Visible to the public Biblio

Filters: Author is Butakov, Sergey  [Clear All Filters]
2022-08-12
Ajiri, Victor, Butakov, Sergey, Zavarsky, Pavol.  2020.  Detection Efficiency of Static Analyzers against Obfuscated Android Malware. 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :231–234.
Mobile antivirus technologies incorporate static analysis which involves the analysis of programs without its execution. This process relies on pattern matching against a signature repository to identify malware, which can be easily tricked by transformation techniques such as obfuscation. Obfuscation as an evasion technique renders character strings disguised and incomprehensive, to prevent tampering and reengineering, which poses to be a valuable technique malware developers adopt to evade detection. This paper attempts to study the detection efficiency of static analyzers against obfuscated Android malware. This study is the first step in a larger project attempting to improve the efficiency of malware detectors.
2020-07-27
Adetunji, Akinbobola Oluwaseun, Butakov, Sergey, Zavarsky, Pavol.  2018.  Automated Security Configuration Checklist for Apple iOS Devices Using SCAP v1.2. 2018 International Conference on Platform Technology and Service (PlatCon). :1–6.
The security content automation includes configurations of large number of systems, installation of patches securely, verification of security-related configuration settings, compliance with security policies and regulatory requirements, and ability to respond quickly when new threats are discovered [1]. Although humans are important in information security management, humans sometimes introduce errors and inconsistencies in an organization due to manual nature of their tasks [2]. Security Content Automation Protocol was developed by the U.S. NIST to automate information security management tasks such as vulnerability and patch management, and to achieve continuous monitoring of security configurations in an organization. In this paper, SCAP is employed to develop an automated security configuration checklist for use in verifying Apple iOS device configuration against the defined security baseline to enforce policy compliance in an enterprise.
2020-03-18
Nikoue, Jean Claude, Butakov, Sergey, Malik, Yasir.  2019.  Security Evaluation Methodology for Software Defined Network Solutions. 2019 International Conference on Platform Technology and Service (PlatCon). :1–6.

Software Defined Networking (SDN) has introduced both innovative opportunities and additional risks in the computer networking. Among disadvantages of SDNs one can mention their susceptibility to vulnerabilities associated with both virtualization and the traditional networking. Selecting a proper controller for an organization may not be a trivial task as there is a variety of SDN controllers on the market and each of them may come with its own pros and cons from the security point of view. This research proposes a comprehensive methodology for organizations to evaluate security-related features available in SDN controllers. The methodology can serve as a guideline in the decisions related to SDN choice. The proposed security assessment follows a structured approach to evaluate each layer of the SDN architecture and each metrics defined in presented research has been matched with the security controls defined in NIST 800-53. Through the tests on actual controllers the paper provides an example on how the proposed methodology can be used to evaluate existing SDN solutions.