A.C. Chen ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and.

Slides:

Advertisements

Similar presentations

P3: Toward Privacy-Preserving Photo Sharing Moo-Ryong Ra, Ramesh Govindan, and Antonio Ortega Networked Systems Laboratory & Signal and Image Processing.

Advertisements

Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.

Location Based Service Aloizio P. Silva Researcher at Federal University Of Minas Gerais, Brazil Copyright © 2003 Aloizio Silva, All rights reserved. School.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

Energy–efficient Reliable Broadcast in Underwater Acoustic Networks Paolo Casari and Albert F Harris III University of Padova, Italy University of Illinois.

Secure Unlocking of Mobile Touch Screen Devices by Simple Gestures – You can see it but you can not do it Arjmand Samuel Microsoft Research Muhammad Shahzad.

Applications of Numbered Undirected Graphs Gary s. Bloom and Solomon w. Golomb.

ACE: Exploiting Correlation for Energy-Efficient and Continuous Context Sensing Suman Nath Microsoft Research MobiSys 2012 Presenter: Jeffrey.

Service Discrimination and Audit File Reduction for Effective Intrusion Detection by Fernando Godínez (ITESM) In collaboration with Dieter Hutter (DFKI)

SMS WATCHDOG: PROFILING SOCIAL BEHAVIORS OF SMS USERS FOR ANOMALY DETECTION Authors: Guanhua Yan, Stephan Eidenbenz, Emannuele Galli Presented by: Ishtiaq.

A Parallel Computational Model for Heterogeneous Clusters Jose Luis Bosque, Luis Pastor, IEEE TRASACTION ON PARALLEL AND DISTRIBUTED SYSTEM, VOL. 17, NO.

A New Household Security Robot System Based on Wireless Sensor Network Reporter :Wei-Qin Du.

2006/12/05ICS iPower: An Energy Conservation System for Intelligent Buildings by Wireless Sensor Networks Yu-Chee Tseng, You-Chiun Wang, and Lun-Wu.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

1 Location-Based Services Using GSM Cell Information over Symbian OS Final Year Project LYU0301 Mok Ming Fai (mfmok1) Lee Kwok Chau (leekc1)

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

ICPCA 2008 Research of architecture for digital campus LBS in Pervasive Computing Environment 1.

Oral Defense by Sunny Tang 15 Aug 2003

FTP. SMS based FTP Introduction Existing System Proposed Solution Block Diagram Hardware and Software Features Benefits Future Scope Conclusion.

Automated malware classification based on network behavior

A Hybrid Model to Detect Malicious Executables Mohammad M. Masud Latifur Khan Bhavani Thuraisingham Department of Computer Science The University of Texas.

Ambulation : a tool for monitoring mobility over time using mobile phones Computational Science and Engineering, CSE '09. International Conference.

박 종 혁 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications,

Masquerade Detection Mark Stamp 1Masquerade Detection.

A VOICE ACTIVITY DETECTOR USING THE CHI-SQUARE TEST

SMS to Converter - A new approach to send .

Integrated Support for Handoff Management and Context Awareness in Heterogeneous Wireless Networks ACM MPAC’05.

AUTHORS: ASAF SHABTAI, URI KANONOV, YUVAL ELOVICI, CHANAN GLEZER, AND YAEL WEISS "ANDROMALY": A BEHAVIORAL MALWARE DETECTION FRAMEWORK FOR ANDROID.

Combining Cryptographic Primitives to Prevent Jamming Attacks in Wireless Networks.

RELATIONAL FAULT TOLERANT INTERFACE TO HETEROGENEOUS DISTRIBUTED DATABASES Prof. Osama Abulnaja Afraa Khalifah

Mobile Communication The SMS implies of several additional elements in the network architecture There is also another Element called.

Content Sharing over Smartphone-Based Delay- Tolerant Networks.

YZUCSE SYSLAB A Study of Web Search Engine Bias and its Assessment Ing-Xiang Chen and Cheng-Zen Yang Dept. of Computer Science and Engineering Yuan Ze.

Exploration of Instantaneous Amplitude and Frequency Features for Epileptic Seizure Prediction Ning Wang and Michael R. Lyu Dept. of Computer Science and.

Biologically Inspired Defenses against Computer Viruses International Joint Conference on Artificial Intelligence 95’ J.O. Kephart et al.

ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.

Exploiting Context Analysis for Combining Multiple Entity Resolution Systems -Ramu Bandaru Zhaoqi Chen Dmitri V.kalashnikov Sharad Mehrotra.

Automatic Detection of Social Tag Spams Using a Text Mining Approach Hsin-Chang Yang Associate Professor Department of Information Management National.

CISC Machine Learning for Solving Systems Problems Presented by: Ashwani Rao Dept of Computer & Information Sciences University of Delaware Learning.

