July 2021 - Top 10 Read Articles in Network Security & Its Applications

July 2021: Top 10
Read Articles in
Network Security and
Its Applications
International Journal of Network Security &
Its Applications (IJNSA)
ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html
Citations, h-index, i10-index
Citations 7494 h-index 41 i10-index 162

SECURITY & PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN
INTERNET OF THINGS
Faheem Masoodi1
Shadab Alam2
and Shams Tabrez Siddiqui2
1
Department of Computer Science, University of Kashmir, J&k, India 2
Department of Computer
Science, Jazan University, KSA
ABSTRACT
The idea to connect everything to anything and at any point of time is what vaguely defines the
concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also
facilitating interaction among these connected things. Though the term IoT was introduced in
1999 but has drawn significant attention during the past few years, the pace at which new
devices are being integrated into the system will profoundly impact the world in a good way but
also poses some severe queries about security and privacy. IoT in its current form is susceptible
to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide
security assurance for the data exchange because data is vulnerable to some attacks by the
attackers at each layer of IoT. The IoT has a layered structure where each layer provides a
service. The security needs vary from layer to layer as each layer serves a different purpose. This
paper aims to analyze the various security and privacy threats related to IoT. Some attacks have
been discussed along with some existing and proposed countermeasures.
KEYWORDS
Internet of Things, privacy, attacks, security, threats, protocols.
For More Details : http://aircconline.com/ijnsa/V11N2/11219ijnsa05.pdf
Volume Link : http://airccse.org/journal/jnsa19_current.html

REFERENCES
[1] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of things (IoT): a vision,
architectural elements, and future directions, Future Gener. Comput. Syst. 29 (7) (2013)
1645–1660.
[2] Roman, R., Najera, P., Lopez, J., 2011. Securing the internet of things. Computer 44 (9),
51_58.
[3] Horrow, S., and Anjali, S. (2012). Identity Management Framework for Cloud-Based
Internet of Things. SecurIT ’12 Proceedings of the First International Conference on Security
of Internet of Things, 200– 203. 2012
[4] Whitmore, A., Agarwal, A., and Da Xu, L. (2014). The Internet of Things: A survey of topics
and trends. Information Systems Frontiers, 17(2), 261– 274.
[5] Aazam, M., St-Hilaire, M., Lung, C.-H., and Lambadaris, I. (2016). PRE-Fog: IoT trace
based probabilistic resource estimation at Fog. 2016 13th IEEE Annual Consumer
Communications and Networking Conference (CCNC), 12– 17.
[6] Jiang, H., Shen, F., Chen, S., Li, K. C., and Jeong, Y. S. (2015). A secure and scalable
storage system for aggregate data in IoT. Future Generation Computer Systems, 49, 133–
141.
[7] Li, S., Tryfonas, T., and Li, H. (2016). The Internet of Things: a security point of view.
Internet Research, 26(2), 337– 359.
[8] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash. Internet of things:
A survey on enabling technologies, protocols, and applications. IEEE Communications
Surveys Tutorials, 17(4):2347–2376, Fourth quarter 2015.
[9] Pongle, P., and Chavan, G. (2015). A survey: Attacks on RPL and 6LoWPAN in IoT. 2015
International Conference on Pervasive Computing: Advance Communication Technology
and Application for Society, ICPC 2015, 0(c), 0–5
[10] Tsai, C.-W., Lai, C.-F., and Vasilakos, A. V. (2014). Future Internet of Things: open
issues and challenges. Wireless Networks, 20(8), 2201–2217.
[11] V. Karagiannis, P. Chatzimisios, F. Vazquez-Gallego, and J. Alonso-Zarate, "A survey
on application layer protocols for the internet of things," Transaction on IoT and Cloud
Computing, vol. 3, no. 1, pp. 11-17, 2015
[12] D. Locke, "MQ telemetry transport (MQTT) v3. 1 protocol specification," IBM
Developer WorksTechnicalLibrary,2010,
http://www.ibm.com/developerworks/webservices/library/wsmqtt/index.html

[13] M. Singh, M. Rajan, V. Shivraj, and P. Balamuralidhar, "Secure MQTT for the Internet
of Things (IoT)," in Fifth International Conference on Communication Systems and Network
Technologies (CSNT 2015), April 2015, pp. 746-751.
[14] OASIS, "OASIS Advanced Message Queuing Protocol (AMQP) Version 1.0," 2012,
http://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-complete-v1.0-os.pdf
[15] T. Winter, et al., "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks,"
IETF RFC 6550, Mar. 2012, http://www.ietf.org/rfc/rfc6550.txt
[16] A. Aijaz and A. Aghvami, "Cognitive machine-to-machine communications for internet-
of-things: A protocol stack perspective," IEEE Internet of Things Journal, vol. 2, no. 2, pp.
103-112, April 2015,
[17] http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=7006643
[18] Z. Zhou, B. Yao, R. Xing, L. Shu, and S. Bu, "E-CARP: An energy-efficient routing
protocol for UWSNs on the internet of underwater things," IEEE Sensors Journal, vol. PP,
no. 99, 2015, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7113774
[19] D. Dujovne, T. Watteyne, X. Vilajosana, and P. Thubert, "6TiSCH: Deterministic IP-
enabled industrial internet (of things)," IEEE Communications Magazine, vol. 52, no.12, pp.
36-41, December 2014, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6979984
[20] M. Hasan, E. Hossain, D. Niyato, "Random access for machine-to-machine
communication in LTEadvanced networks: issues and approaches," in IEEE
Communications Magazine, vol. 51, no. 6, pp.86-93, June 2013,
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6525600
[21] Z-Wave, "Z-Wave Protocol Overview," v. 4, May 2007,
https://wiki.ase.tut.fi/courseWiki/imges/9/94/SDS10243_2_Z_Wave_Protocol_Overview.pdf
[22] ZigBee Standards Organization, “ZigBee Specification,” Document 053474r17, Jan
2008, 604 pp., http://home.deib.polimi.it/cesana/teaching/IoT/papers/ZigBee/ZigBeeSpec.pdf
[23] O. Cetinkaya and O. Akan, "A dash7-based power metering system," in 12th Annual
IEEE Consumer Communications and Networking Conference (CCNC), Jan 2015, pp. 406-
411, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=7158010
[24] Zhang, Zhi-Kai, et al. ”IoT security: ongoing challenges and research opportunities.”
ServiceOriented Computing and Applications (SOCA), 2014 IEEE 7th International
Conference on. IEEE, 2014.
[25] D. Migault, D. Palomares, E. Herbert, W. You, G. Ganne, G. Arfaoui, and M. Laurent,
“E2E: An Optimized IPsec Architecture for Secure And Fast Offload,” in Seventh
International Conference on Availability, Reliability and Security E2E: 2012.

[26] Abomhara, Mohamed, and Geir M. Køien. ”Security and privacy in the Internet of
Things: Current status and open issues.” Privacy and Security in Mobile Systems (PRISMS),
2014 International Conference on. IEEE, 2014.
[27] B. L. Suto, “Analyzing the Accuracy and Time Costs of Web Application Security
Scanners,” San Fr., no. October 2007, 2010.
[28] O. El Mouaatamid, M. LahmerInternet of Things security: layered classification of
attacks and possible countermeasures Electron J (9) (2016).
[29] Seda F. Gürses/Bettina Berendt/Thomas Santen, Multilateral Security Requirements
Analysis for Preserving Privacy in Ubiquitous Environments, in Bettina Berendt/Ernestina
Menasalvas (eds), Workshop on Ubiquitous Knowledge Discovery for Users (UKDU '06), at
51–64;
[30] Stankovic, J. (2014). Research directions for the internet of things. IEEE Internet of
Things Journal, 1(1), 3–9
[31] Sicari, Sabrina, et al. "Security, privacy and trust in the Internet of Things: The road
ahead." Computer Networks76 (2015): 146-164.
[32] https://www.cso.com.au/article/575407/internet-things-iot-threats-countermeasures/
Accessed on 15-03-2019
[33] Bokhari, Mohammad Ubaidullah, and Faheem Masoodi. "Comparative analysis of
structures and attacks on various stream ciphers." Proceedings of the 4th National
Conference. 2010.

PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
Wosah Peace Nmachi and Thomas Win
School of Computing & Engineering University of Gloucestershire, Park Campus, Cheltenham
GL50 2RH United Kingdom
ABSTRACT
Email is a channel of communication which is considered to be a confidential medium of
communication for exchange of information among individuals and organisations. The
confidentiality consideration about e-mail is no longer the case as attackers send malicious
emails to users to deceive them into disclosing their private personal information such as
username, password, and bank card details, etc. In search of a solution to combat phishing
cybercrime attacks, different approaches have been developed. However, the traditional exiting
solutions have been limited in assisting email users to identify phishing emails from legitimate
ones. This paper reveals the different email and website phishing solutions in phishing attack
detection. It first provides a literature analysis of different existing phishing mitigation
approaches. It then provides a discussion on the limitations of the techniques, before concluding
with an explorationin to how phishing detection can be improved.
KEYWORDS
Cyber-security, Phishing Email Attack, Deep Learning, Stylometric Analysis, Cyber Human
Behaviour
For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa05.pdf

REFERENCES
[1] Leite C., Gondim J. J. C., Barreto P. S., and Alchieri E. A., (2019). Waste flooding: A
phishing retaliation tool
[2] Xiujuan W., Chenxi Z., Kangfeng Z., Haoyang T., &Yuanrui T.(2019)detecting spear-
phishing emails based on authentication
[3] Duman S, Kalkan-Cakmakci K, Egele M. (2016)EmailProfiler: Spear phishing filtering with
header and stylometric features of emails.
[4] Calix K., Connors M., Levy D., Manzar H., McCabe G., & Westcott S. (2008). Stylometry
for E-mail author identification and authentication
[5] Gupta B. B., Arachchilage N A.G., &Psannis K. E. (2018).Defending against phishing
attacks: taxonomy of methods, current issues and future direction
[6] Dewan P, Kashyap A, &Kumaraguru P. (2014). Analysingsocial and stylometric features to
identify spear phishing emails
[7] AbahussainO. &Harrath Y. (2019). Detection of malicious emails through regular
expressions and databases
[8] Helmi R. A. A., Ren C. S.&Jamal A. (2019). Email anti-phishing detection application
[9] Asanka N. G.A.,Steve L.&Beznosov K. (2016) Phishing threat avoidance behaviour: An
empirical investigation
[10] Mohammad R., Thabtah F. & McCluskey L. (2015): Tutorial and critical analysis of
phishing websites methods
[11] Heartfield Ryan& George Loukas, (2018) Detecting semantic social engineering attacks
with the weakest link: Implementation and empirical evaluation of a human-as-a-security-
sensor framework
[12] Baniya T., Gautam D.& Kim Y. (2015). Safeguarding web surfing with URL blacklisting
[13] Canova G., Volkamer M., Bergmann C., &Borza R. (2014). NoPhish: An anti-phishing
education app
[14] Bottazzi G., Casalicchio E., Marturana F., &Piu M. (2015). MP-shield: A framework for
phishing detection in mobile devices.
[15] Li, J., Li, J., Chen, X., Jia, C., & Lou, W. (2015) Identity-based encryption without
sourced revocation incloud computing

