Large-scale Machine Learning-based Malware Detection: Confronting the "10-fold Cross Validation" Scheme with Reality

in Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (2014, March)

To address the issue of malware detection, researchers have recently started to investigate the capabilities of machine- learning techniques for proposing effective approaches. Sev- eral promising results ... [more ▼]

To address the issue of malware detection, researchers have recently started to investigate the capabilities of machine- learning techniques for proposing effective approaches. Sev- eral promising results were recorded in the literature, many approaches being assessed with the common “10-Fold cross validation” scheme. This paper revisits the purpose of mal- ware detection to discuss the adequacy of the “10-Fold” scheme for validating techniques that may not perform well in real- ity. To this end, we have devised several Machine Learning classifiers that rely on a novel set of features built from ap- plications’ CFGs. We use a sizeable dataset of over 50,000 Android applications collected from sources where state-of- the art approaches have selected their data. We show that our approach outperforms existing machine learning-based approaches. However, this high performance on usual-size datasets does not translate in high performance in the wild. [less ▲]

Modeling, composing, and testing of security concerns in a Model-Driven Security approach

in Joosen, Wouter; Martinelli, Fabio; Heyman, Thomas (Eds.) Proceedings of the 2014 ESSoS Doctoral Symposium co-located with the International Symposium on Engineering Secure Software and Systems (ESSoS 2014) (2014, February 26)

Model-Driven Security (MDS) has emerged as a promising sound methodology for supporting the development of secure systems nowadays. Following the advances in MDS, this research work aims at 1) developing ... [more ▼]

Model-Driven Security (MDS) has emerged as a promising sound methodology for supporting the development of secure systems nowadays. Following the advances in MDS, this research work aims at 1) developing new modeling techniques to represent multiple security concerns, 2) (automatically) composing security models with the business logic model (called target model), and 3) testing the security model composition and the resulting secure system against security requirements. These three objectives converge to an integrated MDS framework (and tool chain) which 1) allows a target system model to embed various security concerns, 2) enables the generation of implementation code including configured security infrastructures, and 3) makes these security properties testable by construction. This paper presents the main research modules, the results we have achieved so far, and the main points for future work. [less ▲]

Advances in Model-Driven Security

in Memon, Atif (Ed.) Advances in Computers (2014)

Sound methodologies for constructing security-critical systems are extremely important in order to confront the increasingly varied security threats. As a response to this need, Model-Driven Security has ... [more ▼]

Sound methodologies for constructing security-critical systems are extremely important in order to confront the increasingly varied security threats. As a response to this need, Model-Driven Security has emerged in the early 2000s as a specialized Model-Driven Engineering approach for supporting the development of security-critical systems. In this chapter we summarize the most important developments of Model-Driven Security during the past decade. In order to do so we start by building a taxonomy of the most important concepts of this domain. We then use our taxonomy to describe and evaluate a set of representative and influential Model-Driven Security approaches in the literature. In our development of this topic we concentrate on the concepts shared by Model-Driven Engineering and Model-Driven Security. This allows us to identify and debate the advantages, disadvantages and open issues when applying Model-Driven Engineering to the Information Security domain. This chapter provides a broad view of Model-Driven Security and is intended as an introduction to Model-Driven Security for students, researchers and practitioners. [less ▲]

The NOAH Project: Giving a Chance to Threatened Species in Africa with UAVs

in Bissyandé, Tegawendé F.; van Stam, Gertjan (Eds.) e-Infrastructure and e-Services for Developing Countries (2014)

Organized crime now targets one of the most precious wealth in Africa, the wild life. The most affected by the poaching are the Big 5, whose survival requires attention and efforts from everyone, in ... [more ▼]

Organized crime now targets one of the most precious wealth in Africa, the wild life. The most affected by the poaching are the Big 5, whose survival requires attention and efforts from everyone, in accordance to his own expertise. Just as Noah (A patriarchal character in Abrahamic religions) was tasked to save every species from the Genesis flood, we envision the NOAH Project to (re)make natural parks as a safe haven. This endeavor requires efficient and effective surveillance which is now facilitated by the use of UAVs. We take this approach further by proposing the use of ICT algorithms to automate surveillance. The proposed intelligent system could inspect a bigger area, recognize potential threats and be manage by non-expert users, reducing the expensive resources that are needed by developing countries to address the problem. [less ▲]

Identifying and Visualising Commonality and Variability in Model Variants

in ECMFA 2014 European Conference on Modelling Foundations and Applications (2014)

Bypassing the Combinatorial Explosion: Using Similarity to Generate and Prioritize T-wise Test Configurations for Software Product Lines

in IEEE Transactions on Software Engineering (2014), 40(7), 650-670

Got Issues? Who Cares About It? A Large Scale Investigation of Issue Trackers from GitHub

in Proceedings of the 24th International Symposium on Software Reliability Engineering (ISSRE 2013) (2013, November)

Highly precise taint analysis for Android applications

Report (2013)

Today’s smart phones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by malicious apps that exploit their given privileges to steal such sensitive ... [more ▼]

Today’s smart phones are a ubiquitous source of private and confidential data. At the same time, smartphone users are plagued by malicious apps that exploit their given privileges to steal such sensitive data, or to track users without their consent or even the users noticing. Dynamic program analyses fail to discover such malicious activity because apps have learned to recognize the analyses as they execute. In this work we present FlowDroid, a novel and highly precise taint analysis for Android applications. A precise model of Android’s lifecycle allows the analysis to properly handle callbacks, while context, flow, field and objectsensitivity allows the analysis to track taints with a degree of precision unheard of from previous Android analyses. We also propose DroidBench, an open test suite for evaluating the e↵ectiveness and accuracy of taint-analysis tools specifically for Android apps. As we show through a set of experiments using SecuriBench Micro, DroidBench and a set of well-known Android test applications, our approach finds a very high fraction of data leaks while keeping the rate of false positives low. On DroidBench, our approach achieves 93% recall and 86% precision, greatly outperforming the commercial tools AppScan Source and Fortify SCA. [less ▲]

Assessing Software Product Line Testing Via Model-Based Mutation: An Application to Similarity Testing

in 2013 IEEE Sixth International Conference on Software Testing, Verification and Validation, Workshops Proceedings, Luxembourg, Luxembourg, March 18-22, 2013 (2013)

Sustainable ICT4D in Africa: Where Do We Go From Here?

in EAI International Conference on e-Infrastructure and e-Services for Developing Countries (2013)

In recent years many researchers in Africa and beyond have devoted considerable resources investigating ways to harness the potential of ICT for improving users’ livelihood in developing areas. Topics and ... [more ▼]

In recent years many researchers in Africa and beyond have devoted considerable resources investigating ways to harness the potential of ICT for improving users’ livelihood in developing areas. Topics and domains of interest appear to be broad with recurring themes and solutions. Unfortunately there are no clear research roadmaps on what is urgent and of the state of the art solutions. In this position paper for the AFRICOMM series of conference, we propose to investigate some priorities for ICT4D in Africa. We believe that our work could motivate researchers and create a synergy around a few important challenges of ICT4D in Africa. [less ▲]