IEEE Transactions on Computational Social Systems (2329924X)11(6)pp. 7698-7710
The growing popularity of social networks has amplified their capacity to form public opinions. The opinion formation process is affected by social factors and social phenomena such as spiral of silence and echo chambers. In this article, we present a directed homophilic preferential attachment (DHPA) model to capture the dynamics of social network generation and rewiring (network dynamics) and to take the variation of attitudes and characteristics of users when expressing their opinions and their desire to establish relationships with others into account (opinion dynamics). The proposed model not only integrates network dynamics and opinion dynamics but also accounts for homophily and the formation of social phenomena that create consensus or polarity. This results in more realistic outcomes compared to similar models. In addition, the model can contrast factors that drive consensus with those that drive polarization. DHPA provides necessary facilities for examining the impact of different factors on the opinion formation process. It enables us to analyze the circumstances to reach consensus and polarity. It is shown that the network generated by the proposed DHPA model appropriately conforms to real social networks. We have examined the impact of some important social factors by conducting a number of sensitivity analysis scenarios on the model, which led to interesting results. © 2014 IEEE.
Hasan, Hayyan Salman,
Sahafizadeh, Ebrahim,
Hasan, H.,
Deeb, H.,
Torkladani, B. ISeCure (20083076)15(1)pp. 59-71
Sensitive methods are those that are commonly used by Android malware to perform malicious behavior. These methods may be either evasion or malicious payload methods. Although there are several approaches to handle these methods for performing effective dynamic malware analysis, generally most of them are based on a manually created list. However, the performance shown by the selected approaches is based on the completeness of the manually created list that is not almost a complete and up-to-date one. Missing some sensitive methods causes to degrade the overall performance and affects the effectiveness of analyzing Android malware. In this paper, we propose a machine learning approach to predict new sensitive methods that might be used in Android malware. We use a manually collected training dataset to train two classifiers: the first one is used to detect the sensitivity nature of the Android methods, and the second one is used to categorize the detected sensitive methods into predefined categories. We applied the proposed approach to a large number of methods extracted from Android API 27. The proposed approach is able to predict hundreds of sensitive methods with the accuracy of 94.4% for the first classifier and 92.8% for the second classifier. To evaluate the proposed approach, we built a new list of the detected sensitive methods and used it in a number of tools to perform dynamic malware analysis. The proposed model found various sensitive methods that were not considered before by any other tools. Hence, the effectiveness of these tools in performing dynamic analysis is increased.(c) 2020 ISC. All rights reserved.
Sharbaf, Mohammadreza,
Sahafizadeh, Ebrahim,
Nirumand, A.,
Zamani, B.,
Torkladani, B.,
Klein, J.,
Bissyandé, T.F. SOFTWARE-PRACTICE & EXPERIENCE (00380644)53(4)pp. 895-936
Android users install various apps, such as banking apps, on their smart devices dealing with user-sensitive information. The Android framework, via Inter-Component Communication (ICC) mechanism, ensures that app components (inside the same app or on different apps) can communicate. The literature works have shown that this mechanism can cause security issues, such as app security policy violations, especially in the case of Inter-App Communication (IAC). Despite the plethora of research on detecting security issues in IAC, detection techniques face fundamental ICC challenges for improving the precision of static analysis. Challenges include providing comprehensive and scalable modeling of app specification, capturing all potential ICC paths, and enabling more effective IAC analysis. To overcome such challenges, in this paper, we propose a framework called VAnDroid2, as an extension of our previous work, to address the security issues in multiple components at both intra- and inter-app analysis levels. VAnDroid2, based on Model-Driven Reverse Engineering, has extended our previous work as per following: (1) providing a comprehensive Intermediate Representation (IR) of the app which supports extracting all the ICC information from the app, (2) extracting high-level representations of the apps and their interactions by omitting the details that are not relevant to inter-app security analysis, and (3) enabling more effective IAC security analysis. This framework is implemented as an Eclipse-based tool. The results of evaluating VAnDroid2 w.r.t. correctness, scalability, and run-time performance, and comparing with state-of-the-art analysis tools well indicate that VAnDroid2 is a promising framework in the field of Android inter-app security analysis.
Journal of Information Security and Applications (22142126)78
Dynamic analysis is a prominent approach for understanding the real-behavior of Android malware. Malware mainly use evasions to underperform dynamic analysis. Although different approaches have been proposed to tackle evasive malware, they suffer from several limitations, e.g. most of them use static analysis to detect the evasions which can be defeated by using anti static analysis techniques. On the other hand, to defeat the evasions, they use different execution methods that cause crashes in some cases. To address the challenges of detecting and defeating malware evasions, we propose Maaker, a novel framework that utilizes both static and dynamic analyses through hybrid execution along with a human in the loop approach. Maaker takes advantage of Model Driven Engineering (MDE) to facilitate putting the human in the loop in order to use his/her knowledge to tackle different evasions for extracting the real malicious behavior with little effort. Maaker is compared with Ares, IntelliDroid and Defuzer tools. We used malware samples from AMD dataset to compare the tools regarding some criteria including the number of detected evasions, reached targets, required executions, and the time required to reach the targets. Evaluation results show that Maaker outperforms the three rival tools regarding effectiveness, efficiency, and scalability. © 2023 Elsevier Ltd
Journal of Reliable Intelligent Environments (21994668)9(4)pp. 447-461
Nowadays, the increasing use of internet in vehicular environments leads to the Vehicular Social Network (VSN) concept as an instance of Internet of Things applications in transportation industry. Information sharing between users in vehicular networks should be done in a privacy-preserving manner, especially users’ location privacy should be preserved. It is also essential to motivate users to participate in the information-sharing system. Moreover, users should be encouraged to behave honestly in the system. This paper presents an information-sharing scheme in VSN, in which not only preserving the privacy of users is supported, but also provides sufficient incentives for users to participate in the system. In addition, the reputation factor is used to encourage users to behave honestly. In the proposed scheme, the Internet platform (Internet of Vehicles) is used for information sharing instead of using the commonly used short-range communication. Furthermore, a ticketing system is used for motivating users to participate in the system. To evaluate the proposed scheme, the Veins simulation tool is used along with the actual data in the Créteil data set. The results of evaluation and analysis of the proposed method show that the quality of the delivered messages affects the number of rewards received by users and also the system works in a fair manner. On the other hand, the system operation is monitored in the presence of whitewashing and slandering attackers. As the result, the proposed system could be reliable in the presence of certain percentages of attackers, depending on the used operation modes. Finally, to ensure the privacy of users, the appropriate size for the areas of movement of vehicles has been analyzed and discussed. © 2022, The Author(s), under exclusive licence to Springer Nature Switzerland AG.
