Visible to the public Biblio

Filters: Author is Cukier, M.  [Clear All Filters]
2018-03-26
Movahedi, Y., Cukier, M., Andongabo, A., Gashi, I..  2017.  Cluster-Based Vulnerability Assessment Applied to Operating Systems. 2017 13th European Dependable Computing Conference (EDCC). :18–25.

Organizations face the issue of how to best allocate their security resources. Thus, they need an accurate method for assessing how many new vulnerabilities will be reported for the operating systems (OSs) they use in a given time period. Our approach consists of clustering vulnerabilities by leveraging the text information within vulnerability records, and then simulating the mean value function of vulnerabilities by relaxing the monotonic intensity function assumption, which is prevalent among the studies that use software reliability models (SRMs) and nonhomogeneous Poisson process (NHPP) in modeling. We applied our approach to the vulnerabilities of four OSs: Windows, Mac, IOS, and Linux. For the OSs analyzed in terms of curve fitting and prediction capability, our results, compared to a power-law model without clustering issued from a family of SRMs, are more accurate in all cases we analyzed.

2018-01-23
Shahegh, P., Dietz, T., Cukier, M., Algaith, A., Brozik, A., Gashi, I..  2017.  AVAMAT: AntiVirus and malware analysis tool. 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). :1–4.

We present AVAMAT: AntiVirus and Malware Analysis Tool - a tool for analysing the malware detection capabilities of AntiVirus (AV) products running on different operating system (OS) platforms. Even though similar tools are available, such as VirusTotal and MetaDefender, they have several limitations, which motivated the creation of our own tool. With AVAMAT we are able to analyse not only whether an AV detects a malware, but also at what stage of inspection does it detect it and on what OS. AVAMAT enables experimental campaigns to answer various research questions, ranging from the detection capabilities of AVs on OSs, to optimal ways in which AVs could be combined to improve malware detection capabilities.