Yazar "Bakour, Khaled" seçeneğine göre listele
Listeleniyor 1 - 7 / 7
Sayfa Başına Sonuç
Sıralama seçenekleri
Öğe An intrusion detection system based on a hybrid tabu-genetic algorithm(Institute of Electrical and Electronics Engineers Inc., 2017) Bakour, Khaled; Daş, Gülesin Sena; Ünver, H. MuratIn this paper, we proposed a framework for detecting network's intrusions using Genetic Algorithm (GA) with multiple criteria. First of all, we build an intrusion detection system (IDS) using a pure GA with multiple selection methods. Then, we proposed one of the few hybrid algorithms in the literature, which is hybridized using a GA and a Tabu search (TS) algorithm. The proposed hybrid algorithm and the pure GA were tested to detect malicious traffic using DARPA dataset. The test results revealed that the proposed hybrid algorithm gives a higher Detection Rate (DR) and Detection Accuracy (AC) compared to the pure GA. © 2017 IEEE.Öğe Android malware detection based on image-based features and machine learning techniques(SPRINGER INTERNATIONAL PUBLISHING AG, 2020) Unver, Halil Murat; Bakour, KhaledIn this paper, a malware classification model has been proposed for detecting malware samples in the Android environment. The proposed model is based on converting some files from the source of the Android applications into grayscale images. Some image-based local features and global features, including four different types of local features and three different types of global features, have been extracted from the constructed grayscale image datasets and used for training the proposed model. To the best of our knowledge, this type of features is used for the first time in the Android malware detection domain. Moreover, the bag of visual words algorithm has been used to construct one feature vector from the descriptors of the local feature extracted from each image. The extracted local and global features have been used for training multiple machine learning classifiers including Random forest, k-nearest neighbors, Decision Tree, Bagging, AdaBoost and Gradient Boost. The proposed method obtained a very high classification accuracy reached 98.75% with a typical computational time does not exceed 0.018 s for each sample. The results of the proposed model outperformed the results of all compared state-of-art models in term of both classification accuracy and computational time.Öğe The Android malware detection systems between hope and reality(Springer International Publishing Ag, 2019) Bakour, Khaled; Unver, Halil Murat; Ghanem, RazanThe widespread use of Android-based smartphones made it an important target for malicious applications' developers. So, a large number of frameworks have been proposed to tackle the huge number of daily published malwares. Despite there are many review papers that have been conducted in order to shed light on the works that achieved in Android malware analysing domain, the number of conducted review papers do not fit with the importance of this research field and with the volume of achieved works. Also, there is no comprehensive taxonomy for all research trends in the field of analysing malicious applications targeting the Android system. Furthermore, none of the existing review papers contains a schematic model that makes it easy for the reader to know the methods and methodologies used in a particular field of research without much effort. This paper aims at proposing a comprehensive taxonomy and suggesting a new schematic review approach.To this end, a review of a large number of works that achieved between 2009 and 2019 has been conducted. The achieved study includes more than 200 papers that have different goals such as apps' behaviour analysis, automatic user interface triggers or packer/unpacker frameworks development. Also, a comprehensive taxonomy has been proposed so that most of the previous works can be classified under it. To the best of our knowledge, the suggested taxonomy is the widest and the most comprehensive in terms of the covered research trends. Moreover, we have proposed a detailed schematic model (called Schematic Review Model) illustrates the process of detecting the malignant applications of an Android in the light of the studied works and the proposed taxonomy. To our knowledge, this is the first time that the Android malware detection methods have been explained in this way with this amount of detail. Furthermore, the studied researches have been analysed according to multiple criteria such as used analysing method, used features, used detection method, and used dataset. Also, the features used in the studied works were discussed in detail by dividing it into multiple classes. Moreover, the challenges facing Android's malware analysing methods were discussed in detail. Finally, it has been concluded that there are gaps between the size and the goal of the conducted works and the number of malicious apps published every day, so some future works areas have been proposed and discussed.