Journal of Ambient Intelligence and Humanized Computing (18685145)14(1)pp. 655-675
Mobile crowd-sensing (MCS) is a solution to provide spectrum availability information for dynamic spectrum access in cognitive radio systems. In MCS-based spectrum monitoring, participants should report the location and time of spectrum sensing in addition to the status of the spectrum bands, which raises the need for privacy-preserving. On the other hand, it is required to mitigate the possibility of fake reports sent from malicious participants that is almost handled using trust mechanisms. The trust mechanisms should be resistant to possible wrong reports which are due to channel fading and/or noise too. Moreover, some incentive mechanisms are required to encourage mobile users to participate in the crowd-sensing process. However, preserving-privacy, managing trust, and providing proper incentive mechanisms altogether is a challenge in MCS-based spectrum monitoring systems that has not been appropriately considered yet in previous work. In this paper, we propose a method that includes a privacy-preserving protocol with secure rewarding capability as well as a trust mechanism against malicious participants for MCS-based spectrum monitoring. We exploit Dempster–Shafer theory besides the reputation of participants in an anonymous manner to decide about spectrum availability. Also, we take advantage of the Gompertz function when updating the reputation of participants to better handle the spectrum sensing errors. To evaluate the proposed method, we conduct simulations to analyze and compare the proposed trust and spectrum decision mechanisms. The results show that in the proposed method, although 40% of participants were malicious, in more than 95% of cases, we were able to make the right decision about the participant's behavior compared to the majority method where only in about 85% of cases, the decision was correct. Also, we use ProVerif automatic protocol verifier to formally evaluate some security features of the proposed anonymity protocol. Moreover, we conduct some experimental analysis to validate the proposed protocol. The evaluation results demonstrate the superiority of the proposed method regarding both performance criteria and security features compared to the baseline methods. © 2021, The Author(s), under exclusive licence to Springer-Verlag GmbH Germany, part of Springer Nature.
Physica A: Statistical Mechanics and its Applications (03784371)609
Mobile Instant Messengers (MIMs) are vastly used for communication and information sharing in recent years. However, interesting features of these applications such as group-based communication and broadcasting in channels cause rumors also to be spread in MIM networks more quickly than ordinary social networks. Although there are lots of works on modeling, analysis, and controlling rumor dissemination in social networks, the mentioned features of MIMs are not almost considered. In this paper we propose a new model for soft rumor control in MIMs that considers rumor propagation in groups and channels. By soft rumor control we mean measures for enhancing the people's knowledge and awareness against the rumor to persuade them avoiding rumor dissemination. We suggest two soft rumor control mechanisms including a provenance based decision making process and making anti-rumor campaigns. In the first mechanism, in order to improve the ability of users to take proper actions against rumors, they are equipped with rumor provenance information including the level of trust to rumor spreader, reputation of the source of rumor and the degree of credibility of the rumor. In the second mechanism, some MIM users who have more serious concerns about the rumor effects try making an anti-rumor campaign to fight spreading the rumor. The proposed model is formalized as an extended Partially Observable Markov Decision Process (POMDP) to capture the dynamics of rumor propagation and the control mechanisms. To evaluate the proposed model, we conduct a number of extensive agent-based simulation experiments on a synthesized MIM network that show the effectiveness of the proposed mechanisms to control rumor propagation. We also conduct interesting sensitivity analysis to see the effects of different model parameters on the dynamics of the rumor propagation with control mechanisms. The proposed model helps MIM developers to provide facilities to control rumor by collective wisdom. Furthermore, it helps people, NGOs, political parties, and so on to improve their rumor fighting strategies by making properly designed anti-rumor campaigns. © 2022 Elsevier B.V.
Torkladani, B.,
Nirumand, A.,
Zamani, B.,
Nirumand, A.,
Zamani, B.,
Torkladani, B. 2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025
Data sharing is one of the main Inter-Process Communication (IPC) mechanisms that allows the components of Android applications to interact. The Content Provider is one of the four primary app components, which provides the capability to share data between app components. However, unsafe implementation of this component and exploiting it can lead to various security issues such as passive data leak and content pollution. Despite the plethora of studies on Android app security analysis, yet there is a basic need for approaches that can analyze apps and identify the data sharing issues. To fill this gap, in this paper, a model-based static analysis approach is proposed that receives an Android application and extracts a domain-specific model from the app to perform various app analyses, including security analysis, functionality analysis, and performance analysis. This model includes the security aspects of the app, particularly the information related to the Content Providers and Uniform Resource Identifiers (URIs). The proposed approach is evaluated to examine the extent to which this approach leads to purposeful high-level representations from Android apps. The results indicate that the comprehensive and high-level representations generated from apps are practical to check the presence of data sharing issues in Android applications. © 2022 IEEE.
Social Network Analysis and Mining (18695450)12(1)
As online social networks are experiencing extreme popularity growth, determining the veracity of online statements denoted by rumors automatically as earliest as possible is essential to prevent the harmful effects of propagating misinformation. Early detection of rumors is facilitated by considering the wisdom of the crowd through analyzing different attitudes expressed toward a rumor (i.e., users’ stances). Stance detection is an imbalanced problem as the querying and denying stances against a given rumor are significantly less than supportive and commenting stances. However, the success of stance-based rumor detection significantly depends on the efficient detection of “query” and “deny” classes. The imbalance problem has led the previous stance classifier models to bias toward the majority classes and ignore the minority ones. Consequently, the stance and subsequently rumor classifiers have been faced with the problem of low performance. This paper proposes a novel adaptive cost-sensitive loss function for learning imbalanced stance data using deep neural networks, which improves the performance of stance classifiers in rare classes. The proposed loss function is a cost-sensitive form of cross-entropy loss. In contrast to most of the existing cost-sensitive deep neural network models, the utilized cost matrix is not manually set but adaptively tuned during the learning process. Hence, the contributions of the proposed method are both in the formulation of the loss function and the algorithm for calculating adaptive costs. The experimental results of applying the proposed algorithm to stance classification of real Twitter and Reddit data demonstrate its capability in detecting rare classes while improving the overall performance. The proposed method improves the mean F-score of rare classes by about 13% in RumorEval 2017 dataset and about 20% in RumorEval 2019 dataset. © 2022, The Author(s), under exclusive licence to Springer-Verlag GmbH Austria, part of Springer Nature.
IEEE Transactions on Dependable and Secure Computing (15455971)19(2)pp. 1407-1419
In a secure pattern matching scheme, a client learns only the locations where his private pattern matches a server's private text, while server learns nothing. In this article, we propose a secure pattern matching protocol for the semi-honest setting which is then enhanced to guarantee full simulation-based security in the presence of malicious parties. The proposed protocol supports exact pattern matching, approximate pattern matching and pattern matching with wildcards. It is analytically shown that the proposed protocol is considerably more efficient in the approximate matching with at most kk permitted mismatches while it has the same speed in the exact matching case comparing with the recent work in the literature. The achievements are also experimentally evaluated on a case of secure Desoxyribo-Nucleic Acid (DNA) search over the NCBI dataset of the United States national library of medicine. The results show efficiency of the proposed protocol and particularly confirm low computation overhead for the client. © 2004-2012 IEEE.
