VM Availability in Presence of Malicious Attacks in Open-Source Cloud

Bhan, Rati; Ahmad, Mir Shahnawaz; Jain, Mohit; Singh, Aditya; Pamula, Rajendra; Faruki, Parvez

doi:10.1109/confluence.2019.8776920

Cited by 4 publications

(2 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…While there is a lack of application for EcBT and WMO in the last 5 years, they have been actively reviewed by work that either adopt them or strive to develop a new fault taxonomy for a different software disciplines. This is observed in EcBT [17]- [19], WMO [20], CFWA [21]- [23], OOWFT [24]- [25], WFT [25]- [26] and WAFC [27] respectively.…”

Section: Rq3: How Is the Fault Taxonomy Applied Reviewed Or Validated?mentioning

confidence: 83%

A Review on Fault Taxonomies for Web Testing

2020

IJETER

View full text Add to dashboard Cite

For functional testing of web applications, fault-seeding is a method in which a software tester creates several modified versions of a web application that contain errors. They are useful for discovering faults that can compromise a web application's behaviour. Using a fault taxonomy to guide the fault-seeding of a system increases the confidence that the seeded faults are realistic. This paper presents a systematic review of fault taxonomies that are introduced for testing web applications. Selection of relevant literature is performed by applying the inclusion and exclusion criteria. Six significant fault taxonomies for web testing are then selected and analysed. We suggest three fault classes or sub-classes that can be incorporated into a fault taxonomy namely the warning notification fault, media fault and orphan page fault. Finally, some major areas where the fault taxonomies are commonly applied are health software applications, cloud computing, Android applications and desktop applications.

show abstract

Section: Rq3: How Is the Fault Taxonomy Applied Reviewed Or Validated?mentioning

confidence: 83%

A Review on Fault Taxonomies for Web Testing

2020

IJETER

View full text Add to dashboard Cite

show abstract

“…Dendroid [58] is a recent Remote Administration Toolkit (RAT), which lets adversaries create a malicious app that controls the mobile device through a command & control server [59]. Dendroid breached Bouncer, an app vetting and malware blocking dynamic analysis service provided by Google in their Play store.…”

Section: A Dendroidmentioning

confidence: 99%

Detection of Sensitive Malicious Android Functionalities using Inter-component Control-flow Analysis

Bhan,

Faruki,

Pamula

2024

IEEE Access

View full text Add to dashboard Cite

Android Smartphone's popularity among users and developers is due to its open architecture and third-party apps. The exponential growth of third-party developer apps needs a robust code audit before upload. The weak program analysis at app stores adversely affects security. Third-party developers can update the app to introduce malicious activities. Sensitive sensor hardware and software resources are exfiltrated for leaking sensitive user data like messages, contacts, audio, and images. Malicious hidden features undermine user permission, including short message service (SMS), audio and video recording, voice calls, and image capturing. This paper treats the covert activities as called malicious features. The paper proposes a robust inter-component communication (ICC) based detection approach to identify such hidden functionality exploited by adversaries. The proposed technique detects sensitive features exploited by persistent malware without user knowledge. Despite the asynchronous characteristics of the ICC Application Programming Interface (API), we develop a precise ICC-based component-interaction graph (CIG) from the app bytecode. Moreover, we enrich the CIG with data flow analysis to identify the component reachability utilizing malicious features from legitimate user interactions. The proposed static app analysis framework identifies the prominent malware which exploits sensitive device resources. We assessed 25K benign and 13.3K malicious apps from 211 malware families with a classification rate of 0.40 % false positive (FP) and 0.37 % false negative (FN), better than existing state-of-the-art. In addition, we detect hidden features in unseen apps that subvert traditional antimalware.

show abstract

Cloud Computing for Smart Grid

Mohammed¹,

Syed²

2021

Smart Grid and Enabling Technologies

View full text Add to dashboard Cite

VM Availability in Presence of Malicious Attacks in Open-Source Cloud

Cited by 4 publications

References 13 publications

A Review on Fault Taxonomies for Web Testing

A Review on Fault Taxonomies for Web Testing

Detection of Sensitive Malicious Android Functionalities using Inter-component Control-flow Analysis

Cloud Computing for Smart Grid

Contact Info

Product

Resources

About