Memory Visualization-Based Malware Detection Technique.

Advanced Persistent Threat is an attack campaign in which an intruder or team of intruders establishes a long-term presence on a network to mine sensitive data, which becomes more dangerous when combined with polymorphic malware. This type of malware is not only undetectable, but it also generates multiple variants of the same type of malware in the network and remains in the system's main memory to avoid detection. Few researchers employ a visualization approach based on a computer's memory to detect and classify various classes of malware. However, a preprocessing step of denoising the malware images was not considered, which results in an overfitting problem and prevents us from perfectly generalizing a model. In this paper, we introduce a new data engineering approach comprising two main stages: Denoising and Re-Dimensioning. The first aims at reducing or ideally removing the noise in the malware's memory-based dump files' transformed images. The latter further processes the cleaned image by compressing them to reduce their dimensionality. This is to avoid the overfitting issue and lower the variance, computing cost, and memory utilization. We then built our machine learning model that implements the new data engineering approach and the result shows that the performance metrics of 97.82% for accuracy, 97.66% for precision, 97.25% for recall, and 97.57% for f1-score are obtained. Our new data engineering approach and machine learning model outperform existing solutions by 0.83% accuracy, 0.30% precision, 1.67% recall, and 1.25% f1-score. In addition to that, the computational time and memory usage have also reduced significantly.

An Improved Vulnerability Exploitation Prediction Model with Novel Cost Function and Custom Trained Word Vector Embedding.

Successful cyber-attacks are caused by the exploitation of some vulnerabilities in the software and/or hardware that exist in systems deployed in premises or the cloud. Although hundreds of vulnerabilities are discovered every year, only a small fraction of them actually become exploited, thereby there exists a severe class imbalance between the number of exploited and non-exploited vulnerabilities. The open source national vulnerability database, the largest repository to index and maintain all known vulnerabilities, assigns a unique identifier to each vulnerability. Each registered vulnerability also gets a severity score based on the impact it might inflict upon if compromised. Recent research works showed that the cvss score is not the only factor to select a vulnerability for exploitation, and other attributes in the national vulnerability database can be effectively utilized as predictive feature to predict the most exploitable vulnerabilities. Since cybersecurity management is highly resource savvy, organizations such as cloud systems will benefit when the most likely exploitable vulnerabilities that exist in their system software or hardware can be predicted with as much accuracy and reliability as possible, to best utilize the available resources to fix those first. Various existing research works have developed vulnerability exploitation prediction models by addressing the existing class imbalance based on algorithmic and artificial data resampling techniques but still suffer greatly from the overfitting problem to the major class rendering them practically unreliable. In this research, we have designed a novel cost function feature to address the existing class imbalance. We also have utilized the available large text corpus in the extracted dataset to develop a custom-trained word vector that can better capture the context of the local text data for utilization as an embedded layer in neural networks. Our developed vulnerability exploitation prediction models powered by a novel cost function and custom-trained word vector have achieved very high overall performance metrics for accuracy, precision, recall, F1-Score and AUC score with values of 0.92, 0.89, 0.98, 0.94 and 0.97, respectively, thereby outperforming any existing models while successfully overcoming the existing overfitting problem for class imbalance.

Determinants of cloud computing integration and its impact on sustainable performance in SMEs: An empirical investigation using the SEM-ANN approach.

Although extant literature has thoroughly investigated the incorporation of cloud computing services, examining their influence on sustainable performance, particularly at the organizational level, is insufficient. Consequently, the present research aims to assess the factors that impact the integration of cloud computing within small and medium-sized enterprises (SMEs) and its subsequent effects on environmental, financial, and social performance. The data were collected from 415 SMEs and were analyzed using a hybrid SEM-ANN approach. PLS-SEM results indicate that relative advantage, complexity, compatibility, top management support, cost reduction, and government support significantly affect cloud computing integration. This study also empirically demonstrated that SMEs could improve their financial, environmental, and social performance by integrating cloud computing services. ANN results show that complexity, with a normalized importance (NI) of 89.14%, is ranked the first among other factors affecting cloud computing integration in SMEs. This is followed by cost reduction (NI = 82.67%), government support (NI = 73.37%), compatibility (NI = 70.02%), top management support (NI = 52.43%), and relative advantage (NI = 48.72%). Theoretically, this study goes beyond examining the determinants affecting cloud computing integration by examining their impact on SMEs' environmental, financial, and social performance in a comprehensive manner. The study also provides several practical implications for policymakers, SME managers, and cloud computing service providers.

On the resistance of new lightweight block ciphers against differential cryptanalysis.

Many recently proposed lightweight block ciphers lack security evaluation against generic cryptanalytic attacks such as differential cryptanalysis. In this paper, we contribute towards security evaluation efforts by investigating four lightweight Feistel-based block ciphers including SLIM, LBC-IoT, SCENERY, and LCB. SLIM claims resistance to differential cryptanalysis since, using a heuristic technique, its designers could only find a 7-round differential trail. Despite having no analysis of security against attacks such as differential cryptanalysis, the designers of LBC-IoT and LCB claimed that their ciphers are secure. Meanwhile, the designers of SCENERY claim that the best 11-round differential trail for the cipher has a probability of 2 - 66 . To substantiate these claims, we propose attacks on all four ciphers based on differential cryptanalysis. We presented practical key recovery attacks on SLIM which can retrieve the final round key for up to 14 rounds with a time complexity of 232. LBC-IoT was found to be weaker against differential cryptanalysis despite sharing many similarities with SLIM, whereby a key recovery attack of up to 19 rounds is possible with time complexity 231. For SCENERY, we found a differential trail of up to 12 rounds with probability 2 - 60 , which was used as the distinguisher for a 13-round key recovery attack. We also discovered that LCB's design lacks nonlinearity, allowing us to easily derive deterministic differential trails regardless of the number of rounds. This flaw allowed us to perform a trivial distinguishing attack using a single known ciphertext. By using a different S-box to address this flaw, LCB is now more resilient to differential cryptanalysis than SLIM and LBC-IoT when using the same number of rounds. Our paper presents new independent cryptanalysis results for these ciphers.