2005/12/021 Fast Image Retrieval Using Low Frequency DCT Coefficients Dept. of Computer Engineering Tatung University Presenter: Yo-Ping Huang ( 黃有評 )

A Fast Handoff Scheme For IP over Bluetooth Sang-Hsu Chung, Hyunsoo Yoon, and Jung-Wan Cho Department of Electrical Engineering & Computer Science Divison.

1.Research Motivation 2.Existing Techniques 3.Proposed Technique 4.Limitations 5.Conclusion.

Voice Activity Detection based on OptimallyWeighted Combination of Multiple Features Yusuke Kida and Tatsuya Kawahara School of Informatics, Kyoto University,

Presenter: Kuei-Yu Hsu Advisor: Dr. Kai-Wei Ke 2013/4/29 Detecting Skype flows Hidden in Web Traffic.

Secure Unlocking of Mobile Touch Screen Devices by Simple Gestures – You can see it but you can not do it Muhammad Shahzad, Alex X. Liu Michigan State.

Data Transmission Mechanism for Multiple Gateway System Xuan He, Yuanchen Ma and Mika Mizutani, 6th International Conference on New Trends in Information.

1 Compression and Storage Schemes in a Sensor Network with Spatial and Temporal Coding Techniques You-Chiun Wang, Yao-Yu Hsieh, and Yu-Chee Tseng IEEE.

Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic.

Predicting the Location and Time of Mobile Phone Users by Using Sequential Pattern Mining Techniques Mert Özer, Ilkcan Keles, Ismail Hakki Toroslu, Pinar.

Hybrid Intelligent Systems for Network Security Lane Thames Georgia Institute of Technology Savannah, GA

Don’t Follow me : Spam Detection in Twitter January 12, 2011 In-seok An SNU Internet Database Lab. Alex Hai Wang The Pensylvania State University International.

Sniffer for Detecting Lost Mobiles

Secure Single Packet IP Traceback Mechanism to Identify the Source Zeeshan Shafi Khan, Nabila Akram, Khaled Alghathbar, Muhammad She, Rashid Mehmood Center.

Source : 2014 IEEE Ninth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP) Auther : Nacer Khalil, Mohamed.

1 A latent information function to extend domain attributes to improve the accuracy of small-data-set forecasting Reporter ： Zhao-Wei Luo Che-Jung Chang,Der-Chiang.

LetItFlow Architecture Specification Project Meeting Vienna, – Victor Carmocanu SIVECO Romania.

Shadow Detection in Remotely Sensed Images Based on Self-Adaptive Feature Selection Jiahang Liu, Tao Fang, and Deren Li IEEE TRANSACTIONS ON GEOSCIENCE.

DOWeR Detecting Outliers in Web Service Requests Master’s Presentation of Christian Blass.

Presented by Niwan Wattanakitrungroj

Learning to Detect and Classify Malicious Executables in the Wild by J

Honeypot in Mobile Network Security

BotCatch: A Behavior and Signature Correlated Bot Detection Approach

A survey of network anomaly detection techniques

A maximum likelihood estimation and training on the fly approach

Autonomous Network Alerting Systems and Programmable Networks

Kostas Kolomvatsos, Christos Anagnostopoulos

Exploiting the Power of Group Differences to Solve Data Analysis Problems Outlier & Intrusion Detection Guozhu Dong, PhD, Professor CSE

Bug Localization with Combination of Deep Learning and Information Retrieval A. N. Lam et al. International Conference on Program Comprehension 2017.

Presentation transcript:

A.C. Chen ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and Trust Computing, data management, and Applications ( STA 2011 ) 1

A.C. Chen ADL Outline Introduction Malformed message detection framework Evaluation and experimental results Conclusion 2

A.C. Chen ADL Introduction Malformed message detection framework Evaluation and experimental results Conclusion 3

A.C. Chen ADL SMS Deliver Process 4 SMS_SUBMIT SMS_DELIVER BSC: Base Station Controller MSC: Mobile Switch Center GMSC: Gateway MSC IWMSC: Interworking MSC

A.C. Chen ADL Short Message Service ( SMS ) A message sent to and from a mobile phone are first sent to an intermediate component called the Short Message Service Center (SMSC) The SMS message exists in 2 formats SMS_SUBMIT: mobile phone to SMSC SMS_DELIVER: SMSC to mobile phone 5

A.C. Chen ADL GSM Modem The SMS received on a mobile phone is handled through the GSM modem Provides an interface with the GSM network and the application processor of a smart phone Controlled through standardized AT commands Apps Telephony Stack Modem AT commands AT Result Codes Responsible for cellular communications Responsible for the communication between application processor and the modem 6