[16] Qabajeh I.,Thabtah F.,&Chiclana F. (2018) A recent review of conventional vs.
automated cybersecurity anti-phishing techniques
[17] Lötter Andrés.&Futcher Lynn, (2015) A framework to Assist Email Users in the
Identification of Phishing Attacks
[18] Gascon H., Ullrich S., Stritter B. &Rieck K. (2018) Reading between the lines: content-
agnostic detection of spear-phishing emails
[19] Smadi S., Aslam N., & Zhang L. (2018). Detection of online phishing email using
dynamic evolving neural network based on reinforcement learning
[20] Chandrasekaran M., Narayanan K., andUpadhayayaS. (2006) Phishing e-mail detection
based on structural properties.
[21] Ghafir I., Saleem J., Hammoudeh M., Faour H., Prenosil V., Jaf S., Jabbar S. & Baker T.
(2018). Security threats to critical infrastructure: the human factor
[22] Khonji M, Iraqi Y& Jones A. (2011). Mitigation of spear phishing attacks: A Content-
based Authorship Identification framework
[23] Iqbal F, BinsalleehH&Fung B C M. (2010). Mining writeprints from anonymous e-mails
for forensic investigation
[24] Lyon, J.& Wong M. (2006). Sender ID: authenticating e-mail,” RFC 4406.
[25] KunjuM.V., Esther D., Anthony H. C. &BhelwaS. (2019) Evaluation of phishing
techniques based on machine learning
[26] Peng T., Harris I., &Sawa Y. (2018).Detecting phishing attacks using natural language
processing and machine learning
[27] SahingozO.K.,Buber E., Demir O., &Diri B. (2019). Machine learning based phishing
detection from URLs
[28] Zhang, Y., Hong, J. I., &Cranor, L. F.(2007). Cantina: A content based approach to
detecting phishing web sites.
[29] Suganya V. (2016): A review on phishing attacks and various anti-phishing techniques
[30] Abdelhamid N., Ayesh A. &Thabtah F. (2014) Phishing detection based associative
classification data mining
[31] SternfeldUri&Striem-Amit Yonatan. (2019) Prevention of rendezvous generation
algorithm (RGA) and domain generation algorithm (DGA) malware over exiting internet
services.

[32] Akarsh S., Sriram S., &Poornachandran P.(2019) Deep learning framework for domain
generation algorithms prediction using long short-term memory.
[33] Bagui S., Nandi D.,Subhash B. & White J.R (2019) Classifying phishing email using
machine learning and deep learning
[34] Jain Kumar Ankit. & Gupta B.B. (2018). A machine learning based approach for
phishing detection using hyperlinks information
[35] Vinayakumar R., Soman K. P., Poornachandran P., Akarsh S. &Elhoseny M. (2019)
Deep learning framework for cyber threat situational awareness based on email and url data
analysis.
[36] Park Gilchan and Rayz Julia (2018).Ontological detection of phishing emails
[37] Surbhi G., Abhishek S.&Akanksha K. (2016). A literature survey on social engineering
attacks: phishing attack
[38] Jamil A., Asif K.& Ghulam Z. (2018) MPMPA: A mitigation and prevention model for
social engineering based phishing attacks on facebook
[39] Platsis George, (2018) Thehuman factor: Cyber security's greatest challenge
[40] NaimBaftiu. (2017).Cyber security in Kosovo
[41] Abdelhamid N., Thabtah F. & Abdel-jaber H. (2017) Phishing detection: A recent
intelligent machine learning comparison based on models content and features
[42] Alsharnouby M., Alaca F., Chiasson S. (2015)Why phishing still works: User strategies
for combating phishing attacks
[43] Chou N., Ledesma R., Teraguchi Y., Boneh D., and Mitchell J. C. (2004) “Client-side
defence against web-based identity theft”.
[44] Prakash P., Kumar M., Rao R. K. and Gupta M. (2010) PhishNet: Predictive blacklisting
to detect phishing attacks
[45] Delany Mark, (2007) Domain-based email authentication using public keys advertised in
the DNS (Domain Keys).
[46] Saidani N., Adi K. and AlliliM. S. (2020)A semantic-based classification approach for an
enhanced spam detection.
[47] Bhowmick A. and Hazarika S.M. (2016) Machine learning for e-mail spam filtering:
review techniques and trends.

EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS
ATTACK STRATEGIES
Iyas Alodat
Department of Computer and Information System, Jerash University, Jerash, Jordan
ABSTRACT
In this paper, we examined the effect on network performance of the various strategies an
attacker could adopt to launch Man-In The Middle (MITM) attacks on the wireless network,
such as fleet or random strategies. In particular, we're focusing on some of those goals for MITM
attackers - message delay, message dropping. According to simulation data, these attacks have a
significant effect on legitimate nodes in the network, causing vast amounts of infected packets,
end-to-end delays, and significant packet loss.
KEYWORDS
Wireless Network, Mobile Network, security; Man-In-The-Middle Attack; smart cities;
simulation; Intelligent Transportation System; Internet-of-Things.

REFERENCES
[1] Burchfiel, J., Tomlinson, R., & Beeler, M. (1975, May). Functions and structure of a packet
radio station. In Proceedings of the May 19-22, 1975, national computer conference and
exposition (pp. 245-251).
[2] Toor, Y., Muhlethaler, P., Laouiti, A., & De La Fortelle, A. (2008). Vehicle ad hoc networks:
Applications and related technical issues. IEEE communications surveys & tutorials, 10(3),
74-88.
[3] Bauwens, J., Jooris, B., Giannoulis, S., Jabandžić, I., Moerman, I., & De Poorter, E. (2019).
Portability, compatibility and reuse of MAC protocols across different IoT radio platforms.
Ad Hoc Networks, 86, 144-153.
[4] Chaqfeh, M.; Lakas, A. A Novel Approach for Scalable Multi-hop Data Dissemination in
Vehicular Ad Hoc Networks. Ad Hoc Netw. 2016, 37, 228–239
[5] Shi, Y., Ross, A., & Biswas, S. (2018). Source identification of encrypted video traffic in the
presence of heterogeneous network traffic. Computer Communications, 129, 101-110.
[6] Williams, R., Samtani, S., Patton, M., & Chen, H. (2018, November). Incremental hacker
forum exploit collection and classification for proactive cyber threat intelligence: An
exploratory study. In 2018 IEEE International Conference on Intelligence and Security
Informatics (ISI) (pp. 94-99). IEEE.
[7] Wang, J., Juarez, N., Kohm, E., Liu, Y., Yuan, J., & Song, H. (2019, April). Integration of
SDR and UAS for malicious Wi-Fi hotspots detection. In 2019 Integrated Communications,
Navigation and Surveillance Conference (ICNS) (pp. 1-8). IEEE.
[8] Phung, C. V., Dizdarevic, J., Carpio, F., & Jukan, A. (2019, May). Enhancing rest http with
random linear network coding in dynamic edge computing environments. In 2019 42nd
International Convention on Information and Communication Technology, Electronics and
Microelectronics (MIPRO) (pp. 435-440). IEEE.
[9] AMIR, A. Z. B. (2018). A study on Rogue Wireless Devices with Detection of Mousejack
Attacks and Vulnerabilities.
[10] Vanhoef, M., Bhandaru, N., Derham, T., Ouzieli, I., & Piessens, F. (2018, June).
Operating channel validation: preventing Multi-Channel Man-in-the-Middle attacks against
protected Wi-Fi networks. In Proceedings of the 11th ACM Conference on Security &
Privacy in Wireless and Mobile Networks (pp. 34-39).
[11] Chittamuru, S. V. R., Thakkar, I. G., Pasricha, S., Vatsavai, S. S., & Bhat, V. (2020).
Exploiting Process Variations to Secure Photonic NoC Architectures from Snooping Attacks.
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.
[12] Rupprecht, D., Kohls, K., Holz, T., & Pöpper, C. (2019, May). Breaking LTE on layer
two. In 2019 IEEE Symposium on Security and Privacy (SP) (pp. 1121-1136). IEEE.

[13] Ullas, S. U., & Sandeep, J. (2019). Reliable Monitoring Security System to Prevent MAC
Spoofing in Ubiquitous Wireless Network. In Advances in Big Data and Cloud Computing
(pp. 141-153). Springer, Singapore.
[14] Maithili, K., Vinothkumar, V., & Latha, P. (2018). Analyzing the security mechanisms to
prevent unauthorized access in cloud and network security. Journal of Computational and
Theoretical Nanoscience, 15(6-7), 2059-2063.
[15] Tochner, S., Zohar, A., & Schmid, S. (2020, October). Route Hijacking and DoS in Off-
Chain Networks. In Proceedings of the 2nd ACM Conference on Advances in Financial
Technologies (pp. 228-240).
[16] Alharthi, D. N., Hammad, M. M., & Regan, A. C. (2020, March). A taxonomy of social
engineering defense mechanisms. In Future of Information and Communication Conference
(pp. 27-41). Springer, Cham.
[17] Metz, L. A. E. P. (2020). An evaluation of unity ML-Agents toolkit for learning boss
strategies (Doctoral dissertation).
[18] Shringarputale, S., McDaniel, P., Butler, K., & La Porta, T. (2020, November). Co-
residency Attacks on Containers are Real. In Proceedings of the 2020 ACM SIGSAC
Conference on Cloud Computing Security Workshop (pp. 53-66).
[19] Xia, W., Cong, W., Wei, Y., & Li, C. (2020). Critical angle of attack and the
corresponding impact cavity for non-circuitous trajectory of water entry of circular cylinder.
Applied Ocean Research, 103, 102322.
[20] Huang, Y., Kuo, H. K., Thomas, S., Kons, Z., Audhkhasi, K., Kingsbury, B., ... &
Picheny, M. (2020, May). Leveraging unpaired text data for training end-to-end speech-to-
intent systems. In ICASSP 2020-2020 IEEE International Conference on Acoustics, Speech
and Signal Processing (ICASSP) (pp. 7984-7988). IEEE.
[21] Verma, S., Hamieh, A., Huh, J. H., Holm, H., Rajagopalan, S. R., Korczynski, M., &
Fefferman, N. (2016, August). Stopping amplified dns ddos attacks through distributed query
rate sharing. In 2016 11th International Conference on Availability, Reliability and Security
(ARES) (pp. 69-78). IEEE.
[22] A. Guruswamy, R. S. Blum, S. Kishore and M. Bordogna, “On the Optimum Design of
L-Estimators for Phase Offset Estimation in IEEE 1588,” IEEE Transactions on
Communications, Vol. 63 , No. 9, pp. 5101 – 5115, Dec. 2015.
[23] Karthik, A. K., & Blum, R. S. (2016). Estimation theory based robust phase offset
estimation in the presence of delay attacks. arXiv preprint arXiv:1611.05117.
[24] Tsigkari, D., & Spyropoulos, T. (2020). An approximation algorithm for joint caching
and recommendations in cache networks. arXiv preprint arXiv:2006.08421.