The Isc International Journal Of Information Security (20082045)14(1)pp. 13-25
Most of the current research on static analysis of Android applications for security vetting either works on Java source code or the Dalvik bytecode. Nevertheless, Android allows developers to use C or C++ code in their programs compiled into various binary architectures. Moreover, Java and the native code components (C or C++) can collaborate using the Java Native Interface. Recent research shows that native codes are frequently used in both benign and malicious Android applications. Most of the present Android static analysis tools avert considering native codes in their analysis and applied trivial models for their data-flow analysis. As we know, only the open-source JN-SAF tool has tried to solve this issue statically. However, there are still challenges like libC functions and multi-threading in native codes that we want to address in this work. We presented SANT as an extension of JN-SAF for supporting Static Analysis of Native Threads. We considered modeling libC functions in our data-flow analysis to have a more precise analysis when dealing with security vetting of native codes. We also used control flow and data dependence graphs in SANT to handle multiple concurrent threads and find implicit data-flow between them. Our experiments show that the conducted improvements outperform JN-SAF in real-world benchmark applications. © 2020 ISC. All rights reserved.
The Isc International Journal Of Information Security (20082045)14(3 Special Issue)pp. 61-69
Android is a widely used operating system that employs a permission-based access control model. The Android Permissions System (APS) is responsible for mediating application resource requests. APS is a critical component of the Android security mechanism; hence, a failure in the design of APS can potentially lead to vulnerabilities that grant unauthorized access to resources by malicious applications. In this paper, we present a formal approach for modeling and verifying the security properties of APS. We demonstrate the usability of the proposed approach by showcasing the detection of a well-known vulnerability found in Android’s custom permissions. © 2022 ISC. All rights reserved.
Evasion techniques are used by some Android malware to hide their malicious behavior and to hinder their execution during the dynamic analysis process. Many tools tackle such evasions by using a manually created list of API functions (as sources of evasions) to detect these evasions. As an important consequence, no matter how good the tool is, it can only guarantee to defeat these evasions and extract the real behavior of the malware if its list of evasion sources is complete. This way, if some evasion sources are missing from the list or when similar API functions are used, the dynamic analysis can be hindered. In this paper, we propose a machine learning approach to detect and categorize various evasion sources in Android malware. The proposed approach uses a manually collected training dataset to train two classifiers. The first classifier is used to detect the evasion nature of the Android API methods, while the second classifier is used to categorize the detected evasion sources into predefined categories. We applied the proposed approach to a large number of methods extracted from Android API 27. The proposed approach could detect hundreds of evasions with accuracy of 92.8% for the first classifier and 90.5% for the second classifier. The evaluation for 500 real-world samples showed that many of the evasions are detected by our approach, are not considered by the state-of-the-art dynamic analysis frameworks that are indeed used by malware samples. © 2021 IEEE.
Precise specification of security requirements of software systems in general, and access control policies in particular, is a critical issue. The eXtensible Access Control Markup Language (XACML) is a well-known standard for defining access control policies. The problem is that using this language and manual formulation of policies requires technical knowledge and is error prone. To address this challenge, we propose a Domain-Specific Modeling Language (DSML), called Dual-XACML that supports both Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC). As the tool support, a graphical editor as well as a transformation engine has been developed in this research. The graphical editor allows the user to create a model of access control policies for the target system. Then, using the transformations, the model is transformed into the corresponding XACML code. To evaluate the proposed approach, the XACML code of a typical system is generated, automatically. © 2021 IEEE.
Torkladani, B.,
Hasan, H.,
Zamani, B.,
Hasan, H.,
Torkladani, B.,
Zamani, B. The Isc International Journal Of Information Security (20082045)13(2)pp. 131-143
Dynamic analysis is a prominent approach in analyzing the behavior of Android apps. To perform dynamic analysis, we need an event generator to provide proper environment for executing the app in an emulator. Monkey is the most popular event generator for Android apps in general, and is used in dynamic analysis of Android malware as well. Monkey provides high code coverage and yet high speed in generating events. However, in the case of malware analysis, Monkey suffers from several limitations. It only considers UI events but no system events, and because of random behavior in generating UI events, it may lose dropping the connectivity of the test environment during the analysis process. Moreover, it provides no defense against malware evasion techniques. In this paper, we try to enhance Monkey by reducing its limitations while preserving its advantages. The proposed approach has been implemented as an extended version of Monkey, named Curious-Monkey. Curious-Monkey provides facilities for handling system events, handling evasion techniques, and keeping the test environment’s connectivity up during the analysis process. We conducted many experiments to evaluate the effectiveness of the proposed tool regarding two important criteria in dynamic malware analysis: the ability to trigger malicious payloads and the code coverage. In the evaluation process, we used the Evadroid benchmark and the AMD malware data-set. Moreover, we compared Curious-Monkey with Monkey and Ares tools. The results show that the Curious-Monkey provides better results in case of triggering malicious payloads, as well as better code coverage. © 2020 ISC. All rights reserved.
