Hybrid Security AssessmentMethodology forWeb Applications

Correa, Roddy A.; Higuera, Juan Ramón Bermejo; Higuera, Javier Bermejo; Sicilia, Juan Antonio; Rubio, Manuel Sánchez; Magreñán, Á. Alberto

doi:10.32604/cmes.2021.010700

Cited by 4 publications

(2 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The current advancement in programming improvement, the sundried methods for concealing noxious code (malware jumbling) by developers, adding hyper-availability in present society, makes malware investigation, analysis, identification, and classification develop into a real and increasingly complex problem to deal with nowadays. Android is an open-source operating system with over 1 billion users, covering many devices (smartphones, tablets, IoT, gadgets, and so on).The amount of confidential data presented across these devices (servers, smartphones, tablets, IoT, gadgets, and so on) boosts the complexity of attacks [1], which is a problem of concern to society. It becomes a priority to develop a method to analyze, detect, and classify malware on devices using the Android operating system.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Benchmarking Android malware analysis tools

Higuera,

Moreno,

Higuera

et al. 2023

Preprint

View full text Add to dashboard Cite

Today, malware is arguably one of the biggest challenges organizations face from a cybersecurity standpoint, regardless of the types of devices used in the organization. One of the most malware-attacked mobile operating systems today is Android. In response to this threat, this paper presents research on the functionalities and performance of different malicious Android application package analysis tools including one that uses machine learning techniques. In addition, it investigates how the use of these tools streamlines the process of detection, classification, and analysis of malicious APKs for Android operating system devices. The tools, that use Artificial Intelligence techniques, are more efficient than other current tools that do not use them. In this way, new approaches can be suggested in the specification, design, and development of new tools that help to analyze, from a cybersecurity point of view, the code of applications developed for this environment.

show abstract

mentioning

confidence: 99%

“…The amount of confidential data presented across these devices (servers, smartphones, tablets, IoT, gadgets, and so on) boosts the complexity of attacks [1], which is a problem of concern to society. It becomes a priority to develop a method to analyze, detect, and classify malware on devices using the Android operating system.…”

mentioning

confidence: 99%

Benchmarking Android malware analysis tools

Higuera,

Moreno,

Higuera

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

An Analysis System to Test Security of Software on Continuous Integration-Continuous Delivery Pipeline

Aparo,

Bernardeschi,

Lettieri

et al. 2023

2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

A Survey on Software Vulnerability Exploitability Assessment

Elder,

Rahman,

Fringer

et al. 2024

ACM Comput. Surv.

View full text Add to dashboard Cite

Knowing the exploitability and severity of software vulnerabilities helps practitioners prioritize vulnerability mitigation efforts. Researchers have proposed and evaluated many different exploitability assessment methods. The goal of this research is to assist practitioners and researchers in understanding existing methods for assessing vulnerability exploitability through a survey of exploitability assessment literature. We identify three exploitability assessment approaches: assessments based on original, manual CVSS, automated Deterministic assessments, and automated Probabilistic assessments. Other than the original CVSS, the two most common subcategories are Deterministic, Program-State-Based, and Probabilistic Learning Model (LM) Assessments.

show abstract

Hybrid Security AssessmentMethodology forWeb Applications

Cited by 4 publications

References 42 publications

Benchmarking Android malware analysis tools

Benchmarking Android malware analysis tools

An Analysis System to Test Security of Software on Continuous Integration-Continuous Delivery Pipeline

A Survey on Software Vulnerability Exploitability Assessment

Contact Info

Product

Resources

About