A.C. Chen ADL Example: SMS_DELIVER ///AT Result Code + the length of SMS Complete SMS string in hex. 7

A.C. Chen ADL Malformed SMS attack Cause the application processor to reach an undefined state Significant processing delays Unauthorized access Denying legitimate users access … Apps Telephony Stack Modem However, malformed message detection in mobile phones has received little attention 8

A.C. Chen ADL In this Paper… A malformed message detection framework was proposed Automatically extracts novel syntactical features to detect a malformed SMS at the access layer of mobile phones 9

A.C. Chen ADL Introduction Malformed message detection framework Evaluation and experimental results Conclusion 10

A.C. Chen ADL Common Idea 11

A.C. Chen ADL SMS Detection Framework Message Analyzer Feature Extraction Feature Selection Classification 12

A.C. Chen ADL Message Analyzer Message dissection Transform incoming SMS messages into a format from which we can extract intelligent features Extracts the complete SMS message string i.e. the second line of AT Result code Feature Extraction Feature Selection Classification Message Analyzer 13

A.C. Chen ADL Extraction of String Features Mine features from an incoming SMS message Exploit the properties of a suffix tree Use a set of attribute strings to model the content of the incoming messagea set of attribute strings Entrenching function : Extracts the ( attribute, value ) pair from the suffix tree attribute: a feature string a value: the frequency of a from the nodes of the suffix tree Example 14 Feature Extraction Feature Selection Classification Message Analyzer

A.C. Chen ADL Raw Model Vectors 15 Feature Extraction Feature Selection Classification Message Analyzer

A.C. Chen ADL Feature Selection The high dimensionality of the raw model will result in large processing overheads Remove redundant features having low classification potential Not at the cost of a high false alarm rate 16 Message Analyzer Feature Extraction Classification Feature Selection

A.C. Chen ADL Selection Techniques Use 3 selection mechanisms to obtain 3 distinct model set of attributes Information Gain (IG) Gain Ratio (GR) Chi Squared (CH) 17 Message Analyzer Feature Extraction Classification Feature Selection

A.C. Chen ADL Distance/Divergence For a given vector of pairs, compute the deviation ( message score, distance ) of the vector Use 2 well-known distance measures to obtain the score Manhattan distance (md) Itakura-Saito Divergence (isd) 18 Message Analyzer Feature Extraction Feature Selection Classification

A.C. Chen ADL Classification Threshold value The largest distance score of a message in the training model Raise an alarm If the distance score of an incoming SMS is greater than the threshold value 19 Message Analyzer Feature Extraction Feature Selection Classification

A.C. Chen ADL Review Training is only required in the beginning 20 threshold message score

A.C. Chen ADL Introduction Malformed message detection framework Evaluation and experimental results Conclusion 21

A.C. Chen ADL Evaluation Collect real world dataset of SMS message ≥ 5000 benign datasets Developed modem terminal interface to collect more than 5000 real world benign SMS dataset ≥ 5000 malformed datasets SMS injection framework ( Mulliner, C., et al., 2009) 22

A.C. Chen ADL Experimental Goal To select the best feature selection technique and distance measure 3 feature selection modules Information Gain (IG) Gain Ratio (GR) Chi-squared (CH) 2 distance measures Manhattan distance (md) Itakura-Saito Divergence (isd) 23

A.C. Chen ADL Parameters and Definitions 24

A.C. Chen ADL Results: Receiver Operating Characteristic Curves ROC using Manhattan Distance ROC using Itakura-Saito Divergence 25

A.C. Chen ADL Results: Overheads  Training and Threshold calculation overheads in ( ms/100 SMS )  Testing overheads in ( ms/1 SMS ) using Information Gain, Gain Ratio and Chisquared for Manhattan distance and Itakura-Saito Divergence Average training time = 3.5s/100SMS Average detection time of a malformed message = 10ms Provides the best performance 26

A.C. Chen ADL Introduction Malformed message detection framework Evaluation and experimental results Conclusion 27

A.C. Chen ADL Conclusion A real time malformed message detection framework Tested on real datasets of SMS messages Successfully detects malformed messages with a detection accuracy of more than 98% The future research will focus on further optimizing and deploying it on real world mobile devices and smart phones 28

A.C. Chen ADL 29 Q & A

A.C. Chen ADL Example of a Suffix Tree Extract feature strings from an incoming message m= The set of attribute strings is thus generatedset of attribute strings 30 Feature Extraction Feature Selection Classification Message Analyzer

A.C. Chen ADL Example of Entrenching Function 31 Feature Extraction Feature Selection Classification Message Analyzer

A.C. Chen ADL The RIL in the context of Android's Telephony system architecture [ref ] [ref ] 32

A.C. Chen ADL Modules that implement telephony functionality 33