• Title/Summary/Keyword: Banking Trojan

Search Result 2, Processing Time 0.015 seconds

Mitigating Mobile Malware Threats: Implementing Gaussian Naïve Bayes for Effective Banking Trojan Detection

  • Najiahtul Syafiqah Ismail;Anis Athirah Masmuhallim;Mohd Talmizie Amron;Fazlin Marini Hussain;Nadiathul Raihana Ismail
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.10
    • /
    • pp.17-24
    • /
    • 2024
  • Mobile phones have become immensely popular as intelligent terminals worldwide. The open-source nature of mobile platforms has facilitated the development of third-party mobile applications, but it has also created an environment for mobile malware to thrive. Unfortunately, the abundance of mobile applications and lax management of some app stores has led to potential risks for mobile users, including privacy breaches and malicious deductions of fees, among other adverse consequences. This research presents a mobile malware static detection method based on Gaussian Naïve Bayes. The approach aims to offer a solution to protect users from potential threats such as Banking Trojan malware. The objectives of this project are to study the requirement of the Naïve Bayes algorithm in Mobile Banking Trojan detection, and to evaluate the performance and accuracy of the Gaussian Naïve Bayes algorithm in the Mobile Banking Trojan detection. This study presents a mobile banking trojan detection system utilizing the Gaussian Naïve Bayes algorithm, achieving a high classification accuracy of 95.83% in distinguishing between benign and trojan APK files.

Management Method to Secure Private Key of PKI using One Time Password (OTP를 이용한 PKI 기반의 개인키 파일의 안전한 관리 방안)

  • Kim, Seon-Joo;Joe, In-June
    • The Journal of the Korea Contents Association
    • /
    • v.14 no.12
    • /
    • pp.565-573
    • /
    • 2014
  • We have various e-commerce like on-line banking, stock trading, shopping using a PC or SmartPhone. In e-commerce, two parties use the certificate for identification and non-repudiation but, the attack on the certificate user steadily has been increasing since 2005. The most of hacking is stealing the public certificate and private key files. After hacking, the stolen public certificate and private key file is used on e-commerce to fraud. Generally, the private key file is encrypted and saved only with the user's password, and an encrypted private key file can be used after decrypted with user password. If a password is exposed to hackers, hacker decrypt the encrypted private key file, and uses it. For this reason, the hacker attacks user equipment in a various way like installing Trojan's horse to take over the user's certificate and private key file. In this paper, I propose the management method to secure private key of PKI using One Time Password certification technique. As a result, even if the encrypted private key file is exposed outside, the user's private key is kept safely.