Fauzia Idrees Abro | City, University of London (original) (raw)
Uploads
Papers by Fauzia Idrees Abro
Speech coding for secure mobile communication is a challenging task since encrypting the digitize... more Speech coding for secure mobile communication is a challenging task since encrypting the digitized speech signal adds overheads and randomizes the bit stream to a level where recovery of original signal becomes difficult. The commercially available speech coders are unbefitting for transmission of encrypted speech as it requires a low bit speech coding with preserved speech characteristics so that it can be transmitted over a bandwidth-limited channels with intelligible speech. In this paper, we present an efficient low bit-rate (1.9 kbps) speech coding technique to transmit encrypted speech over Global System for Mobile communications (GSM). Different speech characteristics such as pitch, energy and Line Spectral Frequencies (LSF) are extracted and preserved before compression and encryption speech. Empirical results show that the proposed speech coder can be used effectively in low bit rate applications such as secure voice communications.
Speech coding for secure mobile communication is a challenging task since encrypting the digitize... more Speech coding for secure mobile communication is a challenging task since encrypting the digitized speech signal adds overheads and randomizes the bit stream to a level where recovery of original signal becomes difficult. The commercially available speech coders are unbefitting for transmission of encrypted speech as it requires a low bit speech coding with preserved speech characteristics so that it can be transmitted over a bandwidth-limited channels with intelligible speech. In this paper, we present an efficient low bit-rate (1.9 kbps) speech coding technique to transmit encrypted speech over Global System for Mobile communications (GSM). Different speech characteristics such as pitch, energy and Line Spectral Frequencies (LSF) are extracted and preserved before compression and encryption speech. Empirical results show that the proposed speech coder can be used effectively in low bit rate applications such as secure voice communications.
2018 International Conference on Applied and Engineering Mathematics (ICAEM), 2018
2017 8th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), 2017
Smartphone» have become a prime target for cyber criminals. Android being the market leader is th... more Smartphone» have become a prime target for cyber criminals. Android being the market leader is the major target of malicious attackers. Covert techniques used by the malware make them hard to detect with signature based methods. In this paper, we present AndroPIn — a novel Android based malware detection tool using Permissions and Intents. The proposed framework overcomes the limitation of stealthy techniques used by malware by exploiting the usage pattern of permissions and intents. These features, which play a major role in sharing user data and device resources cannot be obfuscated or altered. These vital features are well suited for resource constrained smartphones. Experimental evaluation on a corpus of real-world malware and benign apps demonstrate that the proposed algorithm can effectively detect malicious apps with a low runtime overheads and is resilient to common obfuscations methods.
Today’s smart phones are used for wider range of activities. This extended range of functionaliti... more Today’s smart phones are used for wider range of activities. This extended range of functionalities has also seen the infiltration of new security threats. Android has been the favorite target of cyber criminals. The malicious parties are using highly stealthy techniques to perform the targeted operations, which are hard to detect by the conventional signature and behaviour based approaches. Additionally, the limited resources of mobile device are inadequate to perform the extensive malware detection tasks. Impulsively emerging Android malware merit a robust and effective malware detection solution. In this thesis, we present the PIndroid ― a novel Permissions and Intents based framework for identifying Android malware apps. To the best of author’s knowledge, PIndroid is the first solution that uses a combination of permissions and intents supplemented with ensemble methods for malware detection. It overcomes the drawbacks of some of the existing malware detection methods. Our goal ...
Global system for mobile communication (GSM) is widely used digital mobile service around the wor... more Global system for mobile communication (GSM) is widely used digital mobile service around the world. Although GSM was designed as a secure wireless system, it is now vulnerable to different targeted attacks. There is a need to address security domains especially the confidentiality of communication. This paper presents a novel framework for end to end secure voice communication over the GSM networks using encryption algorithm AES-256. A special Modem and speech coding technique are designed to enable the transmission of encrypted speech using GSM voice channel. To the best of our knowledge, this is first solution that uses single codebook for transmission of secure voice. An efficient low bit-rate (1.9 kbps) speech coder is also designed for use with the proposed modulation scheme for optimal results. Different speech characteristics such as pitch, energy and line spectral frequencies are extracted and preserved before compression and encryption of speech. Previously, the best achie...
In this paper, we present a novel permissions and intents based framework for identifying Android... more In this paper, we present a novel permissions and intents based framework for identifying Android malware apps. The proposed approach, when applied to 1,745 real world applications, provides 99.8% accuracy.