[25] Stricot-Tarboton, S.; Chaisiri, S.; Ko, R.K.L. Taxonomy of Man-in-the-Middle Attacks
on HTTPS. In Proceedings of the 2016 IEEE Trustcom/BigDataSE/ISPA, Tianjin, China,
23–26 August 2016; pp. 527–534. [CrossRef]
[26] Chen, Z.; Guo, S.; Duan, R.; Wang, S. Security Analysis on Mutual Authentication
against Man-in-the-Middle Attack. In Proceedings of the First International Conference on
Information Science and Engineering, Nanjing, China, 26–28 December 2009; pp. 1855–
1858. [CrossRef]
[27] Conti, M.; Dragoni, N.; Lesyk, V. A Survey of Man In The Middle Attacks. IEEE
Commun. Surv. Tutor. 2016, 18, 2027–2051. [CrossRef]
[28] Glass, S.M.; Muthukkumarasamy, V.; Portmann, M. Detecting Man-in-the-Middle and
Wormhole Attacks in Wireless Mesh Networks. In Proceedings of the International
Conference on Advanced Information Networking and Applications, Bradford, UK, 26–29
May 2009; pp. 530–538.
[29] Kaplanis, C. Detection and Prevention of Man in the Middle Attacks in Wi-Fi
Technology. Master’s Thesis, Aalborg University, Aalborg, Denmark, 2015.

A CONCEPTUAL SECURE BLOCKCHAIN-BASED ELECTRONIC
VOTING SYSTEM
Ahmed Ben Ayed
Department of Engineering and Computer Science, Colorado Technical University, Colorado
Springs, Colorado, USA
ABSTRACT
Blockchain is offering new opportunities to develop new types of digital services. While research
on the topic is still emerging, it has mostly focused on the technical and legal issues instead of
taking advantage of this novel concept and creating advanced digital services. In this paper, we
are going to leverage the open source Blockchain technology to propose a design for a new
electronic voting system that could be used in local or national elections. The Blockchain-based
system will be secure, reliable, and anonymous, and will help increase the number of voters as
well as the trust of people in their governments.
KEYWORDS
Blockchain, Electronic Voting System, e-Voting, I-Voting, iVote

REFERENCES
[1] Madise, Ü. Madise and T. Martens, “E-voting in Estonia 2005. The first practice of country-
wide binding Internet voting in the world.”,Electronic voting, 2nd International Workshop,
Bregenz, Austria,(2006) August 2-4.
[2] J. Gerlach and U. Grasser, “Three Case Studies from Switzerland: E-voting”, Berkman
Center Research Publication, (2009).
[3] I. S. G. Stenerud and C. Bull, “When reality comes knocking Norwegian experiences with
verifiable electronic voting”, Electronic Voting. Vol. 205. (2012), pp. 21-33.
[4] C. Meter and A. Schneider and M. Mauve, “Tor is not enough: Coercion in Remote
Electronic Voting Systems. arXiv preprint. (2017).
[5] D. L. Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”,
Communication of the ACM. Vol. 24(2). (1981), pp. 84-90.
[6] T. ElGamal, “A public Key Cryptosystem and a Signature Scheme Based on Discrete
Logarithms”, IEEE Trans. Info. Theory. Vol. 31. (1985), pp. 469-472.
[7] S. Ibrahim and M. Kamat and M. Salleh and S. R. A. Aziz, “Secure E-Voting with Blind
Signature”, Proceeding of the 4th National Conference of Communication Technology,
Johor, Malaysia, (2003) January 14-15.
[8] J. Jan and Y. Chen and Y. Lin, “The Design of Protocol for e-Voting on the Internet”,
Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security
Technology, London, England, (2001) October 16-19.
[9] D. L. Dill and A.D. Rubin, “E-Voting Security”, Security and Privacy Magazine, Vol. 2(1).
(2004), pp. 22-23.
[10] D. Evans and N. Paul, “Election Security: Perception and Reality”. IEEE Privacy
Magazine, vol. 2(1). (2004), pp. 2-9.
[11] Trueb Baltic, “Estonian Electronic ID – Card Application Specification Prerequisites to
the Smart Card Differentiation to previous Version of EstEID Card Application.”
http://www.id.ee/public/TBSPEC-EstEID-Chip-App-v3_5-20140327.pdf
[12] Cybernetica. “Internet Voting Solution.”
https://cyber.ee/uploads/2013/03/cyber_ivoting_NEW2_A4_web.pdf.
[13] D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine, and J. A.
Halderman, “Security Analysis of the Estonian Internet Voting System.” Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications Security. (2014), pp.
703-715.

[14] Ministry of Local Government and Modernisation. “Internet Voting Pilot to be
Discontinued.” https://www.regjeringen.no/en/aktuelt/Internet-voting-pilot-to-be-
discontinued/id764300/
[15] J. A. Halderman, and V. Teague, “The New South Wales iVote System: Security Failures
and Verifications Flaws in a Live Online Election.” International Conference on E-Voting
and Identity. (2015), pp. 35-53.
[16] S. Wolchok, E. Wustrow, D. Isabel, J. A. Halderman, “Attacking the Washington, DC
Internet Voting System.” International Conference on Financial Cryptography and Data
Security (2012), pp. 114-128.
[17] National Institute of Standards and Technology, “Federal Information Processing
Standards Publication”, (2012).
[18] S. Nakamoto, “A Peer-to-Peer Electronic Cash System”, (2008).
[19] F. Reid and M. Harrigan, “An Analysis of Anonymity in the Bitcoin System”, Security
and Privacy in Social Networks. (2013), pp. 1-27.
[20] S. Raval, “Decentralized Applications: Harnessing Bitcoin’s Blockchain Technology.”
O’Reilly Media, Inc. Sebastopol, California (2016).
[21] J. R. Douceur, “The Sybil Attack”, International Workshop on Peer-to-Peer Systems,
(2002), pp. 251-260.

AUTHORS
Ahmed Ben Ayed, has received his Bachelor of Science in Computer Information Systems,
Master of Science in Cyber Security and Information Assurance, and currently a doctoral student
at Colorado Technical University, and an Adjunct Professor at California Takshila University.
His research interests are Android Security, Pattern Recognition of Malicious Applications,
Machine Learning, Cryptography, Information & System Security and Cyber Security.

A LITERATURE SURVEY AND ANALYSIS ON SOCIAL ENGINEERING DEFENSE
MECHANISMS AND INFOSEC POLICIES
Dalal Alharthi and Amelia Regan
Department of Computer Science, University of California Irvine, Irvine, California
ABSTRACT
Social engineering attacks can be severe and hard to detect. Therefore, to prevent such attacks,
organizations should be aware of social engineering defense mechanisms and security policies.
To that end, the authors developed a taxonomy of social engineering defense mechanisms,
designed a survey to measure employee awareness of these mechanisms, proposed a model of
Social Engineering InfoSec Policies (SE-IPs), and designed a survey to measure the
incorporation level of these SE-IPs. After analyzing the data from the first survey, the authors
found that more than half of employees are not aware of social engineering attacks. The paper
also analyzed a second set of survey data, which found that on average, organizations
incorporated just over fifty percent of the identified formal SE-IPs. Such worrisome results show
that organizations are vulnerable to social engineering attacks, and serious steps need to be taken
to elevate awareness against these emerging security threats.
KEYWORDS
Cybersecurity, Social Engineering, Employee Awareness, Defense Mechanisms, Security
Policies

REFERENCES
[1] S. D. Applegate, Social engineering: hacking the wetware! Information Security Journal: A
Global Perspective 18 (1) (2009) 40–46.
[2] C. Hadnagy, Social engineering: The art of human hacking, John Wiley & Sons, 2010.3. A.
Berg, Cracking a social engineer, [online]. lan times (1995).
[3] A. Berg, Cracking a social engineer, [online]. lan times (1995).
[4] T. Greening, Ask and ye shall receive: a study in social engineering, ACM SIGSAC Review
14 (2) (1996) 8–14.
[5] A. Karakasiliotis, S. Furnell, M. Papadaki, Assessing end-user awareness of social
engineering and phishing.
[6] M. Workman, A test of interventions for security threats from social engineering,
Information Management & Computer Security 16 (5) (2008) 463–483.
[7] G. L. Orgill, G. W. Romney, M. G. Bailey, P. M. Orgill, The urgency for effective user
privacy-education to counter social engineering attacks on secure computer systems, in:
Proceedings of the 5th conference on Information technology education, ACM, 2004, pp.
177–181
[8] T. Bakhshi, M. Papadaki, S. Furnell, A practical assessment of social engineering
vulnerabilities., in: HAISA, 2008, pp. 12–23.
[9] F. Mouton, M. M. Malan, L. Leenen, H. S. Venter, Social engineering attack
framework, in: 2014 Information Security for South Africa, IEEE, 2014, pp. 1–9.
[10] R. Kalnin,š, J. Purin,š, and G. Alksnis, “Security evaluation of wireless network access
points,” Applied Computer Systems, vol. 21, no. 1, pp.38–45, 2017.
[11] D. N. Alharthi, M. M. Hammad, and A. C. Regan, “A taxonomy of social engineering
defense mechanisms,” in Future of Information and Communication Conference. Springer,
2020, pp. 27–41.
[12] F. Mouton, L. Leenen, and H. S. Venter, “Social engineering attack examples, templates
and scenarios,” Computers & Security, vol. 59, pp.186–209, 2016.
[13] N. Saxena, E. Hayes, E. Bertino, P. Ojo, K.-K. R. Choo, and P. Burnap, “Impact and key
challenges of insider threats on organizations and critical businesses,” Electronics, vol. 9, no.
9, p. 1460, 2020.
[14] T. Ahmad, “Corona virus (covid-19) pandemic and work from home: Challenges of
cybercrimes and cybersecurity,” Available at SSRN3568830, 2020.

[15] N. Sarginson, “Securing your remote workforce against new phishing attacks,” Computer
Fraud & Security, vol. 2020, no. 9, pp. 9–12, 2020.
[16] H. Aldawood and G. Skinner, “Contemporary cyber security social engineering solutions,
measures, policies, tools and applications: Acritical appraisal,” International Journal of
Security (IJS), vol. 10, no. 1, p. 1, 2019.
[17] V. Systems, “Varonis 2019 global data risk report,” 2019.
[18] A. Yazdanmehr and J. Wang, “Employees’ information security policy compliance: A
norm activation perspective,” Decision Support Systems, vol. 92, pp. 36–46, 2016.
[19] D. N. Alharthi and A. C. Regan, “Social engineering defense mechanisms: A taxonomy
and a survey of employees’ awareness level,” in Science and Information Conference.
Springer, 2020, pp. 521–541.
[20] D. N. Alharthi and A. C. Regan, “Social engineering InfoSec Policies (SE-IPs),” in the
14th International Conference on Network Security & Applications (CNSA 2021). CICT,
2021, pp. 521–541. NIAI - 2021 pp. 57-74, 2021.
[21] H. Aldawood, G. Skinner, An academic review of current industrial and commercial
cyber security social engineering solutions, in: Proceedings of the 3rd International
Conference on Cryptography, Security and Privacy, ACM, 2019, pp. 110–115.
[22] B. M. E. Elnaim, H. A. S. W. Al-Lami, The current state of phishing attacks against
Saudi Arabia university students.
[23] C. Happ, A. Melzer, G. Steffgen, Trick with treat–reciprocity increases the willingness to
communicate personal data, Computers in Human Behavior 61 (2016) 372–377.
[24] I. Ghafir, V. Prenosil, A. Alhejailan, M. Hammoudeh, Social engineering attack
strategies and defence approaches, in: 2016 IEEE 4th International Conference onFuture
Internet of Things and Cloud (FiCloud), IEEE, 2016, pp. 145–149.
[25] M. Gupta, R. Sharman, Social network theoretic framework for organizational
socialengineering susceptibility index, AMCIS 2006 Proceedings (2006) 408.
[26] K. Parsons, D. Calic, M. Pattinson, M. Butavicius, A. McCormac, T. Zwaans, Thehuman
aspects of information security questionnaire (hais-q): two further validation studies,
Computers & Security 66 (2017) 40–51.
[27] T. Herath, H. R. Rao, Encouraging information security behaviours in organizations:
Role of penalties, pressures and perceived effectiveness, Decision Support Systems47 (2)
(2009) 154–165.
[28] J. A. Stoner, Risky and cautious shifts in group decisions: The influence of widely held
values, Journal of Experimental Social Psychology 4 (4) (1968) 442–459.

