Clickthrough logs are becoming an increasingly used source of training data for learning ranking functions. Due to the large impact that the position in search results has on commercial websites, malicious noise is bound to appear in search engine click logs. We present preliminary work in addressing this form of noise, that we term click-spam. We analyze click-spam from a utility standpoint, a...

Evasive software keyloggers hide their malicious behaviors to defeat run-time detection. In this paper, based on the analysis of the evasion mechanisms used by common software keyloggers, we established a framework for their detection. Using an enticement strategy, the framework we built could induce keyloggers exhibited more obvious malicious activities by mimicking user keystrokes. These ‘amp...

Featured with anonymity and spontaneity, ring signature has been widely adopted in various environments to offer anonymous authentication. To simplify the certificate management in traditional public key infrastructure (PKI) and solve the inherent key escrow problem in the Identity-based cryptography, Qin et al. propose a pairingfree ring signature scheme in the certificate-based cryptosystem r...

IP Multicast has proven to be very good for many-tomany multimedia communications like audio and videoconferencing. However, there are only few Internet Service Providers (ISPs) offering it as a true Internet service. Nowadays, IP Multicast has various issues that are not solved yet and that are making ISPs to think twice before offering IP Multicast to their customers. Some of these issues are...

Detecting malicious attempts to access computers is difficult with current security applications. Many current applications do not give the user the right information to find and analyze possible attempts. We present VisRAID – a novel visual analytics web application for detecting intrusions via remote access attempts, and a user study to evaluate the effectiveness and usability of the applicat...

Nowadays, malicious codes are significantly increasing, leading to serious damages to information systems. It is worth to note that these codes generally depend on the rootkit techniques to make it more difficult for themselves to be analyzed and detected. Therefore, it is of paramount importance to research the rootkits to effectively defend against malicious codes. In this paper, we explore a...

In 2009, Chen et al. proposed a satellite communication system for mobile devices to achieve wide communication. In this scheme, there are some security loopholes that need to be fixed since the mobile device was stolen. Since a malicious attacker intercepts the mobile user’s information they can proceed with different attacks. Hence, we propose a novel scheme to improve the mobile user’s commu...

The Malicious Email Tracking (MET) system, reported in a prior publication, is a behavior-based security system for email services. The Email Mining Toolkit (EMT) presented in this paper is an offline email archive data mining analysis system that is designed to compute models of malicious email behavior for deployment in an online MET system. EMT includes a variety of behavior models for email...

We are developing an approach using Jackson's Problem Frames to analyse security problems in order to determine security vulnerabilities. We introduce the notion of an anti-requirement as the requirement of a malicious user that can subvert an existing requirement. We incorporate anti-requirements into so-called abuse frames to represent the notion of a security threat imposed by malicious user...

Many contemporary Web sites incorporate third-party content in the form of advertisements, social-networking widgets, and maps. A number of sites like Facebook and Twitter also allow users to post comments that are then served to others, or allow users to add their own applications to the site. Such third-party content often comprises of executable code, commonly written in JavaScript, that run...