Papers by Suleiman Y Yerima
2022 14th International Conference on Computational Intelligence and Communication Networks (CICN), Dec 4, 2022
The ever increasing use of mobile phones running the Android OS has created security threats of d... more The ever increasing use of mobile phones running the Android OS has created security threats of data breach and botnet-based remote control. To address these challenges, numerous countermeasures have been proposed in the domain of image-based Android Malware Detection (AMD) applying Deep Learning (DL) approaches. This paper proposes, implements and evaluates a solution based on pre-trained CNN models using Transfer Learning feature to identify botnets from the ISCX Android Botnet 2015 dataset. More specifically, we study the performance of 6 prominent pre-trained CNN models namely, MobileNetV2, RestNet101, VGG16, VGG19, InceptionRestNetV2 and DenseNet121, in terms of training accuracies, computation time complexity and testing accuracies. The maximum classification accuracy obtained was 91% for Manifest dataset using the MobileNetV2 model. Also, in terms of computational complexity the MobileNetV2 yielded the lowest training time of 16 ms per sample and testing time of 0.9 ms per sample. In order to improve the testing accuracies we plan to further augment these pre-trained models with larger datasets or fine-tune the model parameters for enhanced performance.
International Conference on Big Data, Dec 29, 2014
Software-as-a-service (SaaS) is a type of software service delivery model which encompasses a bro... more Software-as-a-service (SaaS) is a type of software service delivery model which encompasses a broad range of business opportunities and challenges. Users and service providers are reluctant to integrate their business into SaaS due to its security concerns while at the same time they are attracted by its benefits.
arXiv (Cornell University), Aug 2, 2016
High Speed Downlink Packet Access (HSDPA) was introduced to UMTS radio access segment to provide ... more High Speed Downlink Packet Access (HSDPA) was introduced to UMTS radio access segment to provide higher capacity for new packet switched services. As a result, packet switched sessions with multiple diverse traffic flows such as concurrent voice and data, or video and data being transmitted to the same user are a likely commonplace cellular packet data scenario. In HSDPA, Radio Access Network (RAN) buffer management schemes are essential to support the end-to-end QoS of such sessions. Hence in this paper we present the end-to-end performance study of a proposed RAN buffer management scheme for multi-flow sessions via dynamic system-level HSDPA simulations. The scheme is an enhancement of a Time-Space Priority (TSP) queuing strategy applied to the Node B MAC-hs buffer allocated to an end user with concurrent real-time (RT) and non-real-time (NRT) flows during a multi-flow session. The experimental multiflow scenario is a packet voice call with concurrent TCP-based file download to the same user. Results show that with the proposed enhancements to the TSP-based RAN buffer management, end-to-end QoS performance gains accrue to the NRT flow without compromising RT flow QoS of the same end user session.
In this paper, we propose a malware categorization method that models malware behavior in terms o... more In this paper, we propose a malware categorization method that models malware behavior in terms of instructions using PageRank. PageRank computes ranks of web pages based on structural information and can also compute ranks of instructions that represent the structural information of the instructions in malware analysis methods. Our malware categorization method uses the computed ranks as features in machine learning algorithms. In the evaluation, we compare the effectiveness of different PageRank algorithms and also investigate bagging and boosting algorithms to improve the categorization accuracy. • Security and privacy➝Intrusion/anomaly and malware mitigation➝Malware and its mitigation.
In this paper, we propose a novel android malware detection system that uses a deep convolutional... more In this paper, we propose a novel android malware detection system that uses a deep convolutional neural network (CNN). Malware classification is performed based on static analysis of the raw opcode sequence from a disassembled program. Features indicative of malware are automatically learned by the network from the raw opcode sequence thus removing the need for hand-engineered malware features. The training pipeline of our proposed system is much simpler than existing n-gram based malware detection methods, as the network is trained end-to-end to jointly learn appropriate features and to perform classification, thus removing the need to explicitly enumerate millions of n-grams during training. The network design also allows the use of long n-gram like features, not computationally feasible with existing methods. Once trained, the network can be efficiently executed on a GPU, allowing a very large number of files to be scanned quickly. •Security and privacy → Malware and its mitigation; Software and application security; •Computing methodologies → Neural networks;
ICTACT Journal on Communication Technology, Jun 1, 2011
The concept of effective bandwidth can be utilized to estimate the amount of bandwidth that shoul... more The concept of effective bandwidth can be utilized to estimate the amount of bandwidth that should be allocated to a source in order to meet a QoS requirement. Several different effective bandwidth estimators have been defined in literature; however it is necessary to ensure that these estimators are practically implementable and feasible in realistic network environments. This necessity serves as our motivation to implement several estimators in a realistic network in order to evaluate the use of online measurement-based resource allocation schemes. In this paper, we describe our implementation of three resource allocation schemes within the Realtime Traffic Flow Measurement architecture. We compare our results of emulation to previous simulation results in order to compare the accuracy and performance of the schemes. Finally, we demonstrate that these schemes are feasible to be implemented in network hardware to be utilized in self-sizing high-speed networks.
