Journal & Conference Proceeding Publications

Abnormal application behavior in mobile can produce a number of undesirable effects. An incorrect or insufficient implementation of application lifecycle, memory related issues and malicious application might cause an unexpected behavior of the application such as bad usability, not responding, crashed and even data loss. Current analysis and detection of abnormal applications behavior are still not comprehensive enough where behavior under user visible failure category such as crash, “stopped unexpectedly” and “not responding” received less attention by researchers. Furthermore, framework of analysis technique has not been developed by researcher to investigate the abnormal behavior in mobile application. Thus, in this paper we will study, analyze and classify the possible issues in causing abnormal application behavior and the existing techniques in identifying abnormal application behavior.

Due to the increase of sophisticated attacks on Androids platform, several techniques for detecting malware on Android platform have been introduced. However, almost none of them are really focusing on response part in deployment of Android-based IDS. These actions and measures are important to ensure confidentiality, integrity and availability of the protected systems, assets or resources. Securing information from a defense-in-depth perspective is not just about deploying specific technologies to counter certain risks. IDS therefore should provide full capability in incident handling processes in Android platform in order to protect the assets and system resources. Thus, the aim of this research is to develop an improved response system on Android based IDS which will increase the value of response effectiveness while reducing potential harms caused by intrusion. By doing this, it should helps to enhance the effectiveness of incident handling process in securing Android platform.

Many organizations have changed their traditional systems to web-based applications to make more profit and at the same time to increase the efficiency of their activities such as customer support services and data transactions. However web-based applications have become a major target for attackers due to some common vulnerability exists in the application. Assessing the level of information security in a web-based application is a serious challenge for many organizations. One of the important steps to ensure the security of web application is conducting vulnerability assessment periodically. Vulnerability assessment is a process to search for any potential loopholes or vulnerability contain in a system. Most of the current efforts in assessments are involve searching for known vulnerabilities that commonly exist in web-based application. The process of conducting vulnerability assessment can be improved by understanding the functionality of the application and characteristics of the nature vulnerabilities. In this paper, we perform an empirical study on how to do vulnerability assessment with the aim of understanding how the functionality, vulnerabilities and activities that would benefit for the assessment processes from the perspective of application security.

The potential for catastrophic cyber attacks that can cripple the operations of critical infrastructures of nations is worrying. The consequences of cyber attack to the Supervisory Control and Data Acquisition (SCADA) systems are wide, resulting in potentially catastrophic damages and disruption. This paper proposes for the Critical National Information Infrastructure(CNII) organizations to comply with the ISO/IEC 27001:2013 or Information Security Management System (ISMS), which provides a systematic guidance for the organization's information security risks management and the implementation of security controls to reduce such risks to an acceptable level. The implementation of the ISMS certification in Malaysia’s CNII will be the case study of this paper. Future works in this area can be further conducted, which may lead to the development of critical infrastructure protection (CIP) programs and the development of risk management frameworks to counter threats from cyber terrorism attacks for CNII.

With the advance in technology and the introduction of cloud computing, the usage of Internet application has been increased rapidly. In addition, the online storages with password protected such as Dropbox, Box Sync, Copy and Cloud Me are already available to all users. Hence, with a rapid development and introduction of this technology, the analysis on the hard drive has become obsolete in retrieving the information from those applications. The aim of this paper is to present an algorithm to track the sensitive information from online application for both active and exile process in the computer memory. The algorithm encompasses the signature search to find the possible processes in the memory, obtain the user and machine data and then some sensitive information with regard to the online application. The algorithm will be independent of address translation algorithm that has been frequently applied in the retrieving technique in the past.