Information and Software Technology (09505849)135
Context: The tremendous growth of Android malware in recent years is a strong motivation for the vast endeavor in detection and analysis of malware apps. A prominent approach for this purpose is dynamic analysis in which providing complex interactions with the samples under analysis is a need. Event generation tools are almost used to provide such interactions, but they have deficiencies for effective malware analysis. For example, anti-static and anti-dynamic analysis techniques employed by the malware prevent event generators to extract sufficient information for generating appropriate events. As a result, they fail to trigger malicious payloads or obtain high code coverage in most cases. Objective: In this paper, we aim to present a new framework to improve the event generation process for dynamic analysis of Android malware. Method: We propose MEGDroid, a Model Driven Engineering (MDE) framework in which malware-related information is automatically extracted and represented as a domain-specific model. This model, then is used to generate appropriate events for malware analysis using model-to-model and model-to-code transformations. The proposed model-driven artifacts also provide required facilities to put the human in the loop for properly taking his/her knowledge into account. Results: The proposed framework has been realized as an Eclipse plugin and we performed extensive practical analysis on a set of malware samples selected from the AMD dataset. The experimental results showed that MEGDroid considerably increases the number of triggered malicious payloads as well as the execution code coverage compared with Monkey and DroidBot, as two state of the art general-purpose and malware specific event generators respectively. Conclusion: The proposed MDE approach, enhances the event generation process through both automatic event generation and analyzer user involvement who can efficiently direct the process to increase the effectiveness of the generated events considering small amount of information that is extractable from the malware code. © 2021
Engineering Applications of Artificial Intelligence (09521976)100
Nowadays, social networks become ubiquitous platforms for sharing and diffusing information around the world. However, spreading rumors as unverified and opaque information in social networks causes harmful damages to societies. An approach for combating rumors in social networks is to use soft control mechanisms i.e. enhancing the people's knowledge and awareness against the rumor to persuade them avoiding rumor dissemination. In this paper, we propose a soft rumor control model in which people refer to their trusted friends or ask the reputable authorities about the rumor to avoid rumor spreading. The model includes a method for selecting consultants who are both expert in rumor context and responsive to queries about rumors by the user. The battlespace between rumor and anti-rumor spreaders is then modeled as an evolutionary game to analyze the controls’ effectiveness. To evaluate the proposed model, we use Pheme dataset of tweets and conduct simulation analysis. It is shown that trusted consultants suggested by the model with high precision are the same users who send anti-rumor messages in real world. Furthermore, we analyze and compare soft rumor control methods on societies with different assumed cyber literacy and habits. Moreover, it is interestingly shown that using soft rumor control mechanisms in some situations outperforms traditional hard controls (e.g. censorship). Note that as we have used tangible factors in formulating the proposed model, it can help social network developers to build feasible soft rumor control facilities in their own products. © 2021 Elsevier Ltd
IEEE Transactions on Computational Social Systems (2329924X)7(1)pp. 68-83
Mobile instant messaging (MIM) systems have provided very convenient ways for communication and information exchange in recent years. Interesting features of these applications have made them important platforms for spreading information, idea, behavior, and rumor. In contrast to traditional social networks, communication in MIM applications is not necessarily based on friendship relations. In group-based communication and broadcasting in channels that are prominent features of MIM systems, users may send messages to and receive messages from people with whom do not already have friendly relations. This kind of communication leads to the creation of special network in which not only users and their contact lists but also groups and channels are involved. Existing complex network models are not sufficiently expressive to represent this kind of communication network. In this article, we introduce the concept of social communication network (SCN) to be able to consider special structural properties of communications in MIM systems and propose a model for representing and generating the SCN in MIM systems. The proposed model covers all social communications between users, groups, and channels and exhibits the statistics observed in real-world data. We also redefine some existing properties and introduce some new properties of the MIM network that earlier models of complex networks do not capture. To evaluate the proposed model, we conduct a number of simulation experiments on the model and compare the results with a real-world graph that we have extracted from Telegram. The results show that SCN derived by the model is highly compatible with the real-world graph. The proposed model provides a useful basis for analysis and evaluation of MIM network properties. © 2014 IEEE.
IEEE Access (21693536)8pp. 162642-162656
The advent of Advanced Persistent Threat (APT) as a new concept in cyber warfare has raised many concerns in recent years. APT based cyber-attacks are usually stealthy, stepwise, slow, long-term, planned, and based on a set of varied zero-day vulnerabilities. As a result, these attacks behave as diverse and dynamic as possible, and hence the generated alerts for these attacks are normally below the common detection thresholds of the conventional attacks. Therefore, the present approaches are not mostly able to effectively detect or analyze the behavior of this class of attacks. In this article, an approach for real-time detection of APT based cyber-attacks based on causal analysis and correlating the generated alerts by security and non-security sensors is introduced. The proposed method computes the infection score of hosts by modeling, discovery, and analysis of causal relationships among APT steps. For this purpose, a dynamic programming algorithm is introduced which works on alerts of each host separately and conducts a long-term analysis on the attack process to combat the outlasting feature of the APT attacks yet coping with a high volume of alert information. The proposed method is implemented and extensively evaluated using a semi real-world dataset and simulation. The experimental results show that the proposed approach can effectively rank hosts based on their infection likelihood with acceptable accuracy. © 2020 Institute of Electrical and Electronics Engineers Inc.. All rights reserved.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 567-572
Security vetting of Android applications is one of the crucial aspects of the Android ecosystem. Regarding the state of the art tools for this goal, most of them doesn't consider analyzing native codes and only analyze the Java code. However, Android concedes its developers to implement a part or all of their applications using C or C++ code. Thus, applying conservative manners for analyzing Android applications while ignoring native codes would lead to less precision in results. Few works have tried to analyze Android native codes, but only JN-SAF has applied taint analysis using static techniques such as symbolic execution. However, symbolic execution has some problems when is used in large programs. One of these problems is the exponential growth of program paths that would raise the path explosion issue. In this work, we have tried to alleviate this issue by introducing our new tool named CTAN. CTAN applies new symbolic execution methods to angr in a particular way that it can make JN-SAF more efficient and faster. We have introduced compositional taint analysis in CTAN by combining satisfiability modulo theories with symbolic execution. Our experiments show that CTAN is 26 percent faster than its previous work JN-SAF and it also leads to more precision by detecting more data-leakage in large Android native codes. © 2020 IEEE.
Torkladani, B.,
Hasan, H.,
Zamani, B.,
Hasan, H.,
Torkladani, B.,
Zamani, B. 2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 65-72
Dynamic analysis is a prominent approach in analyzing the behavior of Android apps. To perform dynamic analysis, we need an event generator to execute the app. Monkey is the most popular event generator that is used in Android dynamic analysis. Monkey provides high code coverage, and yet high speed in generating events. However, in the case of malware analysis, Monkey suffers from several limitations. It only considers UI events but no system events. Moreover, it causes disconnecting the connectivity of the test environment during the analysis process. In this paper, we try to enhance Monkey to reduce its limitations while preserving its advantages. The proposed approach includes preparing Monkey with a facility for handling system events and keeping the connectivity of the test environment up during the analysis process. To evaluate the extended version of Monkey, we compare it with its original version regarding two important criteria in the case of malware analysis: The number of called sensitive APIs, and the code coverage. The evaluation process uses 100 randomly selected samples from AMD malware dataset. The results show that enhanced Monkey improves its ability to trigger sensitive APIs, and increases its code coverage. © 2020 IEEE.
Information Systems Frontiers (15729419)22(1)pp. 187-201
Information security investment is of high importance in management of IT infrastructure. There are many researches focused on game theoretical modeling and analysis of security investment of interdependent firms against potential security attacks. However, these studies usually are not concerned with dynamic and strategic nature of attacks which are increasingly important features of today’s cyber systems. Strategic attackers are those who are able to substitute their investments among targets over time by shifting investments towards poorly protected targets in order to obtain more potential financial gains. In this paper we try to analyze the effects of interdependency in security investment of firms against strategic attackers. Note that although there are a limited number of works that consider the strategic nature of attack, they model the defenders as a set of isolated nodes. Hence the positive externality caused by interconnection of the firms is not considered in these models. We consider both the attackers’ actual strategic behaviors (that causes negative externality via the possibility of substituting the target) as well as structural effects of the networked firms (that leads to positive externality via attack propagation). We propose a differential game among the networked firms in which attackers act strategically. In the proposed game, by employing a linear substitution model for characterizing the process of target selection by the attacker, the open-loop Nash solutions are highlighted in an analytical form. The analytical results show how interconnectivity between firms and the strategic behavior of the attacker determines the firms’ incentives for security investment. It is shown that overinvestment or underinvestment could occur depending on the degree of interdependency among the given firms. Accordingly we designed mechanisms to encourage the firms to invest at a socially optimal level. The achieved results in this paper helps security designers to better formulate their policies in tackling strategic attackers. © 2018, Springer Science+Business Media, LLC, part of Springer Nature.
