Android Malware Detection: A Machine Learning Approach

This study examines machine learning techniques like Decision Trees, Support Vector Machines, Logistic Regression, Neural Networks, and ensemble methods to detect Android malware. The study evaluates these models on a dataset of Android applications and analyzes their accuracy, efficiency, and...

BarkBeetle: Stealing Decision Tree Models with Fault Injection

Machine learning models, particularly decision trees DTs, are widely adopted across various domains due to their interpretability and efficiency. However, as ML models become increasingly integrated into privacy-sensitive applications, concerns about their confidentiality have grown, particularly...

Are Trees Really Green? A Detection Approach of IoT Malware Attacks

Nowadays, the Internet of Things IoT is widely employed, and its usage is growing exponentially because it facilitates remote monitoring, predictive maintenance, and data-driven decision making, especially in the healthcare and industrial sectors. However, IoT devices remain vulnerable due to the...

Password Strength Detection Via Machine Learning: Analysis, Modeling, and Evaluation

As network security issues continue gaining prominence, password security has become crucial in safeguarding personal information and network systems. This study first introduces various methods for system password cracking, outlines password defense strategies, and discusses the application of...

Towards Quantum Resilience: Data-Driven Migration Strategy Design

The advancements in quantum computing are a threat to classical cryptographic systems. The traditional cryptographic methods that utilize factorization-based or discrete-logarithm-based algorithms, such as RSA and ECC, are some of these. This paper thoroughly investigates the vulnerabilities of...

Bipartite Randomized Response Mechanism for Local Differential Privacy

With the increasing importance of data privacy, Local Differential Privacy LDP has recently become a strong measure of privacy for protecting each user's privacy from data analysts without relying on a trusted third party. In many cases, both data providers and data analysts hope to maximize the...

Towards Explainable and Lightweight AI for Real-Time Cyber Threat Hunting in Edge Networks

As cyber threats continue to evolve, securing edge networks has become increasingly challenging due to their distributed nature and resource limitations. Many AI-driven threat detection systems rely on complex deep learning models, which, despite their high accuracy, suffer from two major...

Effective Vulnerability Management with Stakeholder Specific Vulnerability Categorization (SSVC) and Qualys TruRisk

Security stakeholders across the globe have long relied on the Common Vulnerability Scoring System CVSS to prioritize vulnerabilities and assess their risk posture. The reason why the CVSS has become the standard for many security and vulnerability management teams alike is that this method is ea...

Combobulator - Framework To Detect And Prevent Dependency Confusion Leakage And Potential Attacks

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks. This facilitates a holistic approach for ensuring secure application releases that can be evaluated against different sources e.g., GitHub Packages...

New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks

The White House, via Executive Order EO 14028: Improving the Nation’s Cybersecurity, tasked CISA, as the operational lead for federal cybersecurity, to “develop a standard set of operational procedures i.e., playbook to be used in planning and conducting cybersecurity vulnerability and incident...