Today's smart phones are used for wider range of activities. This extended range of functiona... more Today's smart phones are used for wider range of activities. This extended range of functionalities has also seen the infiltration of new security threats. The malicious parties are using highly stealthy techniques to perform the targeted operations, which are hard to detect by the conventional signature and behavior based approaches. Besides, the limited resources of mobile device are inadequate to perform the computationally extensive malware detection tasks and to sustain the device's clean status. In this paper, we propose an effective and resource rich detection system which uses certain distinguishing combinations of permissions and intents used by the apps to identify the malware apps. Different machine learning algorithms are investigated for classification of apps into benign or malware types. To the best of our knowledge, this is the first ever work in which both the permissions and intents have been amalgamated for malware detection using cloud computing paradigm....
Computers & Security, Jul 1, 2017
The extensive usage of smartphones has been the major driving force behind a drastic increase of ... more The extensive usage of smartphones has been the major driving force behind a drastic increase of new security threats. The stealthy techniques used by malware make them hard to detect with signature based intrusion detection and anti-malware methods. In this paper, we present PIndroid-a novel Permissions and Intents based framework for identifying Android malware apps. To the best of our knowledge, PIndroid is the first solution that uses a combination of permissions and intents supplemented with multiple stages of classifiers for malware detection. Ensemble techniques are applied for optimization of detection results. We apply the proposed approach on 1,745 real world applications and obtain 99.8% accuracy which is the best reported to date. Empirical results suggest that our proposed framework built on permissions and intents is effective in detecting malware applications.
Intrusion detection is a versatile security paradigm which can avert most of the computer and net... more Intrusion detection is a versatile security paradigm which can avert most of the computer and network related attacks, if efficiently employed. This paper presents a novel solution for detection and prevention of known and unknown network and cloud computing vulnerabilities. The proposed framework is an amalgamation of some of the existing state-of-the-art intrusion detection and prevention technologies. The design of this novel system is adaptable with little customization by complicated networks, cloud computing, Voice over IP and Next Generation Networks in order to abate the versatile threat environments.
2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), 2014
Mobile phones are mastering our day to day scheduling, entertainment, information and almost ever... more Mobile phones are mastering our day to day scheduling, entertainment, information and almost every aspect of life. With the increasing human dependence on smart phones, threats against these devices have also increased exponentially. Almost all the mobile apps are playing with the mobile user's privacy besides the targeted actions by the malicious apps. Android applications use permissions to use different features and resources of mobile device along with the intents to launch different activities. Various aspects of permission framework have been studied but sufficient attention has not been given to the intent framework. This work is first of its kind which is investigating the combined effects of permissions and intent filters to distinguish between the malware and benign apps. This paper proposes a novel approach to identify the malicious apps by analyzing the permission and intent patterns of android apps. This approach is supplemented with the machine learning algorithms for further classification of apps. Performance of proposed approach has been validated by applying the technique to the available malicious and benign samples collected from a number of sources.
Communications in Computer and Information Science, 2017
Application collusion is an emerging threat to Android based devices. In app collusion, two or mo... more Application collusion is an emerging threat to Android based devices. In app collusion, two or more apps collude in some manner to perform a malicious action that they are unable to do independently. Detection of colluding apps is a challenging task. Existing commercial malware detection systems analyse each app separately, hence fail to detect any joint malicious action performed by multiple apps through collusion. In this paper, we discuss the current state of research on app collusion and open challenges to the detection of colluding apps. We compare existing approaches and present an integrated approach to effectively detect app collusion.
—In this paper, we present a novel permissions and intents based framework for identifying Androi... more —In this paper, we present a novel permissions and intents based framework for identifying Android malware apps. The proposed approach, when applied to 1,745 real world applications, provides 99.8% accuracy. I. INTRODUCTION Android being the most widely used platform for smartphones is under constant attacks [1, 2, 3]. We propose a malware detection approach which classifies apps against certain combinations of permissions and intents which are unique to malware apps [4, 6]. We evaluate the efficacy of proposed approach by applying machine learning algorithms. We apply the ensemble methods to optimize the results. The fact that permissions and intents facilitate app collusion, our proposed solution is suitable for detection of colluding apps in addition to and unknown malware apps [7]
Skype, Google Talk, Yahoo voice etc. are all applications that enable the use of the Internet for... more Skype, Google Talk, Yahoo voice etc. are all applications that enable the use of the Internet for voice conversations. They offer cost effectiveness and are easy to use, and due to these reasons many new VoIP applications are coming into existence. However, all forms of communications need to be monitored for security purposes to ensure their correct usage. With the development of more and more VoIP applications, monitoring and detection of these applications is becoming a more difficult task. Most detection techniques are based on standard protocol and IP address identification. Thus, application detection and monitoring techniques are developed after an application has been in use for some time, resulting in obvious security implications. This paper presents generic techniques for the detection of traffic generated by all VoIP protocols, both currently in existence and any future VoIP protocols that may be used. The method proposed is based on analysis carried out on different VoIP applications currently in existence.
