Malicious URL, a.k.a. malicious website, is a common and serious threat to cybersecurity. Malicious URLs host unsolicited content (spam, phishing, drive-by exploits, etc.) and lure unsuspecting users to become victims of scams (monetary loss, theft of private information, and malware installation), and cause losses of billions of dollars every year. It is imperative to detect and act on such th...

One of the main features of nodes in mobile ad hoc networks (MANETs) is their cooperation with neighbors to propagate data. Misusing this feature, malicious nodes cooperate with normal nodes to disrupt network operation and reduce its efficiency. These nodes attack other network nodes and prevent being detected by other nodes through using the mobility characteristic of nodes in MANETs. One of ...

Malware authors have been using websites to distribute their products as a way to evade spam filters and classic anti-virus engines. Yet there has been relatively little work in modeling the behaviors and temporal properties of websites, as most research focuses on detecting whether a website distributes malware. In this paper we ask: How does web-based malware spread? We conduct an extensive s...

We address issues related to sharing information in a distributed system consisting of autonomous entities, each of which holds a private database. Semi-honest behavior has been widely adopted as the model for adversarial threats in such system. However, this model substantially underestimates the capability of adversaries in reality, and thus is insufficient to be adopted in many real systems....

Malicious insiders are posing unique security challenges to organizations due to their knowledge, capabilities, and authorized access to information systems. Data theft and IT sabotage are two of the most recurring themes among crimes committed by malicious insiders. This paper aims to investigate the scale and scope of malicious insider risks and explore the impact of such threats on business ...

In this paper, we present carefully selected critical malicious patterns, which are in common among malware variants in the same malware family, but not other malware families, using statistical information processing. The analysed critical malicious patterns can be an effective training dataset, towards classification of known and unknown malware variants. We present malware variants as a set ...

We introduce the first secure Certificateless Public Key Encryption (CL-PKE) scheme against a malicious Key Generation Center (KGC) in the standard model. Recently, Au et al. [3] pointed out that the previous security models for CL-PKE schemes cannot guarantee the security against a malicious KGC. They also showed that although some schemes are secure against malicious KGC, they require the ran...

In this paper, we address issues related to sharing information in a distributed system consisting of autonomous entities, each of which holds a private database. Semi-honest behavior has been widely adopted as the model for adversarial threats. However, it substantially underestimates the capability of adversaries in reality. In this paper, we consider a threat space containing more powerful a...

In cognitive radio based cooperative sensing systems, some secondary users are likely to act malicious. Such secondary users are called malicious users. An optimal application of Dixon's outlier detection scheme for detecting malicious users in a cognitive radio cooperative spectrum sensing system has recently been termed as the Sliding Window Dixon's test. The Sliding window Dixon's test appli...

Code obfuscation is one of the main methods to hide malicious code. This paper proposes a new dynamic method which can effectively detect obfuscated malicious code. This method uses ISR to conduct dynamic debugging. The constraint solving during debugging process can detect deeply hidden malicious code by covering different execution paths. Besides, for malicious code that reads external resour...