[29] H. Aldawood and G. Skinner, “Reviewing cyber security social engineering training and
awareness programs—pitfalls and ongoing issues,” Future Internet, vol. 11, no. 3, p. 73,
2019.
[30] K. J. Knapp, R. F. Morris Jr, T. E. Marshall, and T. A. Byrd, “Information security
policy: An organizational-level process model,” computers &security, vol. 28, no. 7, pp.
493–508, 2009.
[31] C. Senarak, “Port cybersecurity and threat: A structural model for prevention and policy
development,” The Asian Journal of Shipping and Logistics, 2020.
[32] A. Karakasiliotis, S. Furnell, and M. Papadaki, “Assessing end-user awareness of social
engineering and phishing,” 2006.
[33] L. Li, W. He, L. Xu, I. Ash, M. Anwar, and X. Yuan, “Investigating the impact of
cybersecurity policy awareness on employees’ cybersecurity behavior,” International Journal
of Information Management, vol. 45, pp. 13–24, 2019.
[34] M. Siponen, M. A. Mahmood, and S. Pahnila, “Employees’ adherence to information
security policies: An exploratory field study,” Information& management, vol. 51, no. 2, pp.
217–224, 2014.
[35] F. Bélanger, S. Collignon, K. Enget, and E. Negangard, “Determinants of early
conformance with information security policies,” Information& Management, vol. 54, no. 7,
pp. 887–901, 2017.
[36] K.-c. Chang and Y. M. Seow, “Effects of it-culture conflict and user dissatisfaction on
information security policy non-compliance: A sense-making perspective,” 2014.
[37] F. Hadi, M. Imran, M. H. Durad, and M. Waris, “A simple security policy enforcement
system for an institution using sdn controller,” in 2018 15th International Bhurban
Conference on Applied Sciences and Technology (IBCAST). IEEE, 2018, pp. 489–494.
[38] V. D. Soni, “Disaster recovery planning: Untapped success factor in an organization,”
Available at SSRN 3628630, 2020.
[39] J. Horney, M. Nguyen, D. Salvesen, O. Tomasco, and P. Berke, “Engaging the public in
planning for disaster recovery,” International journal of disaster risk reduction, vol. 17, pp.
33–37, 2016.
[40] F. Salahdine and N. Kaabouch, “Social engineering attacks: A survey,” Future Internet,
vol. 11, no. 4, p. 89, 2019.
[41] C. Okoli, K. Schabram, A guide to conducting a systematic literature review of
information systems research.

[42] NCSC, National Cybersecurity Centre (Accessed 2019). Link
[43] S. Inc., Surveymonkey (Accessed 2019). Link
[44] Stats, “Saudi general authority for statistics,” Accessed 2020. [Online]. Available:
https://www.stats.gov.sa/
[45] Statista, “Statista,” Accessed 2020. [Online]. Available: https://www.statista.com/
[46] C. Bronk and E. Tikk-Ringas, “The cyber-attack on Saudi Aramco,” Survival, vol. 55,
no. 2, pp. 81–96, 2013.
[47] D. D. Cheong, “Cyberattacks in the gulf: lessons for active defence,” 2012.
[48] S. S. Basamh, H. Qudaih, and J. B. Ibrahim, “An overview on cybersecurity awareness
in Muslim countries,” International Journal of Information and Communication Technology
Research, 2014.
[49] ITU, “Committed to connecting the world,” Accessed 2020. [Online]. Available:
https://www.itu.int/en/Pages/default.aspx
[50] T. McClelland, “The insider’s view of a data breach-how policy, forensics, and
attribution apply in the real world,” 2018.
[51] R. Bhor and H. Khanuja, “Analysis of web application security mechanism and attack
detection using vulnerability injection technique,” in 2016 International Conference on
Computing Communication Control and automation (ICCUBEA). IEEE, 2016, pp. 1–6.
[52] J. Saleem and M. Hammoudeh, “Defense methods against social engineering attacks,” in
Computer and network security essentials. Springer, 2018, pp. 603–618.

AUTHORS
Dalal Alharthi is a Ph.D. Candidate in Computer Science at the University
of California, Irvine. She is also a Resident Engineer at Palo Alto Networks
and a Senior Prisma Cloud Consultant at Dell. She is equipped with 12+
years of work experience between academia and industry. Her research
interests are in the field of Cybersecurity, Network Security, Cloud Security,
Privacy, Human-Computer Interaction (HCI), and Artificial Intelligence
(AI).
Amelia Regan received a BAS in Systems Engineering from the University
of Pennsylvania, an MS degree in Applied Mathematics from Johns Hopkins
University, and an MSE degree and Ph.D. degree at the University of Texas.
She is a Professor of Computer Science at the University of California,
Irvine. Her research interests include network optimization, cyber-physical
transportation systems, machine learning tools for temporal-spatial data
analysis, and cybersecurity.

COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL
NEURAL NETWORK BASED ON API CALL STREAM
Matthew Schofield1
, Gulsum Alicioglu2
, Bo Sun1
, Russell Binaco1
, Paul Turner1
, Cameron
Thatcher1
, Alex Lam1
and Anthony Breitzman1
1
Department of Computer Science, Rowan University, Glassboro, New Jersey, USA
2
Department of Electrical and Computer Engineering, Rowan University, Glassboro, New
Jersey, USA
ABSTRACT
Malicious software is constantly being developed and improved, so detection and classification
of malwareis an ever-evolving problem. Since traditional malware detection techniques fail to
detect new/unknown malware, machine learning algorithms have been used to overcome this
disadvantage. We present a Convolutional Neural Network (CNN) for malware type
classification based on the API (Application Program Interface) calls. This research uses a
database of 7107 instances of API call streams and 8 different malware types:Adware, Backdoor,
Downloader, Dropper, Spyware, Trojan, Virus,Worm. We used a 1-Dimensional CNN by
mapping API calls as categorical and term frequency-inverse document frequency (TF-IDF)
vectors and compared the results to other classification techniques.The proposed 1-D CNN
outperformed other classification techniques with 91% overall accuracy for both categorical and
TFIDF vectors.
KEYWORDS
Convolutional Neural Network, Malware Classification, N-gram Analysis, Term Frequency-
Inverse Document Frequency Vectors, Windows API Calls.

REFERENCES
[1] Daniel Gibert, Carles Mateu, & Jordi Planes, (2020) “The rise of machine learning for
detection and classification of malware: Research developments, trends and challenges”,
Journal of Network and Computer Applications. 10.1016/j.jnca.2019.102526.
[2] Zahra Bazrafshan, Hashem Hashemi, Fard Hazrati, Mehdi Seyed, & Ali Hamzeh, (2013) “A
survey on heuristic malware detection techniques”, 2013 5th Conference on Information and
Knowledge Technology. 113-120. 10.1109/IKT.2013.6620049.
[3] Jyoti Landage, & M. P. Wankhade, (2013) “Malware and Malware Detection Techniques : A
Survey”, International journal of engineering research and technology, 2.
[4] DainiusCeponis, & Nikolaj Goranin,(2019) “Evaluation of Deep Learning Methods
Efficiency for Malicious and Benign System Calls Classification on the AWSCTD”,Security
and Communication Networks,2317976:1-2317976:12.
[5] SerifBahtiyar, Mehmet BarisYaman, & Can Yilmaz Altinigne, (2019)“A multi-dimensional
machine learning approach to predict advanced malware”, Comput. Networks, 160,118-129.
[6] GyuwanKim, Hayoon Yi, JanghoLee, YunheungPaek, & Sungroh Yoon, (2016) “LSTM-
Based System-Call Language Modeling and Robust Ensemble Method for Designing Host-
Based Intrusion Detection Systems”, ArXiv, abs/1611.01726.
[7] AhmetYazi, Ferhat Ozgur Catak,& EnsarGul,(2019) “Classification of Methamorphic
Malware with Deep Learning (LSTM)”,10.1109/SIU.2019.8806571.
[8] Ferhat OzgurCatak,&AhmetYazi,(2019) “A Benchmark API Call Dataset for Windows PE
MalwareClassification”, https://arxiv.org/abs/1905.01999.
[9] EslamAmer,&Ivan Zelinka,(2020) “A dynamic Windows malware detection and prediction
method based on contextual understanding of API call sequence”, Computers & Security.
10.1016/j.cose.2020.101760.
[10] YuntaoZhao, Bo Bo, Yongxin Feng, ChunYu Xu, & Bo Yu,(2019) “A feature extraction
method of hybrid gram for malicious behavior based on machine learning”, Secur. Commun.
Netw.
[11] Chang Choi, ChristianEsposito, MungyuLee, & JunhoChoi, (2019) “Metamorphic
malicious code behavior detection using probabilistic inference methods”, Cognit. Syst. Res.
56, 142–150.
[12] AsgharTajoddin, & SaeedJalili, (2018) “HM3alD: polymorphic Malware detection using
program behavior-aware hidden Markov model”, Appl. Sci. 8 (7), 1044.
[13] Matthew Schofield, Gulsum Alicioglu, Russell Binaco, Paul Turner, Cameron Thatcher,
Alex Lam & Bo Sun, (2021) “Convolutional Neural Network For Malware Classification

Based On API Call Sequence”, In proceedings of 2021 the 14th International Conference on
Network Security & Applications. Computer Science & Information Technology (CS & IT).
Zurich, Switzerland.
[14] Jeffrey Heer, Micheal Bostock, & Vadim Ogievetsky,(2010) “A Tour through the
Visualization Zoo”, ACM Queue, 8, 20.
[15] WeijieHan, Jingfeng Xue, YongWang, LuHuang, ZixiaoKong, & Limin Mao, (2019)
“MalDAE: Detecting and explaining malware based on correlation and fusion of static and
dynamic characteristics”, Comput. Secur., 83, 208-233.
[16] LuXiao-Feng, ZhouXiao, Jiang Fangshuo, Yi Sheng-wei,&ShaJing,(2018) “ASSCA: API
based Sequence and Statistics featuresCombinedmalwaredetectionArchitecture”,Procedia
Computer Science, 129, 248-256.
[17] MatildaRhode, Pete Burnap, & Kevin Jones, (2018) “Early Stage Malware Prediction
Using Recurrent Neural Networks”,Comput. Secur., 77,578-594.
[18] ZahraSalehi, Ashkan Sami, & Mahboobe Ghiasi, (2017) “MAAR: Robust features to
detect malicious activity based on API calls, their arguments and return values”, Eng. Appl.
Artif. Intell., 59, 93-102.
[19] MohamedBelaoued, & SmaineMazouzi, (2016) “A Chi-Square-Based Decision for Real-
Time Malware Detection Using PE-File Features”, JIPS, 12,644-660.
[20] Sanchit Gupta, Harshit Sharma, & Sarvjeet Kaur, (2016) “Malware Characterization
Using Windows API Call Sequences”,SPACE.
[21] Jixin Zhang, Zheng Qin, Hui Yin, Lu Ou, & Kehuan Zhang, (2019) “A feature-hybrid
malware variants detection using CNN based opcode embedding and BPNN based API
embedding”, Comput. Secur., 84,376-392.
[22] Tableau Software. (2020). Retrieved from www.tableau.com.
[23] Kolosnjaji Bojan, Zarras Apostolis, Webster George, & Eckert Claudia, (2016) “Deep
Learning for Classification of Malware System Call Sequences”, In: Kang B., Bai Q. (eds)
AI 2016: Advances in Artificial Intelligence. Lecture Notes in Computer Science, vol 9992.
Springer, Cham. https://doi.org/10.1007/978-3-319-50127-7_11.
[24] Catak Ferhat Ozgur, Yazı Ahmet Faruk, Elezaj Ogerta & Ahmed Javed, (2020) “Deep
learning based Sequential model for malware analysis using Windows exe API Calls”, PeerJ
Computer Science 6:e285 https://doi.org/10.7717/peerj-cs.285.
[25] Albawi Saad, Mohammad Tareq Abed, & Al-Zawi Saad, (2017), “Understanding of a
convolutional neural network”, 2017 International Conference on Engineering and
Technology (ICET), Antalya, pp. 1-6, doi: 10.1109/ICEngTechnol.2017.8308186.

