Showing 1–2 of 2 results for author: Monge, M A S

A novel pattern recognition system for detecting Android malware by analyzing suspicious boot sequences

Authors: Jorge Maestre Vidal, Marco Antonio Sotelo Monge, Luis Javier García Villalba

Abstract: This paper introduces a malware detection system for smartphones based on studying the dynamic behavior of suspicious applications. The main goal is to prevent the installation of the malicious software on the victim systems. The approach focuses on identifying malware addressed against the Android platform. For that purpose, only the system calls performed during the boot process of the recently… ▽ More This paper introduces a malware detection system for smartphones based on studying the dynamic behavior of suspicious applications. The main goal is to prevent the installation of the malicious software on the victim systems. The approach focuses on identifying malware addressed against the Android platform. For that purpose, only the system calls performed during the boot process of the recently installed applications are studied. Thereby the amount of information to be considered is reduced, since only activities related with their initialization are taken into account. The proposal defines a pattern recognition system with three processing layers: monitoring, analysis and decision-making. First, in order to extract the sequences of system calls, the potentially compromised applications are executed on a safe and isolated environment. Then the analysis step generates the metrics required for decision-making. This level combines sequence alignment algorithms with bagging, which allow scoring the similarity between the extracted sequences considering their regions of greatest resemblance. At the decision-making stage, the Wilcoxon signed-rank test is implemented, which determines if the new software is labeled as legitimate or malicious. The proposal has been tested in different experiments that include an in-depth study of a particular use case, and the evaluation of its effectiveness when analyzing samples of well-known public datasets. Promising experimental results have been shown, hence demonstrating that the approach is a good complement to the strategies of the bibliography. △ Less

Submitted 5 February, 2024; originally announced February 2024.

Journal ref: Knowledge-Based Systems. Vol. 150, pp. 198-217, June 2018

Conceptualization and cases of study on cyber operations against the sustainability of the tactical edge

Authors: Marco Antonio Sotelo Monge, Jorge Maestre Vidal

Abstract: The last decade consolidated the cyberspace as fifth domain of operations, which extends its preliminarily intelligence and information exchange purposes towards enabling complex offensive and defensive operations supported/supportively of parallel kinetic domain actuations. Although there is a plethora of well documented cases on strategic and operational interventions of cyber commands, the cybe… ▽ More The last decade consolidated the cyberspace as fifth domain of operations, which extends its preliminarily intelligence and information exchange purposes towards enabling complex offensive and defensive operations supported/supportively of parallel kinetic domain actuations. Although there is a plethora of well documented cases on strategic and operational interventions of cyber commands, the cyber tactical military edge is still a challenge, where cyber fires barely integrate to the traditional joint targeting cycle due among others to long planning/development times, asymmetric effects, strict target reachability requirements, or the fast propagation of collateral damage; the latter rapidly deriving on hybrid impacts (political, economic, social, etc.) and evidencing significant socio-technical gaps. In this context, it is expected that tactical clouds disruptively facilitate cyber operations at the edge while exposing the rest of the digital assets of the operation to them. On these grounds, the main purpose of the conducted research is to review and in depth analyze the risks and opportunities of jeopardizing the sustainability of the military tactical clouds at the edge by cyber operations. Along with a 1) comprehensively formulation of the researched problematic, the study 2) formalizes the Tactical Denial of Sustainability (TDoS) concept; 3) introduces the phasing, potential attack surfaces, terrains and impact of TDoS attacks; 4) emphasizes the related human and socio-technical aspects; 5) analyzes the threats/opportunities inherent to their impact on the cloud energy efficiency; 6) reviews their implications at the military cyber thinking for tactical operations; 7) illustrates five extensive CONOPS that facilitate the understanding of the TDoS concept; and given the high novelty of the discussed topics, it 8) paves the way for further research and development actions. △ Less

Submitted 21 January, 2021; originally announced January 2021.