Future Generation Computer Systems (0167739X)108pp. 302-319
Trust and reputation systems (TRSs) are used in cooperative environments where an agent needs to make a decision for requesting or performing a service. However, TRSs can be abused by malicious agents who do sequences of dishonest actions (attacks). Although there are proposals on verification of TRSs against attacks, they are not comprehensive enough to evaluate various Trust Computation Models (TCMs) and/or do not provide sufficient expressive power to specify different required robustness properties. In this paper, we introduce a comprehensive framework for specifying and verifying various robustness properties in TRSs through model checking approach. The proposed framework includes three main parts: (1) a logic for specification of robustness properties of TRSs named Probabilistic Action and Reward based Computation Tree Logic (PARCTL), (2) an enhanced version of our previously proposed model for specifying TRSs in hostile environments named Trust and Reputation Interaction Model (TRIM), and (3) the required algorithms for quantitative and probabilistic model checking of PARCTL properties over the specified model. The proposed framework has been implemented as a tool named TRIM-Checker. Our experimental results on robustness analysis of famous eBay, Beta, and CORE TCMs using TRIM-Checker are presented and their robustness against attacks is evaluated and compared together. © 2020 Elsevier B.V.
Information Sciences (00200255)522pp. 299-316
Parameterized pattern matching (PPM) is the problem of matching between two given parameterized strings over two constant and parameter alphabets. PPM has special applications in software maintenance, information retrieval, computational biology, and so on. In some applications of PPM, preserving the privacy of the involved parties is essential. For example, a researcher holding an amino acid pattern needs to receive the parameterized matched locations of his/her input with the patterns in a biological database while the database owner has to obtain no information about the matching results and the pattern. In this paper, we define this problem as secure PPM (SPPM), present a scheme to resolve it in the semi-honest and malicious adversarial models, and prove the security of the proposed scheme in the universal composability (UC) framework. The proposed scheme supports wildcard and approximate PPM, too. We evaluate the security and performance of the proposed scheme. The proposed scheme is experimentally evaluated on a case of secure ribonucleic acid (RNA) search over the RNAcentral dataset. Implementation results show that the proposed scheme is secure and efficient for preserving privacy in contexts where PPM is applicable. © 2020 Elsevier Inc.
Today with development of smart grids (SG), security and efficiency topics are more important than the past. In smart grids, there are smart meter (SM) devices in residential area that send their measured data to control center (CC) for future analysis. This way, user data may pass through a few internal nodes to reach the CC. Hence, privacy preserving of user data is one of the biggest challenges in smart grid researches because by disclosing the user-related data, internal or external adversary can understand habits and behaviors of users. A solution to address this challenge is the data aggregation mechanism in which CC obtain the aggregated data of all of the users in a residential area (RA). In this paper, we present an efficient approach for data aggregation in smart grids using the AV-net mask and Paillier encryption system to preserve the user data privacy. The proposed protocol does not need any secure channel. Besides, the conducted security and performance analysis shows that not only the proposed approach is secure against eavesdropping attack and collusion up to n-2 level, but also its computational overhead is acceptable comparing the previous works. © 2019 IEEE.
Physica A: Statistical Mechanics and its Applications (03784371)523pp. 21-39
Nowadays, social networks are widely used as fast and ubiquitous media for sharing information. Rumor as unverified information also considerably spreads in social networks. The study of how rumor spreads and how it can be controlled, plays an important role in reducing social and psychological damages of rumor in social networks. Although recent researches have mainly focused on epidemic models and structure of social networks, they ignore the impact of people's decision on rumor process. In this paper, an evolutionary game model is proposed to analyze the rumor process in social network considering the impacts of people's decisions on rumor propagation and control. The model considers a rumor control mechanism via sending anti-rumor messages through rumor control centers. Factors affecting the people's decisions including social anxiety, people's attitude toward rumor/anti-rumor, strength of rumor/anti-rumor, influence of rumor control centers, and participation of people in discussions are studied in the model. The proposed game model is analyzed by replicator dynamics equations and simulation of the imitation update rule on a synthetic (Barabasi–Albert) and two real-world graphs of Twitter and Facebook. We further analyze the model in various environments considering people characteristics and society situation. Also we use a real rumor dataset of Twitter (Pheme dataset) to first compare the trends of people strategies (rumor/anti-rumor spreader and ignorant) derived by the model with the real trends of the traits of people in the rumor spreading on Twitter. Then we conduct a number of sensitivity analysis experiments to show the impact of different factors on rumor process. In fact, we analyze the trends of people strategies in Pheme dataset assuming various possible conditions. The analysis show that propagation of convincing anti-rumor messages and locating rumor control centers impact debunking the rumor. Moreover, it is shown that people attitude toward rumor/anti-rumor has significant impact on rumor spreading. Besides, factors such as social anxiety and strength of rumor accelerates rumor propagation. © 2019 Elsevier B.V.
The Isc International Journal Of Information Security (20082045)11(2)pp. 95-111
In today’s highly interconnected networks, security of the entities are often interdependent. This means security decisions of the agents are not only influenced by their own costs and constraints, but also are affected by their neighbors’ decisions. Game theory provides a rich set of tools to analyze such influence networks. In the game model, players try to maximize their utilities through security investments considering the network structure, costs and constraints, which have been set by the network owner. However, decisions of selfish entities to maximize their utilities do not always lead to a socially optimum solution. Therefore, motivating players to reach the social optimum is of high value from the network owner’s point of view. The network owner wants to maximize the overall network security by designing the game’s parameters. As far as we know, there is no notable work in the context of linear influence networks to introduce appropriate game design for this purpose. This paper presents design methods that make use of the adjustments of players’ costs, interdependencies, and constraints to align players’ incentives with a network-wide global objective. We present a comprehensive investigation of existence and uniqueness conditions of Nash Equilibrium in such environments. Furthermore, numerical results of applying the proposed mechanisms in a sample real-world example are illustrated. © 2019 ISC. All rights reserved.
