Daniel J. Arp scite author profile

Malicious applications pose a threat to the security of the Android platform. The growing amount and diversity of these applications render conventional defenses largely ineffective and thus Android smartphones often remain unprotected from novel malware. In this paper, we propose DREBIN, a lightweight method for detection of Android malware that enables identifying malicious applications directly on the smartphone. As the limited resources impede monitoring applications at run-time, DREBIN performs a broad static analysis, gathering as many features of an application as possible. These features are embedded in a joint vector space, such that typical patterns indicative for malware can be automatically identified and used for explaining the decisions of our method. In an evaluation with 123,453 applications and 5,560 malware samples DREBIN outperforms several related approaches and detects 94% of the malware with few false alarms, where the explanations provided for each detection reveal relevant properties of the detected malware. On five popular smartphones, the method requires 10 seconds for an analysis on average, rendering it suitable for checking downloaded applications directly on the device.

show abstract

Nitrosopumilus maritimus genome reveals unique mechanisms for nitrification and autotrophy in globally distributed marine crenarchaea

Walker

Torre

Klotz

et al. 2010

Proc. Natl. Acad. Sci. U.S.A.

862

894

View full text Add to dashboard Cite

Ammonia-oxidizing archaea are ubiquitous in marine and terrestrial environments and now thought to be significant contributors to carbon and nitrogen cycling. The isolation of Candidatus “ Nitrosopumilus maritimus ” strain SCM1 provided the opportunity for linking its chemolithotrophic physiology with a genomic inventory of the globally distributed archaea. Here we report the 1,645,259-bp closed genome of strain SCM1, revealing highly copper-dependent systems for ammonia oxidation and electron transport that are distinctly different from known ammonia-oxidizing bacteria. Consistent with in situ isotopic studies of marine archaea, the genome sequence indicates N. maritimus grows autotrophically using a variant of the 3-hydroxypropionate/4-hydroxybutryrate pathway for carbon assimilation, while maintaining limited capacity for assimilation of organic carbon. This unique instance of archaeal biosynthesis of the osmoprotectant ectoine and an unprecedented enrichment of multicopper oxidases, thioredoxin-like proteins, and transcriptional regulators points to an organism responsive to environmental cues and adapted to handling reactive copper and nitrogen species that likely derive from its distinctive biochemistry. The conservation of N. maritimus gene content and organization within marine metagenomes indicates that the unique physiology of these specialized oligophiles may play a significant role in the biogeochemical cycles of carbon and nitrogen.

show abstract

Complete Genome Sequence of the Ammonia-Oxidizing Bacterium and Obligate Chemolithoautotroph Nitrosomonas europaea

et al. 2003

View full text Add to dashboard Cite

Nitrosomonas europaea (ATCC 19718) is a gram-negative obligate chemolithoautotroph that can derive all its energy and reductant for growth from the oxidation of ammonia to nitrite. Nitrosomonas europaea participates in the biogeochemical N cycle in the process of nitrification. Its genome consists of a single circular chromosome of 2,812,094 bp. The GC skew analysis indicates that the genome is divided into two unequal replichores. Genes are distributed evenly around the genome, with ϳ47% transcribed from one strand and ϳ53% transcribed from the complementary strand. A total of 2,460 protein-encoding genes emerged from the modeling effort, averaging 1,011 bp in length, with intergenic regions averaging 117 bp. Genes necessary for the catabolism of ammonia, energy and reductant generation, biosynthesis, and CO 2 and NH 3 assimilation were identified. In contrast, genes for catabolism of organic compounds are limited. Genes encoding transporters for inorganic ions were plentiful, whereas genes encoding transporters for organic molecules were scant. Complex repetitive elements constitute ca. 5% of the genome. Among these are 85 predicted insertion sequence elements in eight different families. The strategy of N. europaea to accumulate Fe from the environment involves several classes of Fe receptors with more than 20 genes devoted to these receptors. However, genes for the synthesis of only one siderophore, citrate, were identified in the genome. This genome has provided new insights into the growth and metabolism of ammonia-oxidizing bacteria.

show abstract

Modeling and Discovering Vulnerabilities with Code Property Graphs

Golde²,

et al. 2014

View full text Add to dashboard Cite

Abstract-The vast majority of security breaches encountered today are a direct result of insecure code. Consequently, the protection of computer systems critically depends on the rigorous identification of vulnerabilities in software, a tedious and errorprone process requiring significant expertise. Unfortunately, a single flaw suffices to undermine the security of a system and thus the sheer amount of code to audit plays into the attacker's cards. In this paper, we present a method to effectively mine large amounts of source code for vulnerabilities. To this end, we introduce a novel representation of source code called a code property graph that merges concepts of classic program analysis, namely abstract syntax trees, control flow graphs and program dependence graphs, into a joint data structure. This comprehensive representation enables us to elegantly model templates for common vulnerabilities with graph traversals that, for instance, can identify buffer overflows, integer overflows, format string vulnerabilities, or memory disclosures. We implement our approach using a popular graph database and demonstrate its efficacy by identifying 18 previously unknown vulnerabilities in the source code of the Linux kernel.

show abstract

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

Demontis

Melis

Biggio

et al. 2019

IEEE Trans. Dependable and Secure Comput.

223

257

View full text Add to dashboard Cite

Abstract-To cope with the increasing variability and sophistication of modern attacks, machine learning has been widely adopted as a statistically-sound tool for malware detection. However, its security against well-crafted attacks has not only been recently questioned, but it has been shown that machine learning exhibits inherent vulnerabilities that can be exploited to evade detection at test time. In other words, machine learning itself can be the weakest link in a security system. In this paper, we rely upon a previously-proposed attack framework to categorize potential attack scenarios against learning-based malware detection tools, by modeling attackers with different skills and capabilities. We then define and implement a set of corresponding evasion attacks to thoroughly assess the security of Drebin, an Android malware detector. The main contribution of this work is the proposal of a simple and scalable secure-learning paradigm that mitigates the impact of evasion attacks, while only slightly worsening the detection rate in the absence of attack. We finally argue that our secure-learning approach can also be readily applied to other malware detection tasks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Daniel J. Arp

Drebin: Effective and Explainable Detection of Android Malware in Your Pocket

Nitrosopumilus maritimus genome reveals unique mechanisms for nitrification and autotrophy in globally distributed marine crenarchaea

Complete Genome Sequence of the Ammonia-Oxidizing Bacterium and Obligate Chemolithoautotroph Nitrosomonas europaea

Modeling and Discovering Vulnerabilities with Code Property Graphs

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

Contact Info

Product

Resources

About