissions as features. To restrict the dimensionality of features, we propose minimal domain knowledge-based and Gini importance-based feature selection. We construct large and balanced real-world datasets to build a generalized and non-skewed model and verify our model through experiments. We achieve 96.51% classification accuracy using Random Forest classifier with low overhead. In addition, we also provide an analysis on falsely classified samples in detail. The analysis results show that API hiding can degrade the performance of API call information-based malware detection systems.

• Journal of Internet Technology
• /
• 제22권5호
• /
• pp.1069-1082
• /
• 2021

The Internet of Things (IoT) is vulnerable to a wide range of security risks, which can be effectively mitigated by applying Cyber Threat Intelligence (CTI) sharing as a proactive mitigation approach. In realizing CTI sharing, it is of paramount importance to guarantee end-to-end protection of the shared information as unauthorized disclosure of CTI is disastrous for organizations using IoT. Furthermore, resource-constrained devices should be supported through lightweight operations. Unfortunately, the aforementioned are not satisfied by the Hypertext Transfer Protocol Secure (HTTPS), which state-of-the-art CTI sharing systems mainly depends on. As a promising alternative to HTTPS, Ephemeral Diffie-Hellman over COSE (EDHOC) can be considered because it meets the above requirements. However, EDHOC in its current version contains several security flaws, most notably due to the unprotected initial message. Consequently, we propose a lightweight end-to-end privacy-preserving security protocol that improves the existing draft EDHOC protocol by utilizing previously shared keys and keying materials while providing ticket-based optimized reauthentication. The proposed protocol is not only formally validated through BAN-logic and AVISPA, but also proved to fulfill essential security properties such as mutual authentication, secure key exchange, perfect forward secrecy, anonymity, confidentiality, and integrity. Also, comparing the protocol's performance to that of the EDHOC protocol reveals a substantial improvement with a single roundtrip to allow frequent CTI sharing.

• The Academic Congress of Korean Shoulder and Elbow Society
• /
• 대한견주관절학회 2004년도 연수강좌
• /
• pp.65-72
• /
• 2004

• The Academic Congress of Korean Shoulder and Elbow Society
• /
• 대한견주관절학회 2004년도 학술대회
• /
• pp.9-11
• /
• 2004

• The Academic Congress of Korean Shoulder and Elbow Society
• /
• 대한견주관절학회 2005년도 제3차 연수강좌
• /
• pp.214-217
• /
• 2005

• The Academic Congress of Korean Shoulder and Elbow Society
• /
• 대한견주관절학회 2000년도 학술대회
• /
• pp.79-79
• /
• 2000

• The Academic Congress of Korean Shoulder and Elbow Society
• /
• 대한견주관절학회 2002년도 학술대회
• /
• pp.83-83
• /
• 2002

• The Academic Congress of Korean Shoulder and Elbow Society
• /
• 대한견주관절학회 1998년도 학술대회
• /
• pp.56-56
• /
• 1998

• The Academic Congress of Korean Shoulder and Elbow Society
• /
• 대한견주관절학회 1998년도 학술대회
• /
• pp.39-39
• /
• 1998

• The Academic Congress of Korean Shoulder and Elbow Society
• /
• 대한견주관절학회 1995년도 Symposium and Workshop
• /
• pp.7-7
• /
• 1995