RH Logo

Sign in to discover all of the research papers you care about, live as they're published.

2
Date Added: Dec 27, 2021
Date Added: Dec 27, 2021
This paper describes the author's participation in the 3rd edition of the Machine Learning Security Evasion Competition (MLSEC-2021) sponsored by CUJO AI, VM-Ray, MRG-Effitas, Nvidia and Microsoft. As in the previous year the goal was not only developing measures against adversarial attacks on a pre-defined set of malware samples but also finding ways of bypassing other teams' defenses in a simulated cloud environment. The submitted solutions were ranked second in both defender and attacker tracks.
Paper
2
Date Added: Dec 31, 2021
Date Added: Dec 31, 2021
Protecting people from cyber threats imposes great challenges, not only technically, but also socially. To achieve the intended level of awareness, software security principles need to be shown with concrete examples during security education. This study aims to design a serious game integrating software security knowledge and concepts into the processes to make it more engaging to learn while playing. In this paper, we have: (i) designed a serious game to compensate the deficiencies in the literature; (ii) performed empirical evaluations including survey, brainstorming and observation to the proposed game. Results: Our study shows that: (i) Cyber Security-Requirements Awareness Game (CSRAG) has a positive effect on players security learning outcomes, level of engagement and participation; (ii) Game-based learning can be an effective way of teaching security related scenarios.
2
Date Added: Dec 27, 2021
Date Added: Dec 27, 2021
Modern malware typically makes use of a domain generation algorithm (DGA) to avoid command and control domains or IPs being seized or sinkholed. This means that an infected system may attempt to access many domains in an attempt to contact the command and control server. Therefore, the automatic detection of DGA domains is an important task, both for the sake of blocking malicious domains and identifying compromised hosts. However, many DGAs use English wordlists to generate plausibly clean-looking domain names; this makes automatic detection difficult. In this work, we devise a notion of difficulty for DGA families called the smashword score; this measures how much a DGA family looks like English words. We find that this measure accurately reflects how much a DGA family's domains look like they are made from natural English words. We then describe our new modeling approach, which is a combination of a novel recurrent neural network architecture with domain registration side information. Our experiments show the model is capable of effectively identifying domains generated by difficult DGA families. Our experiments also show that our model outperforms existing approaches, and is able to reliably detect difficult DGA families such as matsnu, suppobox, rovnix, and others. The model's performance compared to the state of the art is best for DGA families that resemble English words. We believe that this model could either be used in a standalone DGA domain detector---such as an endpoint security application---or alternately the model could be used as a part of a larger malware detection system.
6
Date Added: Jan 16, 2021
Date Added: Jan 16, 2021
As the indispensable trading platforms of the ecosystem, hundreds of cryptocurrency exchanges are emerging to facilitate the trading of digital assets. While, it also attracts the attention of attackers. A number of scam attacks were reported targeting cryptocurrency exchanges, leading to a huge amount of financial loss. However, no previous work in the research community has systematically studied this problem. This paper makes the first effort to identify and characterize the cryptocurrency exchange scams. First, over 1500 scam domains and over 300 fake apps are identified, by collecting existing reports and using typosquatting generation techniques. Then, by investigating the relationship between the scam domains and fake apps, this paper identifies 94 scam domain families and 30 fake app families. By further characterizing the impacts of such scams, it is revealed that these scams have incurred financial loss of 520k US dollars at least. It is further observed that the fake apps have been sneaked to major app markets (including Google Play) to infect unsuspicious users. The findings in this paper demonstrate the urgency to identify and prevent cryptocurrency exchange scams. To facilitate future research, all the identified scam domains and fake apps have been publicly released to the research community.
Load More