Using malicious sites to launch attacks against client user applications is a growing threat in recent years. This led to emergence of new technologies to counter and detect attacks against end user. One of these technologies is honeyclient (aka client honeypot). Honeyclients crawl the Internet to find and identify web servers that exploit clientside vulnerabilities. In this paper, we address h...

We study users’ incentives to become cybercriminals when network security is interdependent. We present a game-theoretic model in which each player (i.e., network user) decides his type, honest or malicious. Honest users represent law-abiding network users, while malicious users represent cybercriminals. After deciding on their types, the users make their security choices. We will follow [29], ...

In this paper, we show that the certificateless signature scheme proposed by Yap, Heng and Goi at SecUbiq 2006 is insecure against a key replacement attack and a malicious-but-passive KGC attack, respectively. The former implies that anyone who replaces a signer’s public key can forge valid signatures for that signer without knowledge of the signer’s private key. The latter supposes the malicio...

Number and complicacy of malware attack has increased multiple folds in recent times. Informed Internet users generally keep their computer protected but get confused when it comes to execute the untrusted applications. In such cases users may fall prey to malicious applications. There are malware behavior analyzers available but leave report analysis to the user. Common users are not trained t...

The proposed work aims to enhance authorization and authentication process by using multilevel authentication to protect cloud from malicious user and unauthorized access, implement security measure to protect data of users stored in cloud environment. It will also provide service level security. Also user based access control is applied over user's data so that user can grant, revoke sharing p...

With the rapid growth of cloud computing, the importance of a reputation system for cloud computing services has attracted a lot of attention. Building an objective and reliable reputation scheme has been crucial to promote the development of cloud computing. To address the challenges of reputation evaluation in cloud computing, including the diverse nature of cloud services and intricacy of ma...

Digital signatures allow us to produce documents whose integrity and authenticity, as we generated them, is verifiable by anybody who has access to our public key. Furthermore, we cannot repudiate those documents as something we never saw, let alone signed, since nobody else but us could access our private key. In this paper we show how the previous statement can be proved wrong when carefully ...

A system and methods for detecting malicious executable attachments at an email processing application of a computer system using data mining techniques. The email processing application may be located at the server or at the client or host. The executable attachments are filtered from said email, and byte sequence features are extracted from the executable attachment. The executable attachment...

Nowadays, Android-based mobile devices, such as smartphones and tablets, have become increasingly popular, and the number of Android applications is growing dramatically. To examine and validate such a high volume of applications, an automated testing and analysis environment is needed. Such an environment is particularly useful for the detection of malicious applications which steal the users’...