Öğe The Android Malware Static Analysis: Techniques, Limitations, and Open Challenges(Ieee, 2018) Bakour, Khaled; Unver, H. Murat; Ghanem, RazanThis paper aims to explain static analysis techniques in detail, and to highlight the weaknesses and challenges which face it. To this end, more than 80 static analysis based framework have been studied, and in their light, the process of detecting malicious applications has been divided into four phases that were explained in a schematic manner. Also, the features that is used in static analysis were discussed in detail by dividing it into four categories namely, Manifest-based features, code-based features, semantic features and app's metadata-based features. Also, the challenges facing methods based on static analysis were discussed in detail. Finally, a case study was conducted to test the strength of some known commercial antivirus and one of the stat-of-art academic static analysis frameworks against obfuscation techniques used by developers of malicious applications. The results showed a significant impact on the performance of the most tested antiviruses and frameworks, which is reflecting the urgent need for more accurately tools.Öğe DeepVisDroid: android malware detection by hybridizing image-based features with deep learning techniques(Springer London Ltd, 2021) Bakour, Khaled; Unver, Halil MuratIn this paper, a novel hybrid deep learning model called DeepVisDroid has been suggested for detecting android malware samples based on hybridizing image-based features with deep learning techniques. To this end, four grayscale image datasets have been constructed by converting some files from the source of the android applications into grayscale images. Then, two types of image-based features, namely local features and global features, have been extracted from the constructed image datasets and used for training the proposed model. The bag of visual words representation has been used for constructing one feature vector from multiple local feature descriptors extracted from each image. After that, 1D-convolutional layers-based neural network model has been proposed and trained using the extracted local and global image-based features. To the best of our knowledge, this is the first time that a convolutional neural network model is trained based on this type of features and used in the android malware detection domain. Furthermore, two classical 2D-convolutional layers-based neural network models have been proposed and two well-known deep learning models have been tested in order to compare the results of the proposed DeepVisDroid model with the results of the traditional convolutional neural network models and the results of the state-of-the-art deep learning models. The results of the proposed DeepVisDroid model are very promising, where its classification accuracy reached more than 98% with very efficient run-time overhead ranging between 0.11 and 2.02 s for each sample.Öğe An Intrusion Detection System Based on a Hybrid Tabu-Genetic Algorithm(Ieee, 2017) Bakour, Khaled; Das, Gulesin Sena; Unver, H. MuratIn this paper, we proposed a framework for detecting network's intrusions using Genetic Algorithm (GA) with multiple criteria. First of all, we build an intrusion detection system (IDS) using a pure GA with multiple selection methods. Then, we proposed one of the few hybrid algorithms in the literature, which is hybridized using a GA and a Tabu search (TS) algorithm. The proposed hybrid algorithm and the pure GA were tested to detect malicious traffic using DARPA dataset. The test results revealed that the proposed hybrid algorithm gives a higher Detection Rate (DR) and Detection Accuracy (AC) compared to the pure GA.Öğe VisDroid: Android malware classification based on local and global image features, bag of visual words and machine learning techniques(SPRINGER LONDON LTD, 2020) Bakour, Khaled; Unver, Halil MuratIn this paper, VisDroid, a novel generic image-based classification method has been suggested and developed for classifying the Android malware samples into its families. To this end, five grayscale image datasets each of which contains 4850 samples have been constructed based on different files from the contents of the Android malware samples sources. Two types of image-based features have been extracted and used to train six machine learning classifiers including Random Forest, K-nearest neighbour, Decision trees, Bagging, AdaBoost and Gradient Boost classifiers. The first type of the extracted features is local features including Scale-Invariant Feature Transform, Speeded Up Robust Features, Oriented FAST and Rotated BRIEF (ORB) and KAZE features. The second type of the extracted features is global features including Colour Histogram, Hu Moments and Haralick Texture. Furthermore, a hybridized ensemble voting classifier has been proposed to test the efficiency of using a number of machine learning classifiers trained using local and global features as voters to make a decision in an ensemble voting classifier. Moreover, two well-known deep learning model, i.e. Residual Neural Network and Inception-v3 have been tested using some of the constructed image datasets. Furthermore, when the results of the proposed model have been compared with the results of some state-of-art works it has been revealed that the proposed model outperforms the compared previous models in term of classification accuracy, computational time, generality and classification mode.