Speech coding for secure mobile communication is a challenging task since encrypting the digitize... more Speech coding for secure mobile communication is a challenging task since encrypting the digitized speech signal adds overheads and randomizes the bit stream to a level where recovery of original signal becomes difficult. The commercially available speech coders are unbefitting for transmission of encrypted speech as it requires a low bit speech coding with preserved speech characteristics so that it can be transmitted over a bandwidth-limited channels with intelligible speech. In this paper, we present an efficient low bit-rate (1.9 kbps) speech coding technique to transmit encrypted speech over Global System for Mobile communications (GSM). Different speech characteristics such as pitch, energy and Line Spectral Frequencies (LSF) are extracted and preserved before compression and encryption speech. Empirical results show that the proposed speech coder can be used effectively in low bit rate applications such as secure voice communications.
Speech coding for secure mobile communication is a challenging task since encrypting the digitize... more Speech coding for secure mobile communication is a challenging task since encrypting the digitized speech signal adds overheads and randomizes the bit stream to a level where recovery of original signal becomes difficult. The commercially available speech coders are unbefitting for transmission of encrypted speech as it requires a low bit speech coding with preserved speech characteristics so that it can be transmitted over a bandwidth-limited channels with intelligible speech. In this paper, we present an efficient low bit-rate (1.9 kbps) speech coding technique to transmit encrypted speech over Global System for Mobile communications (GSM). Different speech characteristics such as pitch, energy and Line Spectral Frequencies (LSF) are extracted and preserved before compression and encryption speech. Empirical results show that the proposed speech coder can be used effectively in low bit rate applications such as secure voice communications.
2018 International Conference on Applied and Engineering Mathematics (ICAEM), 2018
2017 8th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), 2017
Smartphone» have become a prime target for cyber criminals. Android being the market leader is th... more Smartphone» have become a prime target for cyber criminals. Android being the market leader is the major target of malicious attackers. Covert techniques used by the malware make them hard to detect with signature based methods. In this paper, we present AndroPIn — a novel Android based malware detection tool using Permissions and Intents. The proposed framework overcomes the limitation of stealthy techniques used by malware by exploiting the usage pattern of permissions and intents. These features, which play a major role in sharing user data and device resources cannot be obfuscated or altered. These vital features are well suited for resource constrained smartphones. Experimental evaluation on a corpus of real-world malware and benign apps demonstrate that the proposed algorithm can effectively detect malicious apps with a low runtime overheads and is resilient to common obfuscations methods.
Today’s smart phones are used for wider range of activities. This extended range of functionaliti... more Today’s smart phones are used for wider range of activities. This extended range of functionalities has also seen the infiltration of new security threats. Android has been the favorite target of cyber criminals. The malicious parties are using highly stealthy techniques to perform the targeted operations, which are hard to detect by the conventional signature and behaviour based approaches. Additionally, the limited resources of mobile device are inadequate to perform the extensive malware detection tasks. Impulsively emerging Android malware merit a robust and effective malware detection solution. In this thesis, we present the PIndroid ― a novel Permissions and Intents based framework for identifying Android malware apps. To the best of author’s knowledge, PIndroid is the first solution that uses a combination of permissions and intents supplemented with ensemble methods for malware detection. It overcomes the drawbacks of some of the existing malware detection methods. Our goal ...
Global system for mobile communication (GSM) is widely used digital mobile service around the wor... more Global system for mobile communication (GSM) is widely used digital mobile service around the world. Although GSM was designed as a secure wireless system, it is now vulnerable to different targeted attacks. There is a need to address security domains especially the confidentiality of communication. This paper presents a novel framework for end to end secure voice communication over the GSM networks using encryption algorithm AES-256. A special Modem and speech coding technique are designed to enable the transmission of encrypted speech using GSM voice channel. To the best of our knowledge, this is first solution that uses single codebook for transmission of secure voice. An efficient low bit-rate (1.9 kbps) speech coder is also designed for use with the proposed modulation scheme for optimal results. Different speech characteristics such as pitch, energy and line spectral frequencies are extracted and preserved before compression and encryption of speech. Previously, the best achie...
In this paper, we present a novel permissions and intents based framework for identifying Android... more In this paper, we present a novel permissions and intents based framework for identifying Android malware apps. The proposed approach, when applied to 1,745 real world applications, provides 99.8% accuracy.