[26] “http://alexlenail.me/NN-SVG,” 2016. (Accessed 20 December 2020).
[27] Chigozie Nwankpa, Winifred Ijomah, Anthony Gachagan, & Stephen Marshall, (2018)
“Activation Functions: Comparison of trends in Practice and Research for Deep Learning”,
ArXiv, abs/1811.03378.
[28] Yinzheng Gu, Chuanpeng Li, & Jinbin Xie, (2018) “Attention-aware Generalized Mean
Pooling for Image Retrieval”, ArXiv, abs/1811.00202.
[29] Mark Cheung, John Shi, Lavender Jiang, Oren Wright, &Jose Moura, (2019) “Pooling in
Graph Convolutional Neural Networks”, 53rd Asilomar Conference on Signals, Systems, and
Computers, 462-466.
[30] WilliamCavnar, & John Trenkle, (1994) “N-gram-based text categorization”,
Proceedings of SDAIR-94, 3rd annual symposium on document analysis and information
retrieval. Vol. 161175.
[31] Raymond Canzanese, Spiros Mancoridis, &Moshe Kam, (2015) “Run-time classification
of malicious processes using system call analysis”, 10th International Conference on
Malicious and Unwanted Software (MALWARE), Fajardo, 2015, pp. 21-28.
[32] ShahzadQaiser, & Ramsha Ali, (2018) “Text Mining: Use of TF-IDF to Examine the
Relevance of Words to Documents”, International Journal of Computer Applications, 181,
25-29.

AUTHORS
Matthew Schofield is currently enrolled at Rowan University pursuing his
B.S/M.S degree in Computer Science anticipating graduation in December
2021. He is currently working on his master’s thesis on Deep Reinforcement
Learning in Incentivization Systems. His research interests are in Machine
Learning and Deep Reinforcement Learning.
Gulsum Alicioglu received M.Sc. Degree in Industrial Engineering from Gazi
University, Turkey, in 2018. Currently, she is a Ph.D. candidate at the
Department of Electrical and Computer Engineering of Rowan University,
USA. Her research interests aredata visualization, machine learning, and
explainable artificial intelligence.
Bo Sun is an associate professor of Computer Science and led the project effort
of this paper.She received her B.S. in Computer Science from Wuhan
University, her M.S.in Computer Science from Lamar University, and her
Ph.D. in Modeling and Simulation from Old Dominion University. Her research
interests include Visual Analytics and Data Visualization.
Russell Binaco graduated from Rowan University with an M.S. in Computer
Science in Spring 2020. He now works as a software engineer for Innovative
Defense Technologies, and as an adjunct for Rowan University. At Rowan, he
earned undergraduate degrees in Computer Science and Electrical and
Computer Engineering. He has also been published in the Journal of the
International Neuropsychological Society for research using Machine Learning
to classify patients’ levels of cognitive decline with regards to Alzheimer’s
Disease.
Paul Turner received his B.S. in Computer Science from Rowan University in
2018 and is currently enrolled in an M.S. program at the aforementioned
University. His interests include machine learning, text mining, and cloud
computing.
Cameron Thatcher received his B.S in Computer Science from Rowan
University in 2019 and is currently pursuing his M.S. in Computer Science at
Rowan University. His research interests include Machine Learning and Data
Mining.
Alex Lam is currently attending Rowan University pursuing his B.S/M.S
degree in Computer Science and Data Analytics. He has also been published in
the 3rd ACM SIGSPATIAL International Workshop on Analytics for Local
Events and News (LENS’19) for research in identifying real-world events
using bike-sharing data.

Anthony Breitzman holds an M.A. in Mathematics from Temple University,
and an M.S. and Ph.D. from Drexel University. He is an associate professor of
Computer Science at Rowan University and his research interests are Data
Mining, Text Mining, Machine Learning, Algorithm Design, Convolution
Algorithms, and Number Theory.

DEEP LEARNING CLASSIFICATION METHODS APPLIED TO TABULAR
CYBERSECURITY BENCHMARKS
David A. Noever and Samantha E. Miller Noever
PeopleTec, Inc., Huntsville, Alabama, USA
ABSTRACT
This research recasts the network attack dataset from UNSW-NB15 as an intrusion detection
problem in image space. Using one-hot-encodings, the resulting grayscale thumbnails provide a
quarter-million examples for deep learning algorithms. Applying the MobileNetV2’s
convolutional neural network architecture, the work demonstrates a 97% accuracy in
distinguishing normal and attack traffic. Further class refinements to 9 individual attack families
(exploits, worms, shellcodes) show an overall 54% accuracy. Using feature importance rank, a
random forest solution on subsets shows the most important source-destination factors and the
least important ones as mainly obscure protocols. It further extends the image classification
problem to other cybersecurity benchmarks such as malware signatures extracted from binary
headers, with an 80% overall accuracy to detect computer viruses as portable executable files
(headers only). Both novel image datasets are available to the research community on Kaggle.
KEYWORDS
Neural Networks, Computer Vision, Image Classification, Intrusion Detection, MNIST
Benchmark.
Volume Link : https://airccse.org/journal/jnsa21_current.html

REFERENCES
[1] Moustafa, Nour, and Jill Slay. "UNSW-NB15: a comprehensive data set for network
intrusion detection systems (UNSW-NB15 network data set)." Military Communications and
Information Systems Conference (MilCIS), 2015. IEEE, 2015. See online
https://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/
[2] Moustafa, Nour, and Jill Slay. "The evaluation of Network Anomaly Detection Systems:
Statistical analysis of the UNSW-NB15 dataset and the comparison with the KDD99
dataset." Information Security Journal: A Global Perspective (2016): 1-14.
[3] Moustafa, Nour, et al. . "Novel geometric area analysis technique for anomaly detection
using trapezoidal area estimation on large-scale networks." IEEE Transactions on Big Data
(2017).
[4] Moustafa, Nour, et al. "Big data analytics for intrusion detection system: statistical decision-
making using finite Dirichlet mixture models." Data Analytics and Decision Support for
Cybersecurity. Springer, Cham, 2017. 127-156.
[5] Özgür, Atilla, and Hamit Erdem. "A review of KDD99 dataset usage in intrusion detection
and machine learning between 2010 and 2015." PeerJ Preprints 4 (2016): e1954v1.
[6] Olusola, A. A., Oladele, A. S., & Abosede, D. O. (2010, October). Analysis of KDD’99
intrusion detection dataset for selection of relevance features. In Proceedings of the world
congress on engineering and computer science (Vol. 1, pp. 20-22). WCECS.
[7] Meena, Gaurav, and Ravi Raj Choudhary. "A review paper on IDS classification using KDD
99 and NSL KDD dataset in WEKA." In 2017 International Conference on Computer,
Communications and Electronics (Comptelix), pp. 553-558. IEEE, 2017.
[8] Hatami, Nima, Yann Gavet, and Johan Debayle. "Classification of time-series images using
deep convolutional neural networks." In Tenth international conference on machine vision
(ICMV 2017), vol. 10696, p. 106960Y. International Society for Optics and Photonics, 2018.
[9] Hershey, Shawn, Sourish Chaudhuri, Daniel PW Ellis, Jort F. Gemmeke, Aren Jansen, R.
Channing Moore, Manoj Plakal et al. "CNN architectures for large-scale audio
classification." In 2017 IEEE international conference on acoustics, speech and signal
processing (ICASSP), pp. 131-135. IEEE, 2017.
[10] Noever, David “Intrusion Detection as an Image Classifier”, Kaggle.com, (2021),
https://www.kaggle.com/datamunge/intrusion-detection-as-an-image-classifier
[11] Salehi, Sohail. ImageMagick Tricks. Packt publishing ltd, 2006.
[12] Zhang, Weinan, Tianming Du, and Jun Wang. "Deep learning over multi-field categorical
data." In European conference on information retrieval, pp. 45-57. Springer, Cham, 2016.

[13] Sandler, Mark, Andrew Howard, Menglong Zhu, Andrey Zhmoginov, and Liang-Chieh
Chen. "Mobilenetv2: Inverted residuals and linear bottlenecks." In Proceedings of the IEEE
conference on computer vision and pattern recognition, pp. 4510-4520. 2018.
[14] LeCun, Yann, Corinna Cortes, and C. J. Burges. "MNIST handwritten digit database."
(2010): 18. http://yann.lecun.com/exdb/mnist/ and Y. LeCun, L. Bottou, Y. Bengio, and P.
Haffner. "Gradient-based learning applied to document recognition." Proceedings of the
IEEE, 86(11):2278-2324, November 1998
[15] Cohen, Gregory, Saeed Afshar, Jonathan Tapson, and Andre Van Schaik. "EMNIST:
Extending MNIST to handwritten letters." In 2017 International Joint Conference on Neural
Networks (IJCNN), pp. 2921-2926. IEEE, 2017.
[16] Chen, Li, Song Wang, Wei Fan, Jun Sun, and Satoshi Naoi. "Beyond human recognition:
A CNN-based framework for handwritten character recognition." In 2015 3rd IAPR Asian
Conference on Pattern Recognition (ACPR), pp. 695-699. IEEE, 2015.
[17] Image Classification on MNIST, (accessed 01/2021),
https://paperswithcode.com/sota/image-classification-on-mnist
[18] Grim, Jirı, and Petr Somol. "A Statistical Review of the MNIST Benchmark Data
Problem." http://library.utia.cas.cz/separaty/2018/RO/grim-0497831.pdf
[19] Preda, Gabriel, Chinese MNIST: Chinese Numbers Handwritten Characters Images,
(accessed 01/2021) https://www.kaggle.com/gpreda/chinese-mnist
[20] CoMNIST: Cyrillic-oriented MNIST, A Dataset of Latin and Cyrillic Letters, (accessed
01/2021) https://www.kaggle.com/gregvial/comnist
[21] Prabhu, Vinay Uday. "Kannada-MNIST: A new handwritten digits dataset for the
Kannada language." arXiv preprint arXiv:1908.01242 (2019).
https://www.kaggle.com/higgstachyon/kannada-mnist
[22] Warden, P. "How many images do you need to train a neural network?" (2017).
https://petewarden.com/2017/12/14/how-many-images-do-you-need-to-train-a-neural-
network/
[23] Han, Hong, Xiaoling Guo, and Hua Yu. "Variable selection using mean decrease
accuracy and mean decrease Gini based on random forest." In 2016 7th IEEE International
Conference On Software Engineering And Service Science (ICSESS), pp. 219-224. IEEE,
2016.
[24] Anderson, H. S., & Roth, P. (2018). Ember: an open dataset for training static PE
malware machine learning models. arXiv preprint arXiv:1804.04637.
[25] Manavi, F., & Hamzeh, A. (2020, September). A New Method for Ransomware
Detection Based on PE Header Using Convolutional Neural Networks. In 2020 17th