2022 14th International Conference on Computational Intelligence and Communication Networks (CICN), Dec 4, 2022
Mobile communication systems have continued to evolve beyond the currently deployed Third Generat... more Mobile communication systems have continued to evolve beyond the currently deployed Third Generation (3G) systems with the main goal of providing higher capacity. Systems beyond 3G are expected to cater for a wide variety of services such as speech, data, image transmission, video, as well as multimedia services consisting of a combination of these. With the air interface being the bottleneck in mobile networks, recent enhancing technologies such as the High Speed Downlink Packet Access (HSDPA), incorporate major changes to the radio access segment of 3G Universal Mobile Telecommunications System (UMTS). HSDPA introduces new features such as fast link adaptation mechanisms, fast packet scheduling, and physical layer retransmissions in the base stations, necessitating buffering of data at the air interface which presents a bottleneck to end-to-end communication. Hence, in order to provide end-to-end Quality of Service (QoS) guarantees to multimedia services in wireless networks such as HSDPA, efficient buffer management schemes are required at the air interface. The main objective of this thesis is to propose and evaluate solutions that will address the QoS optimization of multimedia traffic at the radio link interface of HSDPA systems. In the thesis, a novel queuing system known as the Time-Space Priority (TSP) scheme is proposed for multimedia traffic QoS control. TSP provides customized preferential treatment to the constituent flows in the multimedia traffic to suit their diverse QoS requirements. With TSP queuing, the real-time component of the multimedia traffic, being delay sensitive and loss tolerant, is given transmission priority; while the non-real-time component, being loss sensitive and delay tolerant, enjoys space priority. Hence, based on the TSP queuing paradigm, new buffer management algorithms are designed for joint QoS control of the diverse components in a multimedia session of the same HSDPA user. In the thesis, a TSP based buffer management algorithm known as the Enhanced Time Space Priority (E-TSP) is proposed for HSDPA. E-TSP incorporates flow control mechanisms to mitigate congestion in the air interface buffer of a user with multimedia session comprising real-time and non-real-time flows. Thus, E-TSP is designed to provide efficient network and radio resource utilization to improve end-to-end multimedia traffic performance. In order to allow real-time optimization of the QoS control between the real-time and non-real-time flows of the HSDPA multimedia session, another TSP based buffer management algorithm known as the Dynamic Time Space Priority (D-TSP) is proposed. D-TSP incorporates dynamic priority switching between the real-time and non-real-time flows. D-TSP is designed to allow optimum QoS trade-off between the flows whilst still guaranteeing the stringent real-time component's QoS requirements. The thesis presents results of extensive performance studies undertaken via analytical modelling and dynamic network-level HSDPA simulations demonstrating the effectiveness of the proposed TSP queuing system and the TSP based buffer management schemes.
IEEE Systems Journal, Jun 1, 2023
2022 14th International Conference on Computational Intelligence and Communication Networks (CICN), Dec 4, 2022
Electronics
PDF has become a major attack vector for delivering malware and compromising systems and networks... more PDF has become a major attack vector for delivering malware and compromising systems and networks, due to its popularity and widespread usage across platforms. PDF provides a flexible file structure that facilitates the embedding of different types of content such as JavaScript, encoded streams, images, executable files, etc. This enables attackers to embed malicious code as well as to hide their functionalities within seemingly benign non-executable documents. As a result, a large proportion of current automated detection systems are unable to effectively detect PDF files with concealed malicious content. To mitigate this problem, a novel approach is proposed in this paper based on ensemble learning with enhanced static features, which is used to build an explainable and robust malicious PDF document detection system. The proposed system is resilient against reverse mimicry injection attacks compared to the existing state-of-the-art learning-based malicious PDF detection systems. T...
Electronics
As smartphones and other mobile and IoT devices have become pervasive in everyday life, malicious... more As smartphones and other mobile and IoT devices have become pervasive in everyday life, malicious software (malware) authors are increasingly targeting the operating systems that are at the core of these mobile systems [...]
2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)
The ever increasing use of mobile phones running the Android OS has created security threats of d... more The ever increasing use of mobile phones running the Android OS has created security threats of data breach and botnet-based remote control. To address these challenges, numerous countermeasures have been proposed in the domain of image-based Android Malware Detection (AMD) applying Deep Learning (DL) approaches. This paper proposes, implements and evaluates a solution based on pre-trained CNN models using Transfer Learning feature to identify botnets from the ISCX Android Botnet 2015 dataset. More specifically, we study the performance of 6 prominent pre-trained CNN models namely, MobileNetV2, RestNet101, VGG16, VGG19, InceptionRestNetV2 and DenseNet121, in terms of training accuracies, computation time complexity and testing accuracies. The maximum classification accuracy obtained was 91% for Manifest dataset using the MobileNetV2 model. Also, in terms of computational complexity the MobileNetV2 yielded the lowest training time of 16 ms per sample and testing time of 0.9 ms per sample. In order to improve the testing accuracies we plan to further augment these pre-trained models with larger datasets or fine-tune the model parameters for enhanced performance.
Proceedings of the 2022 Fourteenth International Conference on Contemporary Computing
Uploads
Papers by Suleiman Y Yerima