Today's smart phones are used for wider range of activities. This extended range of functiona... more Today's smart phones are used for wider range of activities. This extended range of functionalities has also seen the infiltration of new security threats. The malicious parties are using highly stealthy techniques to perform the targeted operations, which are hard to detect by the conventional signature and behavior based approaches. Besides, the limited resources of mobile device are inadequate to perform the computationally extensive malware detection tasks and to sustain the device's clean status. In this paper, we propose an effective and resource rich detection system which uses certain distinguishing combinations of permissions and intents used by the apps to identify the malware apps. Different machine learning algorithms are investigated for classification of apps into benign or malware types. To the best of our knowledge, this is the first ever work in which both the permissions and intents have been amalgamated for malware detection using cloud computing paradigm....
Computers & Security, Jul 1, 2017
The extensive usage of smartphones has been the major driving force behind a drastic increase of ... more The extensive usage of smartphones has been the major driving force behind a drastic increase of new security threats. The stealthy techniques used by malware make them hard to detect with signature based intrusion detection and anti-malware methods. In this paper, we present PIndroid-a novel Permissions and Intents based framework for identifying Android malware apps. To the best of our knowledge, PIndroid is the first solution that uses a combination of permissions and intents supplemented with multiple stages of classifiers for malware detection. Ensemble techniques are applied for optimization of detection results. We apply the proposed approach on 1,745 real world applications and obtain 99.8% accuracy which is the best reported to date. Empirical results suggest that our proposed framework built on permissions and intents is effective in detecting malware applications.
Intrusion detection is a versatile security paradigm which can avert most of the computer and net... more Intrusion detection is a versatile security paradigm which can avert most of the computer and network related attacks, if efficiently employed. This paper presents a novel solution for detection and prevention of known and unknown network and cloud computing vulnerabilities. The proposed framework is an amalgamation of some of the existing state-of-the-art intrusion detection and prevention technologies. The design of this novel system is adaptable with little customization by complicated networks, cloud computing, Voice over IP and Next Generation Networks in order to abate the versatile threat environments.
2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), 2014
Mobile phones are mastering our day to day scheduling, entertainment, information and almost ever... more Mobile phones are mastering our day to day scheduling, entertainment, information and almost every aspect of life. With the increasing human dependence on smart phones, threats against these devices have also increased exponentially. Almost all the mobile apps are playing with the mobile user's privacy besides the targeted actions by the malicious apps. Android applications use permissions to use different features and resources of mobile device along with the intents to launch different activities. Various aspects of permission framework have been studied but sufficient attention has not been given to the intent framework. This work is first of its kind which is investigating the combined effects of permissions and intent filters to distinguish between the malware and benign apps. This paper proposes a novel approach to identify the malicious apps by analyzing the permission and intent patterns of android apps. This approach is supplemented with the machine learning algorithms for further classification of apps. Performance of proposed approach has been validated by applying the technique to the available malicious and benign samples collected from a number of sources.
Communications in Computer and Information Science, 2017
Application collusion is an emerging threat to Android based devices. In app collusion, two or mo... more Application collusion is an emerging threat to Android based devices. In app collusion, two or more apps collude in some manner to perform a malicious action that they are unable to do independently. Detection of colluding apps is a challenging task. Existing commercial malware detection systems analyse each app separately, hence fail to detect any joint malicious action performed by multiple apps through collusion. In this paper, we discuss the current state of research on app collusion and open challenges to the detection of colluding apps. We compare existing approaches and present an integrated approach to effectively detect app collusion.
—In this paper, we present a novel permissions and intents based framework for identifying Androi... more —In this paper, we present a novel permissions and intents based framework for identifying Android malware apps. The proposed approach, when applied to 1,745 real world applications, provides 99.8% accuracy. I. INTRODUCTION Android being the most widely used platform for smartphones is under constant attacks [1, 2, 3]. We propose a malware detection approach which classifies apps against certain combinations of permissions and intents which are unique to malware apps [4, 6]. We evaluate the efficacy of proposed approach by applying machine learning algorithms. We apply the ensemble methods to optimize the results. The fact that permissions and intents facilitate app collusion, our proposed solution is suitable for detection of colluding apps in addition to and unknown malware apps [7]
Skype, Google Talk, Yahoo voice etc. are all applications that enable the use of the Internet for... more Skype, Google Talk, Yahoo voice etc. are all applications that enable the use of the Internet for voice conversations. They offer cost effectiveness and are easy to use, and due to these reasons many new VoIP applications are coming into existence. However, all forms of communications need to be monitored for security purposes to ensure their correct usage. With the development of more and more VoIP applications, monitoring and detection of these applications is becoming a more difficult task. Most detection techniques are based on standard protocol and IP address identification. Thus, application detection and monitoring techniques are developed after an application has been in use for some time, resulting in obvious security implications. This paper presents generic techniques for the detection of traffic generated by all VoIP protocols, both currently in existence and any future VoIP protocols that may be used. The method proposed is based on analysis carried out on different VoIP applications currently in existence.