International ISC Conference on Information Security and Cryptology (ISCISC) (pp. 82-87).
IEEE.
[26] Vasan, D., Alazab, M., Wassan, S., Safaei, B., & Zheng, Q. (2020). Image-Based
malware classification using an ensemble of CNN architectures (IMCEC). Computers &
Security, 92, 101748.
[27] Oliveira, Angelo (2019). Malware Analysis Datasets: Raw PE as Image. IEEE Dataport.
https://dx.doi.org/10.21227/8brp-j220, https://ieee-dataport.org/open-access/malware-
analysis-datasets-raw-pe-image and Kaggle, https://www.kaggle.com/ang3loliveira/malware-
analysis-datasets-pe-section-headers
[28] Oliveira, Angelo (2019). Malware Analysis Datasets: PE Section Headers. IEEE
Dataport. https://dx.doi.org/10.21227/2czh-es14 , https://ieee-dataport.org/open-
access/malware-analysis-datasets-pe-section-headers and Kaggle,
https://www.kaggle.com/ang3loliveira/malware-analysis-datasets-raw-pe-as-image
[29] Oliveira, Angelo (2019). Malware Analysis Datasets: Top-1000 PE Imports. IEEE
Dataport. https://dx.doi.org/10.21227/004e-v304 , https://ieee-dataport.org/open-
access/malware-analysis-datasets-top-1000-pe-imports and Kaggle,
https://www.kaggle.com/ang3loliveira/malware-analysis-datasets-top1000-pe-imports
[30] Freitas, S., Duggal, R., & Chau, D. H. (2021). MalNet: A Large-Scale Cybersecurity
Image Database of Malicious Software. arXiv preprint arXiv:2102.01072.
[31] Chen, L., Sahita, R., Parikh, J., Marino, M. (2020), “STAMINA: Scalable Deep Learning
Approach for Malware Classification,” Intel Labs Whitepaper,
https://www.intel.com/content/www/us/en/artificial-intelligence/documents/stamina-deep-
learning-for-malware-protection-whitepaper.html
[32] Microsoft, “PE Format”, https://docs.microsoft.com/en-us/windows/win32/debug/pe-
format , accessed online (Jan 2021)
[33] InfoSec Institute, “Demystifying PE File”, https://resources.infosecinstitute.com/topic/2-
malware-researchers-handbook-demystifying-pe-file/ , accessed online (Jan 2021)
[34] pefile, “Python PE parsing module”, https://pypi.org/project/pefile/ accessed online (Jan
2021) and description of uses, https://malwology.com/2018/08/24/python-for-malware-
analysis-getting-started/
[35] Hartigan, J. A. (1985). Statistical theory in clustering. Journal of classification, 2(1), 63-
76.
[36] Lu, Arlen, “Convert-own-data-to-MNIST-format” (accessed 01/2021)
https://github.com/Arlen0615/Convert-own-data-to-MNIST-format

[37] Lee, Juhyun, Nikolay Chirkov, Ekaterina Ignasheva, Yury Pisarchyk, Mogan Shieh,
Fabio Riccardi, Raman Sarokin, Andrei Kulik, and Matthias Grundmann. "On-Device
Augmented Reality with Mobile GPUs."
[38] Shah, Vishal, and Neha Sajnani. "Multi-Class Image Classification using CNN and
Tflite." International Journal of Research in Engineering, Science and Management 3, no. 11
(2020): 65-68.
[39] Belouch, Mustapha, Salah El Hadaj, and Mohamed Idhammad. "Performance evaluation
of intrusion detection based on machine learning using Apache Spark." Procedia Computer
Science 127 (2018): 1-6.
[40] Choudhary, Sarika, and Nishtha Kesswani. "Analysis of KDD-Cup’99, NSL-KDD and
UNSW-NB15 Datasets using Deep Learning in IoT." Procedia Computer Science 167
(2020): 1561-1573.
[41] Kanimozhi, V., and Prem Jacob. "UNSW-NB15 dataset feature selection and network
intrusion detection using deep learning." International Journal of Recent Technology and
Engineering 7: 443-446.
[42] Pujari, Rakshit, “Network Attack Detection and Classification Using Machine Learning
Models Based on UNSW-NB15 Data-Set”, Medium, (10/2020). https://i-
rakshitpujari.medium.com/network-attack-detection-and-classification-using-machine-
learning-models-based-on-unsw-nb15-a645bba73987
[43] Liu, Li, Jie Chen, Paul Fieguth, Guoying Zhao, Rama Chellappa, and Matti Pietikäinen.
"From BoW to CNN: Two decades of texture representation for texture classification."
International Journal of Computer Vision 127, no. 1 (2019): 74-109.
[44] Chen, Tianqi, and Carlos Guestrin. "Xgboost: A scalable tree boosting system." In
Proceedings of the 22nd ACM Sigkdd International Conference On Knowledge Discovery
And Data Mining, pp. 785-794. 2016.
[45] Shorten, Connor, and Taghi M. Khoshgoftaar. "A survey on image data augmentation for
deep learning." Journal of Big Data 6, no. 1 (2019): 1-48.
[46] Samangouei, Pouya, Maya Kabkab, and Rama Chellappa. "Defense-GAN: Protecting
classifiers against adversarial attacks using generative models." arXiv preprint
arXiv:1805.06605 (2018).
[47] Noever, D. and Noever, Samantha E. Miller, “Virus-MNIST: Portable Executable Files
as Images for Malware Detection”, https://www.kaggle.com/datamunge/virusmnist and
https://github.com/reveondivad/virus-mnist

A SURVEY ON FEDERATED IDENTITY MANAGEMENT SYSTEMS LIMITATION AND
SOLUTIONS
Maha Aldosary and Norah Alqahtani
Department of Computer Sciences, Imam Mohammad Ibn Saud Islamic University, Riyadh,
KSA
ABSTRACT
An efficient identity management system has become one of the fundamental requirements for
ensuring safe, secure, and transparent use of identifiable information and attributes. Federated
Identity Management (FIdM) allows users to distribute their identity information across security
domains which increases the portability of their digital identities, and it is considered a
promising approach to facilitate secure resource sharing among collaborating participants in
heterogeneous IT environments. However, it also raises new architectural challenges and
significant security and privacy issues that need to be mitigated. In this paper, we provide a
comparison between FIdM architectures, presented the limitations and risks in FIdM system, and
discuss the results and proposed solutions.
KEYWORDS
Federated Identity Management, Identity Management, Limitations, Identity Federation.
Volume Link : https://airccse.org/journal/jnsa21_current.html

REFERENCES
[1] A. Bhargav-Spantzel, A. C. Squicciarini, and E. Bertino, “Establishing and protecting digital
identity in federation systems,” J. Comput. Secur., vol. 14, no. 3, pp. 269–300, Jun. 2006,
doi: 10.3233/JCS-2006-14303.
[2] Roger Clarke, “Identity Management? Or (Id)Entity Mismanagement?,” rogerclarke.com,
Nov. 05, 2004. http://www.rogerclarke.com/EC/ACSID0411.html (accessed May 08, 2021).
[3] S. Clauß and M. Köhntopp, “Identity management and its support of multilateral security,”
Comput. Netw., vol. 37, no. 2, pp. 205–219, Oct. 2001, doi: 10.1016/S1389-1286(01)00217-
1.
[4] G. Roussos, D. Peterson, and U. Patel, “Mobile Identity Management: An Enacted View,”
Int. J. Electron. Commer., vol. 8, no. 1, pp. 81–100, Oct. 2003, doi:
10.1080/10864415.2003.11044287.
[5] J. D. Bolter, “Sherry Turkle, Life on the Screen: Identity in the Age of the Internet (London:
Weidenfeld & Nicholson, 1996), 347pp. ISBN 0 297 81514 8,” Converg. Int. J. Res. New
Media Technol., vol. 3, no. 1, pp. 131–133, Mar. 1997, doi: 10.1177/135485659700300112.
[6] “Roger Clarke’s ‘Authentication Model,’” Dec. 26, 2001.
http://www.rogerclarke.com/EC/AuthModel.html (accessed May 09, 2021).
[7] 14:00-17:00, “ISO/IEC 24760-2:2015,” ISO.
https://www.iso.org/cms/render/live/en/sites/isoorg/contents/data/standard/05/79/57915.html
(accessed May 10, 2021).
[8] C. Satchell, G. Shanks, S. Howard, and J. Murphy, “Identity crisis: user perspectives on
multiplicity and control in federated identity management,” Behav. Inf. Technol., vol. 30, no.
1, pp. 51–62, Jan. 2011, doi: 10.1080/01449290801987292.
[9] E. Maler and D. Reed, “The Venn of Identity: Options and Issues in Federated Identity
Management,” IEEE Secur. Priv. Mag., vol. 6, no. 2, pp. 16–23, Mar. 2008, doi:
10.1109/MSP.2008.50.
[10] D. W. Chadwick, “Federated Identity Management,” in Foundations of Security Analysis
and Design V, vol. 5705, A. Aldini, G. Barthe, and R. Gorrieri, Eds. Berlin, Heidelberg:
Springer Berlin Heidelberg, 2009, pp. 96–120. doi: 10.1007/978-3-642-03829-7_3.
[11] “Home - Liberty Alliance.” http://www.projectliberty.org/ (accessed May 09, 2021).
[12] S. S. Y. Shim, Geetanjali Bhalla, and Vishnu Pendyala, “Federated identity
management,” Computer, vol. 38, no. 12, pp. 120–122, Dec. 2005, doi:
10.1109/MC.2005.408.
[13] W. A. Alrodhan, “Privacy and Practicality of Identity Management Systems,” p. 262.

