Afsah Anwar scite author profile

The growth in the number of Android and Internet of Things (IoT) devices has witnessed a parallel increase in the number of malicious software (malware), calling for new analysis approaches. We represent binaries using their graph properties of the Control Flow Graph (CFG) structure and conduct an in-depth analysis of malicious graphs extracted from the Android and IoT malware to understand their differences. Using 2,874 and 2,891 malware binaries corresponding to IoT and Android samples, we analyze both general characteristics and graph algorithmic properties. Using the CFG as an abstract structure, we then emphasize various interesting findings, such as the prevalence of unreachable code in Android malware, noted by the multiple components in their CFGs, and larger number of nodes in the Android malware, compared to the IoT malware, highlighting a higher order of complexity. We implement a Machine Learning based classifiers to detect IoT malware from benign ones, and achieved an accuracy of 97.9% using Random Forests (RF).

show abstract

Adversarial Learning Attacks on Graph-based IoT Malware Detection Systems

Abusnaina

Khormali

Alasmary

et al. 2019

View full text Add to dashboard Cite

The main goal of this study is to investigate the robustness of graph-based Deep Learning (DL) models used for Internet of Things (IoT) malware classification against Adversarial Learning (AL). We designed two approaches to craft adversarial IoT software, including Off-the-Shelf Adversarial Attack (OSAA) methods, using six different AL attack approaches, and Graph Embedding and Augmentation (GEA). The GEA approach aims to preserve the functionality and practicality of the generated adversarial sample through a careful embedding of a benign sample to a malicious one. Our evaluations demonstrate that OSAAs are able to achieve a misclassification rate (MR) of 100%. Moreover, we observed that the GEA approach is able to misclassify all IoT malware samples as benign.

show abstract

Soteria: Detecting Adversarial Examples in Control Flow Graph-based Malware Classifiers

Alasmary

Abusnaina

Jang

et al. 2020

View full text Add to dashboard Cite

Graph-Based Comparison of IoT and Android Malware

Alasmary

Anwar

Park

et al. 2018

View full text Add to dashboard Cite

Understanding the Hidden Cost of Software Vulnerabilities: Measurements and Predictions

Anwar

Khormali

Nyang

et al. 2018

View full text Add to dashboard Cite

RouteChain: Towards Blockchain-based Secure and Efficient BGP Routing

Saad

Anwar

Ahmad

et al. 2019

View full text Add to dashboard Cite

Cleaning the NVD: Comprehensive Quality Assessment, Improvements, and Analyses

Anwar¹,

Abusnaina²,

Chen³

et al. 2020

Preprint

View full text Add to dashboard Cite

Vulnerability databases are vital sources of information on emergent software security concerns. Security professionals, from system administrators to developers to researchers, heavily depend on these databases to track vulnerabilities and analyze security trends. How reliable and accurate are these databases though?In this paper, we explore this question with the National Vulnerability Database (NVD), the U.S. government's repository of vulnerability information that arguably serves as the industry standard. Through a systematic investigation, we uncover inconsistent or incomplete data in the NVD that can impact its practical uses, affecting information such as the vulnerability publication dates, names of vendors and products affected, vulnerability severity scores, and vulnerability type categorizations. We explore the extent of these discrepancies and identify methods for automated corrections. Finally, we demonstrate the impact that these data issues can pose by comparing analyses using the original and our rectified versions of the NVD. Ultimately, our investigation of the NVD not only produces an improved source of vulnerability information, but also provides important insights and guidance for the security community on the curation and use of such data sources.

show abstract

Cleaning the NVD: Comprehensive Quality Assessment, Improvements, and Analyses

Anwar

Abusnaina

Chen

et al. 2021

View full text Add to dashboard Cite

12 3 4 5

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Afsah Anwar

Analyzing and Detecting Emerging Internet of Things Malware: A Graph-Based Approach

Adversarial Learning Attacks on Graph-based IoT Malware Detection Systems

Soteria: Detecting Adversarial Examples in Control Flow Graph-based Malware Classifiers

Graph-Based Comparison of IoT and Android Malware

Understanding the Hidden Cost of Software Vulnerabilities: Measurements and Predictions

RouteChain: Towards Blockchain-based Secure and Efficient BGP Routing

Cleaning the NVD: Comprehensive Quality Assessment, Improvements, and Analyses

Cleaning the NVD: Comprehensive Quality Assessment, Improvements, and Analyses

Contact Info

Product

Resources

About