Future Generation Computer Systems (0167739X)99pp. 571-592
In many modern network environments, agents of the system have to select optimal service providers who in turn decide to provide different quality of services. This is while maximization of their profits is a concern for both agents and service providers. These environments may also include malicious agents who try to illegally raise up their benefits by deception of honest agents and trampling their benefits. Trust and Reputation Systems (TRSs)are used to control the malicious agents’ behavior and to help honest agents improving their decision making quality. Security analysis and robustness evaluation of TRSs in such hostile environments is an important concern and there are a few works to address this problem. However, most of the works in this regard are not based on a proper formal model. Instead, they normally do ad-hoc or intuitive evaluations on specific case studies. There are also a number of works that do model-based analysis and evaluation on TRSs using either simulation or verification methods. However, the proposed models in these works almost suffer from lack of generality, inexpressive formalism, and/or limited applicability. In this paper, we introduce the Trust and Reputation Interaction Model (TRIM)as a comprehensive and expressive model of an interacting agent environment with malicious agents along with an underlying TRS. TRIM has enough expressive power to cover a wide range of TRSs and is able to define advanced complicated attacks. We show that how the runtime behavior of TRIM can be specified as an infinite state homogeneous Markov Decision Process (MDP)tree through the proposed algorithm. To show the applicability of the model, some famous TRSs along with the number of important trust attacks are specified using the proposed formalism. Furthermore, although the focus of this paper is on modeling, we implemented the TRIM-Checker as a preliminary tool for robustness verification of TRSs against trust attacks. The specified TRSs are then experimentally evaluated and compared against potential attacks through a novel proposed robustness criterion which is based on MDP analysis. © 2019 Elsevier B.V.
Software - Practice and Experience (1097024X)49(1)pp. 70-99
Android is extensively used worldwide by mobile application developers. Android provides applications with a message passing system to communicate within and between them. Due to the risks associated with this system, it is vital to detect its unsafe operations and potential vulnerabilities. To achieve this goal, a new framework, called VAnDroid, based on Model Driven Reverse Engineering (MDRE), is presented that identifies security risks and vulnerabilities related to the Android application communication model. In the proposed framework, some security-related information included in an Android app is automatically extracted and represented as a domain-specific model. Then, it is used for analyzing security configurations and identifying vulnerabilities in the corresponding application. The proposed framework is implemented as an Eclipse-based tool, which automatically identifies the Intent Spoofing and Unauthorized Intent Receipt as two attacks related to the Android application communication model. To evaluate the tool, it has been applied to several real-world Android applications, including 20 apps from Google Play and 110 apps from the F-Droid repository. VAnDroid is also compared with several existing analysis tools, and it is shown that it has a number of key advantages over those tools specifically regarding its high correctness, scalability, and usability in discovering vulnerabilities. The results well indicate the effectiveness and capacity of the VAnDroid as a promising approach in the field of Android security. © 2018 John Wiley & Sons, Ltd.
Risk Analysis (15396924)38(8)pp. 1559-1575
Security of the systems is normally interdependent in such a way that security risks of one part affect other parts and threats spread through the vulnerable links in the network. So, the risks of the systems can be mitigated through investments in the security of interconnecting links. This article takes an innovative look at the problem of security investment of nodes on their vulnerable links in a given contagious network as a game-theoretic model that can be applied to a variety of applications including information systems. In the proposed game model, each node computes its corresponding risk based on the value of its assets, vulnerabilities, and threats to determine the optimum level of security investments on its external links respecting its limited budget. Furthermore, direct and indirect nonlinear influences of a node's security investment on the risks of other nodes are considered. The existence and uniqueness of the game's Nash equilibrium in the proposed game are also proved. Further analysis of the model in a practical case revealed that taking advantage of the investment effects of other players, perfectly rational players (i.e., those who use the utility function of the proposed game model) make more cost-effective decisions than selfish nonrational or semirational players. © 2018 Society for Risk Analysis
Physica A: Statistical Mechanics and its Applications (03784371)506pp. 412-423
A group in a mobile social network is normally considered as a particular contact in which invited individuals can share messages. People in a mobile social network sometimes share rumor messages with the contacts in the group that are not necessarily familiar with them. They normally get the rumor messages posted by different users and forward them to the other individuals or groups. There are some models for analysis of rumor propagation in mobile social networks. However, none of them have considered the concept of rumor propagation into groups of nodes. In this paper we study the rumor spreading in mobile social networks when the concept of group propagation is also considered. For this purpose, we extend the SIR information propagation model and investigate the impact of group propagation on the dynamics of rumor spreading process. We conduct steady-state analysis to investigate the basic reproduction number of the rumor spreading in the model. Furthermore, agent-based modeling and simulation is used to analyze the final size of the rumor under various group propagation rates as well as the impacts of group parameters on group spreading dynamics. The simulation results obtained by Monte Carlo method show that group propagation effectively increases the rumor spreading speed. We show that having large groups is more effective on rumor spreading than having more groups. Furthermore we analyze the influence of network structure on rumor spreading when group propagation is considered. For this purpose, two Erdős–Rényi and Barabási–Albert models of social networks are considered and it is shown that rumor spreading behavior in these networks have no significant differences when we have rumor propagation in groups. © 2018
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 13-18
Trust and reputation systems (TRSs) are used as decision making criterion in many modern systems. In these systems normally a set of agents cooperate with each other to achieve system/own goals based on ethical norms of the system. The security of a TRS against malicious agents who try to bypass the ethical norms of the system can be evaluated using simulation or verification techniques in which both of them need to have formal models of TRSs. There are a few works who tried to present formalisms for modeling TRSs; however most of them are either unsophisticated or improper for checking security properties. In this paper we introduce a formal model of an agent interaction system along with the underlying TRS which is capable of formalizing the attacker behaviors. The presented formalism is suitable to be used in simulation or verification schemes for analyzing the security and robustness of TRSs. To demonstrate the sufficiency and capabilities of our model, eBay reputation system as a famous TRS is formalized with the presented model. © 2017 IEEE.