[14] I. Friese et al., “Bridging IMS and Internet Identity,” in 2010 14th International
Conference on Intelligence in Next Generation Networks, Berlin, Germany, Oct. 2010, pp.
1–6. doi: 10.1109/ICIN.2010.5640948.
[15] G. Danezis and P. Golle, Eds., Privacy enhancing technologies: 6th international
workshop, PET 2006, Cambridge, UK, June 28-30, 2006: revised selected papers. Berlin ;
New York: Springer, 2006.
[16] “Liberty Alliance Releases Identity Assurance Framework / Press Releases / News &
Events / Home - Liberty Alliance.”
http://projectliberty.org/liberty/news_events/press_releases/liberty_alliance_releases_identity
_assurance_framework/ (accessed May 10, 2021).
[17] H. Eggleston and K. Ginanni, “Simplifying Licensed Resource Access Through
Shibboleth,” Ser. Libr., vol. 56, no. 1–4, pp. 209–214, Mar. 2009, doi:
10.1080/03615260802686981.
[18] “Shibboleth Consortium - Shaping the future of Shibboleth Software,” Shibboleth
Consortium. https://www.shibboleth.net/ (accessed May 09, 2021).
[19] J. Paschoud and M. Garibyan, “Shibboleth for New Generation Access Management (uk
Perspective),” Proc. IADIS Int. Conf. WWWInternet, pp. 365–370, Jan. 2005.
[20] J. Paschoud, “SHIBBOLETH AND SAML: AT LAST, A VIABLE GLOBAL
STANDARD FOR RESOURCE ACCESS MANAGEMENT,” New Rev. Inf. Netw., vol. 10,
no. 2, pp. 147–160, Nov. 2004, doi: 10.1080/13614570500053874.
[21] “Understanding WS-Federation.” https://docs.microsoft.com/en-us/previous-
versions/dotnet/articles/bb498017(v=msdn.10) (accessed May 10, 2021).
[22] “ws-federation-1.2-spec-os.pdf.” Accessed: May 10, 2021. [Online]. Available:
http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.pdf
[23] J. Kallela, “Federated Identity Management Solutions,” p. 8.
[24] I. Reid et al., “Assertions and Protocols for the OASIS Security Assertion Markup
Language,” January 10, 2.
[25] S. Ferdous and R. Poet, “Managing Dynamic Identity Federations using Security
Assertion Markup Language,” J. Theor. Appl. Electron. Commer. Res., vol. 10, no. 2, pp.
53–76, May 2015, doi: 10.4067/S0718-18762015000200005.
[26] R. Cover, “Security Assertion Markup Language (SAML).”
http://xml.coverpages.org/saml.html (accessed May 10, 2021).

[27] N. Duan and K. Smith, “IDentiaTM - An Identity Bridge Integrating OpenID and SAML
for Enhanced Identity Trust and User Access Control,” presented at the Imaging and Signal
Processing in Health Care and Technology, Baltimore, USA, 2012. doi: 10.2316/P.2012.773-
032.
[28] “OpenID Connect | OpenID,” Aug. 01, 2011. https://openid.net/connect/ (accessed May
10, 2021).
[29] J. Kang, Y. Elmehdwi, and D. Lin, “SLIM: Secure and Lightweight Identity Management
in VANETs with Minimum Infrastructure Reliance,” in Security and Privacy in
Communication Networks, vol. 238, X. Lin, A. Ghorbani, K. Ren, S. Zhu, and A. Zhang,
Eds. Cham: Springer International Publishing, 2018, pp. 823–837. doi: 10.1007/978-3-319-
78813-5_45.
[30] U. Fragoso-Rodriguez, M. Laurent-Maknavicius, and J. Incera-Dieguez, “Federated
Identity Architectures,” p. 8.
[31] “wsfed-liberty-overview-10-13-03.pdf.” Accessed: May 10, 2021. [Online]. Available:
http://www.projectliberty.org/liberty/content/download/402/2765/file/wsfed-liberty-
overview-10-13-03.pdf
[32] J. Jensen, “Federated Identity Management Challenges,” in 2012 Seventh International
Conference on Availability, Reliability and Security, Prague, TBD, Czech Republic, Aug.
2012, pp. 230–235. doi: 10.1109/ARES.2012.68.
[33] A. A. Malik, H. Anwar, and M. A. Shibli, “Federated Identity Management (FIM):
Challenges and opportunities,” in 2015 Conference on Information Assurance and Cyber
Security (CIACS), Rawalpindi, Pakistan, Dec. 2015, pp. 75–82. doi:
10.1109/CIACS.2015.7395570.
[34] U. Kylau, I. Thomas, M. Menzel, and C. Meinel, “Trust Requirements in Identity
Federation Topologies,” in 2009 International Conference on Advanced Information
Networking and Applications, Bradford, United Kingdom, 2009, pp. 137–145. doi:
10.1109/AINA.2009.80.
[35] R. Horbe and W. Hotzendorfer, “Privacy by Design in Federated Identity Management,”
in 2015 IEEE Security and Privacy Workshops, San Jose, CA, May 2015, pp. 167–174. doi:
10.1109/SPW.2015.24.
[36] G. Bendiab, S. Shiaeles, S. Boucherkha, and B. Ghita, “FCMDT: A novel fuzzy cognitive
maps dynamic trust model for cloud federated identity management,” Comput. Secur., vol.
86, pp. 270–290, Sep. 2019, doi: 10.1016/j.cose.2019.06.011.
[37] “General Data Protection Regulation (GDPR) – Official Legal Text.” https://gdpr-
info.eu/ (accessed May 10, 2021).

[38] “OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
- OECD.”
https://www.oecd.org/sti/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderfl
owsofpersonaldata.htm (accessed May 10, 2021).
[39] D. W. Chadwick and G. Inman, “Attribute Aggregation in Federated Identity
Management,” Computer, vol. 42, no. 5, pp. 33–40, May 2009, doi: 10.1109/MC.2009.143.
[40] D. Shin, R. Lopes, and W. Claycomb, “Authenticated Dictionary-Based Attribute Sharing
in Federated Identity Management,” in 2009 Sixth International Conference on Information
Technology: New Generations, Las Vegas, NV, USA, 2009, pp. 504–509. doi:
10.1109/ITNG.2009.193.
[41] S. Rieger, “User-Centric Identity Management in Heterogeneous Federations,” in 2009
Fourth International Conference on Internet and Web Applications and Services,
Venice/Mestre, Italy, 2009, pp. 527–532. doi: 10.1109/ICIW.2009.85.
[42] P. Madsen, Y. Koga, and K. Takahashi, “Federated identity management for protecting
users from ID theft,” in Proceedings of the 2005 workshop on Digital identity management -
DIM ’05, Fairfax, VA, USA, 2005, p. 77. doi: 10.1145/1102486.1102500.
[43] R. M. Alguliev and F. C. Abdullayeva, “Identity management based security architecture
of cloud computing on multi-agent systems,” in Third International Conference on
Innovative Computing Technology (INTECH 2013), London, United Kingdom, Aug. 2013,
pp. 123–126. doi: 10.1109/INTECH.2013.6653643.
[44] M. V. Bhonsle, N. Poolsappasit, and S. K. Madria, “ETIS -- Efficient Trust and Identity
Management System for Federated Service Providers,” in 2013 IEEE 27th International
Conference on Advanced Information Networking and Applications (AINA), Barcelona,
Mar. 2013, pp. 219–226. doi: 10.1109/AINA.2013.13.
[45] L. Liu and J. Gao, “Research on Trusted Federated Identity Management and Its
Application,” in 2009 First International Workshop on Education Technology and Computer
Science, Wuhan, Hubei, China, 2009, pp. 438–442. doi: 10.1109/ETCS.2009.627.
[46] Z. A. Khattak, S. Sulaiman, and J.-L. A. Manan, “A study on threat model for federated
identities in federated identity management system,” in 2010 International Symposium on
Information Technology, Kuala Lumpur, Malaysia, Jun. 2010, pp. 618–623. doi:
10.1109/ITSIM.2010.5561611.
[47] A. Baldwin, M. Casassa Mont, Y. Beres, and S. Shiu, “Assurance for federated identity
management,” J. Comput. Secur., vol. 18, no. 4, pp. 541–572, Jun. 2010, doi: 10.3233/JCS-
2009-0380.
[48] Dongwan Shin, Gail-Joon Ahn, and Prasad Shenoy, “Ensuring information assurance in
federated identity management,” in IEEE International Conference on Performance,
Computing, and Communications, 2004, Phoenix, AZ, USA, 2004, pp. 821–826. doi:
10.1109/PCCC.2004.1395193.

[49] E. Birrell and F. B. Schneider, “Federated Identity Management Systems: A Privacy-
Based Characterization,” IEEE Secur. Priv., vol. 11, no. 5, pp. 36–48, Sep. 2013, doi:
10.1109/MSP.2013.114.
[50] P. Mell, J. Dray, and J. Shook, “Smart Contract Federated Identity Management without
Third Party Authentication Services,” ArXiv190611057 Cs, Jun. 2019, Accessed: May 10,
2021. [Online]. Available: http://arxiv.org/abs/1906.11057
[51] “XML Encryption Syntax and Processing Version 1.1.” https://www.w3.org/TR/xmlenc-
core1/ (accessed May 10, 2021).
[52] “liberty-idff-guidelines-v1.2.pdf.” Accessed: May 10, 2021. [Online]. Available:
http://projectliberty.org/liberty/content/download/322/2378/file/liberty-idff-guidelines-
v1.2.pdf

AUTHORS
Maha Aldosary is currently pursuing an M.Sc. degree in information security with Imam
Muhammad ibn Saud Islamic University. She graduated with a bachelor's degree in computer
science from the University of Tabuk. Her research interests include blockchain technology, IoT,
identity management and information security.
Norah Alqahtani is currently pursuing an M.Sc. degree in information security with Imam
Muhammad ibn Saud Islamic University. She graduated with a bachelor's degree in computer
science from Shagra University. Her research interests include Cloud Computing, blockchain
technology, identity management and information security.

MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWARE
Abdurrahman Pektaş1
, Elif Nurdan Pektaş2
and Tankut Acarman1
1
Department of Computer Engineering, Galatasaray University, İstanbul, Turkey 2
Siemens
Turkey, Yakack Caddesi No: 111, 34870 Kartal, Istanbul, Turkey
ABSTRACT
In the era of information technology and connected world, detecting malware has been a major
security concern for individuals, companies and even for states. The New generation of malware
samples upgraded with advanced protection mechanism such as packing, and obfuscation
frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior
thanks to its description capability of a software functionality. In this paper, we propose an
effective and efficient malware detection method that uses sequential pattern mining algorithm to
discover representative and discriminative API call patterns. Then, we apply three machine
learning algorithms to classify malware samples. Based on the experimental results, the proposed
method assures favorable results with 0.999 F-measure on a dataset including 8152 malware
samples belonging to 16 families and 523 benign samples.
KEYWORDS
Android, Malware, Frequent Sequence Mining, Behavioural Pattern, API Calls, Dynamic
Analysis

REFERENCES
[1] Statcounter: Operating system market share worldwide, (2018). http://gs.statcounter.com/os-
marketshare#monthly-201801-201801-bar. [Online; accessed 7-October-2017].
[2] Ilsun You & Kangbin Yim (2010) “Malware obfuscation techniques: A brief survey”,
Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010
International Conference on, pp297– 300.
[3] 2016 Symantec Security Report, Internet:
https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf,
29.06.2018.
[4] Abdurrahman Pektas & Tankut Acarman (2018) “Malware classification based on api calls
and behavior analysis”, IET Information Security, Vol. 12, No.2, pp 107-117.
[5] Abdurrahman Pektas & Tankut Acarman (2014) “A dynamic malware analyzer against
virtual machine aware malicious software”, Security and Communication Networks, Vol. 7,
No.12, pp2245–2257.
[6] Nizar R Mabroukeh & Christie I Ezeife (2010)“A taxonomy of sequential pattern mining
algorithms”, ACM Computing Surveys (CSUR), Vol. 43, No.1:3
[7] Philippe Fournier-Viger & Jerry Chun-Wei Lin & Rage Uday Kiran & Yun Sing Koh &
Rincy Thomas (2017) “A survey of sequential pattern mining”, Data Science and Pattern
Recognition, Vol.1, No.1, pp54–77.
[8] Yong Qiao & Jie He & Yuexiang Yang & Lin Ji (2013) “Analyzing malware by abstracting
the frequent itemsets in api call sequences”,Trust, Security and Privacy in Computing and
Communications (TrustCom), 2013 12th IEEE International Conference on, pp.265–270.
[9] Youngjoon Ki & Eunjin Kim & Huy Kang Kim (2015) “A novel approach to detect malware
based on api call sequence analysis”, International Journal of Distributed Sensor Networks,
Vol. 11, No.6,pp:95-10.
[10] In Kyeom Cho & Eul Gyu Im (2015), “Extracting representative api patterns of malware
families using multiple sequence alignments”, In Proceedings of the 2015 Conference on
research in adaptive and convergent systems, pp.308–313.
[11] Winfried Just (2001) “Computational complexity of multiple sequence alignment with
sp-score”, Journal of computational biology, Vol. 8, No. 6. pp. 615–623.
[12] Lusheng Wang & Tao Jiang (1994), “On the complexity of multiple sequence
alignment”, Journal of computational biology, Vol. 1, No.4, p.337–348.
[13] Yujie Fan &Yanfang Ye & Lifei Chen (2016), “Malicious sequential pattern mining for
automatic malware detection”, Expert Systems with Applications, Vol.52, pp.16–25.