Expert Systems with Applications (09574174)88pp. 327-337
Sharing cyber security information helps firms to decrease cyber security risks, prevent attacks, and increase their overall resilience. Hence it affects reducing the social security cost. Although previously cyber security information sharing was being performed in an informal and ad hoc manner, nowadays through development of information sharing and analysis centers (ISACs), cyber security information sharing has become more structured, regular, and frequent. This is while, the privacy risk and information disclosure concerns are still major challenges faced by ISACs that act as barriers in activating the potential impacts of ISACs. This paper provides insights on decisions about security investments and information sharing in consideration of privacy risk and security knowledge growth. By the latest concept i.e. security knowledge growth, we mean fusing the collected security information, adding prior knowledge, and performing extra analyses to enrich the shared information. The impact of this concept on increasing the motivation of firms for voluntarily sharing their sensitive information to authorities such as ISACs has been analytically studied for the first time in this paper. We propose a differential game model in which a linear fusion model for characterizing the process of knowledge growth via the ISAC is employed. The Nash equilibrium of the proposed game including the optimized values of security investment, and the thresholds of data sharing with the price of privacy are highlighted. We analytically find the threshold in which the gain achieved by sharing sensitive information outweighs the privacy risks and hence the firms have natural incentive to share their security information. Moreover, since in this case the threshold of data sharing and the security investment levels chosen in Nash equilibrium may be lower than social optimum, accordingly we design mechanisms which would encourage the firms and lead to a socially optimal outcome. The direct impact of the achieved results is on analyzing the way ISACs can convince firms to share their security information with them. © 2017 Elsevier Ltd
Applied Intelligence (0924669X)45(4)pp. 1066-1088
Automated program repair is still a highly challenging problem mainly due to the reliance of the current techniques on test cases to validate candidate patches. This leads to the increasing unreliability of the final patches since test cases are partial specifications of the software. In the present paper, an automated program repair method is proposed by integrating genetic programming (GP) and model checking (MC). Due to its capabilities to verify the finite state systems, MC is employed as an appropriate criterion for evolving programs to calculate the fitness in GP. The application of MC for the fitness evaluation, which is novel in the context of program repair, addresses an important gap in the current heuristic approaches to the program repair. Being focused on fault detection based on the desired aspects, it enables the programmers to detect faults according to the definition of properties. Creating a general method, this characteristic can be effectively customized for different domains of application and the corresponding faults. Apart from various types of faults, the proposed method is capable of handling concurrency bugs which are not the case in many general repair methods. To evaluate the proposed method, it was implemented as a tool, named JBF, to repair Java programs. To meet the objectives of the study, some experiments were conducted in which certain programs with known bugs were automatically repaired by the JBF tool. The obtained results are encouraging and remarkably promising. © 2016, Springer Science+Business Media New York.
Computers in Human Behavior (07475632)57pp. 274-291
Trust and reputation systems are classes of decision support tools which help detecting malicious behavior based on collecting ratings and opinions. Despite their advantages, these systems are vulnerable to some kinds of attacks in which the attacker can deceive the system using sequences of misleading behaviors. Robustness of reputation systems against these attacks are frequently investigated in the literature. However the existing works usually evaluate the robustness using a qualitative simulation method. Lack of a formal evaluation method and a quantitative measure of robustness make it hard to extend the results and to compare the systems precisely. This paper proposes a quantitative robustness measure for reputation systems based on a formal verification approach. Using the robustness measure and the verification method, a comprehensive benchmarking of a number of well-known reputation systems is presented which includes evaluation of the systems against basic and the worst case attacks. The results are used for ranking and classifying the systems. The studies show that robustness is not an absolute feature of a reputation model, but it also depends on the properties of the environment. The benchmarking results have been also used to indicate the proper environment for each class of systems/attacks. © 2015 Elsevier Ltd. All rights reserved.
Computer Journal (14602067)59(7)pp. 1005-1027
Nowadays, trust systems (TSs) are widely used for tackling dishonest entities in many modern environments. However, these systems are vulnerable to some kinds of attacks where attackers try to deceive the system using sequences of misleading behaviors and dishonest recommendations. A robust TS is expected to function properly even in the possibility of such attacks. To the best of our knowledge, simulation has been the main approach for evaluation of TSs so far, and there is no remarkable verification method for this aim. In this paper, a method for quantitative verification of TSs' robustness against malicious attackers is proposed. The proposed method consists of a formalism for specifying any given trust model named TS attack process that is cast into partially observable Markov decision process mathematical framework. The proposed method is capable of verifying TSs against both well-known attacks and the worst possible attack scenario. The method could also be used to help adjusting parameters of the given TS. Moreover, a quantitative robustness measure is introduced, which helps to compare the robustness of different TSs. To illustrate the applicability of the proposed method, a number of case studies for analysis and comparison of selected trust models (including Subjective Logic and REGRET) are presented. © 2015 The British Computer Society 2015.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025
MapReduce as a programming model for parallel data processing has been used in many open systems such as cloud computing and service-oriented computing. Collusive behavior of worker entities in MapReduce model can violate integrity concern of open systems. In this paper, a MapReduce-based algorithm for parallel collusion detection of malicious workers has been proposed. This algorithm uses a voting matrix that is represented as a list of voting values of different workers. Three phases of majority selection, correlation counting and correlation computing are designed and implemented in this paper. Preliminary results show that speedup of 1.8 and efficiency of about 70% is achieved using data set containing 2000 worker's votes. © 2015 IEEE.
Recently, many lightweight authentication schemes have been designed for RFID systems since the release of the EPC Class1 Generation2 (EPC-C1G2) standard. In 2013, Pang et al. proposed a novel secure RFID authentication protocol, named SRP+, and claimed that their scheme efficiently guarantees the tag privacy and satisfies the security requirements. But later, Wang et al. showed that SRP+ is vulnerable to de-synchronization attack and presented a simple disclosure attack which requires 216 off-line evaluations of a PRNG function. However, in this paper, we present another de-synchronization attack on the SRP+ based on toggling only one bit of the transferred random number. We also show that the attacker can retrieve all secret parameters at the cost of at most 24 CRC evaluations after eavesdropping two consecutive sessions. Given those secret parameters, it would be trivial to apply any other attack in the context of the protocol. To counteract such flaws, we revise the SRP+ to provide the claimed security properties. © 2015 IEEE.
Computer Communications (1873703X)62pp. 1-12
Abstract In the last decade, several gossip-based algorithms have been introduced for data aggregation in distributed systems. The main and common advantage of these algorithms is their robustness in dynamic and fault-prone environments. However, gossip-based algorithms are not robust in hostile environments. In such environments, some malicious nodes intentionally violate the normal execution of the algorithm to distort the aggregate value. In this paper, we focus on gossip-based averaging and try to improve the security of these algorithms. First, we revise existing gossip-based averaging algorithms to present a more secure algorithm called "Pull-Adjust." Then, we develop and examine a light, transparent, and fully distributed protection system to push back malicious nodes. The simulation results show that the proposed system considerably improves the performance of the Pull-Adjust algorithm in hostile environments. © 2015 Elsevier B.V. All rights reserved.
Wireless Personal Communications (1572834X)83(4)pp. 2607-2621
Due to the storage capacity and computational power restrictions of low-cost RFID tags based on the EPC-C1G2 standard, most of the existing authentication protocols seem too complicated to be appropriate for these tags; thus the design of authentication protocols compliant with the EPC-C1G2 standard is a big challenge. Recently, a lightweight mutual authentication protocol for RFID conforming to the EPC-C1G2 standard was proposed by Caballero-Gil et al. aiming to be used in VANETs. This scheme does not rely on RFID readers as they are portable. Instead, it bases security on trust in the server because all shared secrets are stored only by the tag and the server with no possible access by the reader at any time. In this paper, we prove that this scheme is vulnerable to de-synchronization attack and suffers from the information leakage with a complexity of about 216 offline PRNG evaluations which is completely affordable by a conventional adversary. In addition, we present a simple tag impersonation attack against this protocol. To counteract such flaws, we improve the Caballero-Gil et al. scheme to present a new RFID authentication protocol, entitled CG+, so that it provides the claimed security properties. © 2015, Springer Science+Business Media New York.