[14] Iltaek Kwon & Eul Gyu Im (2017), “Extracting the representative api call patterns of
malware families using recurrent neural network”, In Proceedings of the International
Conference on Research in Adaptive and Convergent Systems, pp.202–207.
[15] Canfora, G., Mercaldo, F., & Visaggio, C. A. (2016). An hmm and structural entropy
based detector for android malware: An empirical study. Computers & Security, 61, 1-18.
[16] Salehi, Z., Sami, A., & Ghiasi, M. (2017). MAAR: Robust features to detect malicious
activity based on API calls, their arguments and return values. Engineering Applications of
Artificial Intelligence, 59, 93-102.
[17] Shijo, P. V., & Salim, A. (2015). Integrated static and dynamic analysis for malware
detection. Procedia Computer Science, 46, 804-811.
[18] Cuckoo Sandbox, Internet: https://cuckoosandbox.org/, 29.06.2018.
[19] Virustotal, Internet: https://www.virustotal.com/, 29.06.2018.
[20] Payam Refaeilzadeh & Lei Tang & Huan Liu (2009) “Cross-validation”, In Encyclopedia
of database systems, pp.532–538, Springer.
[21] A. Barthels, Behavior-based Malware Detection, Faculty of Informatics, The Technical
University of Munich, Master Thesis, 2009.
[22] Chand, C., Thakkar, A., & Ganatra, A. (2012). Sequential pattern mining: Survey and
current research challenges. International Journal of Soft Computing and Engineering, 2(1),
185-193.
[23] Parikh, M., Chaudhari, B., & Chand, C. (2013). A comparative study of sequential
pattern mining algorithms. International Journal of Application or Innovation in Engineering
& Management (IJAIEM), 2(2).
[24] Mooney, C. H., & Roddick, J. F. (2013). Sequential pattern mining--approaches and
algorithms. ACM Computing Surveys (CSUR), 45(2), 19.
[25] Ramakrishnan Srikant & Rakesh Agrawal (1996), “Mining sequential patterns:
Generalizations and performance improvements”, In International Conference on Extending
Database Technology, pp.1–17, Springer.
[26] Jay Ayres & Jason Flannick & Johannes Gehrke & Tomi Yiu (2002) “Sequential pattern
mining using a bitmap representation”, In Proceedings of the eighth ACM SIGKDD
international conference on Knowledge discovery and data mining, pp.429–435.
[27] Mohammed J Zaki. Spade (2001) “An efficient algorithm for mining frequent sequences.
Machine learning”, Vol.42, No.1-2, pp.31–60.

[28] Philippe Fournier-Viger &Antonio Gomariz & Ted Gueniche &Azadeh Soltani & Cheng-
Wei Wu & Vincent S Tseng (2014) “Spmf: a java open-source pattern mining library”, The
Journal of Machine Learning Research, Vol.15, No.1, pp.3389–3393.
[29] SPMF library, Internet: http://www.philippe-fournier-viger.com/spmf/, 29.06.2018.
[30] Philippe Fournier-Viger & Antonio Gomariz & Manuel Campos & Rincy Thomas (2014)
“Fast vertical mining of sequential patterns using co-occurrence information”, In Pacific-
Asia Conference on Knowledge Discovery and Data Mining, pp.40–52, Springer.
[31] Gandotra, E., Bansal, D., & Sofat, S. (2014). Malware analysis and classification: A
survey. Journal of Information Security, 5(02), 56.
[32] Leo Breiman (2001) “Random forests”, Machine learning, Vol.45, No.1, pp.5–32.
[33] Padraig Cunningham & Sarah Jane Delany (2007) “k-nearest neighbour classifiers”,
Multiple Classifier Systems, Vol.34, pp.1–17.
[34] Marti A. Hearst & Susan T Dumais & Edgar Osuna & John Platt & Bernhard Scholkopf
(1998), “Support vector machines”, IEEE Intelligent Systems and their applications, Vol. 13,
No.4, pp.18–28.
[35] Fabian Pedregosa & Gaël Varoquaux &Alexandre Gramfort & Vincent Michel &
Bertrand Thirion & Olivier Grisel & Mathieu Blondel & Peter Prettenhofer & Ron Weiss
&Vincent Dubourg (2011) “Scikit-learn: Machine learning in python”, Journal of machine
learning research, Vol. 12, pp.2825–2830.
[36] Hossin, M., & Sulaiman, M. N. (2015). A review on evaluation metrics for data
classification evaluations. International Journal of Data Mining & Knowledge Management
Process, 5(2), 1.
[37] Yiming Yang (1999) “An evaluation of statistical approaches to text categorization”,
Information retrieval, Vol.1, No. 1-2, pp.69–90.
[38] Thomas G Dietterich (1998), “Approximate statistical tests for comparing supervised
classification learning algorithms”, Neural computation, Vol.10, No.7, pp.1895–1923.
AUTHORS
Abdurrahman Pektaş received his B.Sc. and M Sc. at Galatasaray University
and his PhD at the University of Joseph Fourier, all in computer engineering, in

2009, 2012 and 2015, respectively. He is a senior researcher at Galatasaray University. His
research interests are analysis, detection and classification of malicious software, machine
learning and security analysis tool development.
Elif Nurdan Pektaş received his B.Sc. and M Sc. at Galatasaray University all
in computer engineering, in 2010, and 2014, respectively. She is leading
software developer at Siemens Turkey. Her research interests are developing
IoT based applications, deep learning, cloud based application and automated
testing.
Tankut Acarman received his Ph.D. degree in Electrical and Computer
engineering from the Ohio State University in 2002. He is professor and head of
computer engineering department at Galatasaray University in Istanbul, Turkey.
His research interests lie along all aspects of autonomous s ystems, intelligent
vehicle technologies and security. He is the co-author of the book entitled
“Autonomous Ground.
HYBRIDIZATION OF DCT BASED STEGANOGRAPHY AND RANDOM GRIDS
Pratarshi Saha1
, Sandeep Gurung2
and Kunal Krishanu Ghose3

1,2
Department of Computer Science & Engineering, Sikkim Manipal Institute of Technology,
Majhitar, Sikkim, India
3
QualComm, Sandiego, CA, USA
ABSTRACT
With the increasing popularity of information technology in communication network, security
has become an inseparable but vital issue for providing for confidentiality, data security, entity
authentication and data origin authentication. Steganography is the scheme of hiding data into a
cover media to provide confidentiality and secrecy without risking suspicion of an intruder.
Visual cryptography is a new technique which provides information security using simple
algorithm unlike the complex, computationally intensive algorithms used in other techniques like
traditional cryptography. This technique allows visual information to be encrypted in such a way
that their decryption can be performed by the Human Visual System (HVS), without any
complex cryptographic algorithms. To provide a better secured system that ensures high data
capacity and information security, a multilevel security system can be thought for which can be
built by incorporating the principles of steganography and visual cryptography.
KEYWORDS
Data Security, DCT based Steganography, Random Grids, Visual Cryptography, Hybrid
For More Details : http://airccse.org/journal/nsa/5413nsa13.pdf
REFERENCES
[1] Ahmad Movahedian Attar, Isfahan University of Technology, Omid Taheri, Isfahan
University of Technology, Saeid Sadri, Isfahan University of Technology, Mohammad Javad

Omidi, Isfahan University of Technology,” Data Hiding in Halftone Images Using Error
Diffusion Half toning Method with Adaptive Thresholding”, 2006,pp. 2.
[2] Adi Shamir and Moni Naor, “Visual Cryptography”, 1964, pp. 1-2, 3-5.
[3] Hardik Patel and Preeti Dave, “Steganography Technique based on DCT Coefficients”, Jan –
Feb 2012, International Journal of Engineering Research and Applications, Vol 2, Issue 1,pp
713-717, www.ijera.com.
[4] Jonathan Weir and Wei Qi Yan Queen’s University Belfast, Belfast, BT7 1NN,UK,A, 2010,
“Comprehensive Study of Visual Cryptography”, pp. 70.
[5] Kafri, O., Keren, E., “Encryption of pictures and shapes by Random Grids.” Optics,Letters,
1987, 377–379.
[6] Shyong Jian Shyu , Department of Computer Science and Information Engineering, Ming
Chuan University, 5 Der Ming Rd, Gawi Shan, Taoyuan 333,Taiwan, ROC. “Image
Encryption by Random Grids”, 2006, The Journal of Pattern Recognition Society,
www.sciencedirect.com.
[7] Tzung-Her Chen, Kai-Hsiang Tsao Department of Computer Science and Information
Engineering, National Chiayi University, 300 University Rd., Chiayi City60004, Taiwan,
“Threshold Visual Secret Sharing using Random Grids”,2011, pp. 1198.
AUTHORS
First Author:-

Pratarshi Saha is a Final year student in the Department of Computer Science and Engineering
at Sikkim Manipal Institute of Technology, Mazitar, Sikkim, India. He subject of interests are
Computer and Information Security, Design and Analysis of Algorithms and Computer
Networks.
Second Author:-
Sandeep Gurung received his M. Tech degree in Computer Science and Engineering from the
Sikkim Manipal University in 2009 and is currently pursuing his Ph.D. degree in Computer
Science and Engineering. He is a Assistant Professor in the Department of Computer Science at
Sikkim Manipal Institute of Technology, Mazitar, Sikkim, India. His research interests include
Computer Networks, Cryptography, Distributed Systems and Soft Computing.
Third Author:-
Kunal Krishanu Ghose did his MS (Engg.) in Electrical and Communication Engineering with
specialization Wireless Sensor Network from University at Buffalo, NY, USA in 2009 and B.
Tech (ECE) from NIT Durgapur, INDIA in 2006. After completion of B. Tech, he joined as a
System Engineer in Aricent (Hughes Software System), Chennai for a year in 2007. Presently, he
is working in Qualcomm Inc., Sandiego, CA, USA as a Sr. Engineer in Architecture
Performance Department, looking after the Quad core processor technology. His areas of
research interest are Mobile Network, Communications, and Cryptography.

July 2021 - Top 10 Read Articles in Network Security & Its Applications

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (19)

Similaire à July 2021 - Top 10 Read Articles in Network Security & Its Applications

Similaire à July 2021 - Top 10 Read Articles in Network Security & Its Applications (20)

Dernier

Dernier (20)

July 2021 - Top 10 Read Articles in Network Security & Its Applications