With the growth of systems complexity the need for verifying the behavior of systems is increasing. UML per se provides no means to check model consistency. However, UML models can be checked if they are converted into their equivalent formal representation. In this paper, we propose an approach based on Model-to-Text transformation to perform a semi-automatic mapping for verification of concurrent UML models using MERL language and MetaEdit+ tool. State machine is transformed into SMV model description and activity diagram is transformed into LTL formulas. Then, we use NuSMV model checker to verify the obtained formal specification. To evaluate the work, a case study of the ordering system is presented to illustrate our approach. A mapping method to check the consistency of state machines with related activity diagrams at early stages of system development is the main result of our work. © 2015 IEEE.
Wireless Networks (10220038)20(8)pp. 2543-2559
Achieving high data rate transmission, WiMAX has acquired noticeable attention by communication industry. One of the vulnerabilities of the WiMAX network which leads to DDoS attack is sending a high volume of ranging request messages to base station (BS) in the initial network entry process. In the initial network entry process, BS and subscriber station (SS) exchange management messages. Since some of these messages are not authenticated, malicious SSs can attack the network by exploiting this vulnerability which may increase the traffic load of the BS and prevent it from serving the SSs. So, detecting such attacks is one of the most important issues in such networks. In this research, an artificial neural network (ANN) based approach is proposed in order to detect DDoS attacks in IEEE 802.16 networks. Although lots of studies have been devoted to the detection of DDoS attack, some of them focus just on some statistical features of the traffic and some other focus on packets’ headers. The proposed approach exploits both qualitative and quantitative methods. It detects the attack by feeding some features of the network traffic under attack to an appropriate ANN structure. To evaluate the method, first a typical attacked network is implemented in OPNet simulator, and then by using the proposed system, the efficiency of the method is evaluated. The results show that by choosing suitable time series we can classify 93 % of normal traffic and 91 % of attack traffic. © 2014, Springer Science+Business Media New York.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 61-66
One of the necessities of high-speed Internet highways is the use of intrusion detection systems (IDSs). To this end, IDS should be able to process a high volume of traffic with limited resources. IDSs have improved significantly in recent years and they showed acceptable outcomes. However, there is no appropriate solution for high-speed networks. This paper proposes a solution for diagnosing denial of service (DoS) and port scan attacks as a layer of defense. The proposed method attains high speed rate using a parallel data structure to filter out DoS and port scan attacks from network traffic before entering the intrusion detection system. Attack filtering is based on statistical anomaly detection. The experimental results from implementing and evaluating the proposed method show acceptable records in both error rate and speed. © 2014 IEEE.
Computer Journal (14602067)58(10)pp. 2567-2582
In recent years, trust and reputation systems have gained much interest in many environments, such as e-market-places, web services, ad-hoc networks and multi-agent systems. Reputation models are responsible for computing the reputation rank of entities in a community or network based on collecting the opinions. Despite the popularity of reputation systems, they are vulnerable to different kinds of attacks. These attacks, which are a sequence of misleading behaviour performed by malicious entities, can simply lead the system to erroneous results. In this paper, we propose a novel method for quantitative verification of reputation systems against these types of attacks. In the proposed method, a reputation system is formally defined using three related models: reputation model, honest entities model and attacker model. The attackers are assumed to be agents who want to maximize their received rewards by abusing the system. The system is then formally evaluated using Markov Decision Process framework. The proposed method is capable of verifying the reputation systems against predefined attacks as well as discovering unknown attacks. The method can also find the worst possible attack plan against a given system. To illustrate the applicability of the proposed method, two case studies are presented for analysis and comparison of Beta and eBay reputation models. © 2014 The British Computer Society 2014. All rights reserved.
International Journal Of Information Security (16155270)13(4)pp. 391-402
Recently, gossip-based algorithms have received significant attention for data aggregation in distributed environments. The main advantage of gossip-based algorithms is their robustness in dynamic and fault-prone environments with unintentional faults such as link failure and channel noise. However, the robustness of such algorithms in hostile environments with intentional faults has remained unexplored. In this paper, we call attention to the risks which may be caused by the use of gossip algorithms in hostile environments, i.e., when some malicious nodes collude to skew aggregation results by violating the normal execution of the protocol. We first introduce a model of hostile environment and then examine the behavior of randomized gossip algorithms in this model using probabilistic analysis. Our model of hostile environment is general enough to cover a wide range of attacks. However, to achieve stronger results, we focus our analysis on fully connected networks and some powerful attacks. Our analysis shows that in the presence of malicious nodes, after some initial steps, randomized gossip algorithms reach a point at which the lengthening of gossiping is harmful, i.e., the average accuracy of the estimates of the aggregate value begins to decrease strictly. © 2013 Springer-Verlag Berlin Heidelberg.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 252-257
Collaborative filtering has been considerably successful in improving recommender systems both in the literature and commercial applications. Most of the algorithms designed up to now consider users' ratings equally and do not pay attention to the fact that users' interests or requirements might change over the time. In this paper a collaborative filtering based recommender system is designed which tries to find each user's interests to each group of items, thus resulting to a better prediction of ratings a user will give to an item in the near future. This goal is achieved through using the ratings' timestamp, predefined groups of items, and defining a new similarity measure among users. Unlike standard collaborative filtering methods and many new ones in which similarity between users is defined as a single number, in this research we define similarity between users as "group similarity" which is an array of similarity values between items of each group rated by two users. Predefined groups for items e.g. genres for movies, are used as groups for items. Also for calculating similarity, different weights will be dedicated to ratings of each user based on the ratings' timestamp, i.e. a rating with higher timestamp will receive a higher weight. Empirical tests show that our proposed algorithm works better than standard User-based and Item-based collaborative filtering methods in the case of predicting users' interests in the near future with higher precision. Also it is empirically shown that our algorithm works considerably well for cold-start users. © 2013 IEEE.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025
Reputation systems are responsible for computing the reputation rank of entities in a community or network based on collecting the opinions. Reputation systems have gained lots of interests in different environments such as P2P networks and e-market-places. Despite the popularity of reputation systems, they are vulnerable to different kinds of attacks which can simply lead the system to erroneous results. In this paper we propose a novel approach for quantitative verification of reputation models using Prism probabilistic model checker. We have applied the proposed method to Beta reputation system as a famous and widely used reputation model that is the base of many other recent reputation models. The proposed method is capable of verifying the reputation model for finding the worst possible attack scenario. Also it can be used to find a series of pre-defined attacks. To illustrate the proposed method, three case studies are also presented. © 2013 IEEE.
ADVANCES IN ARTIFICIAL INTELLIGENCE (03029743)6657pp. 301-312
In this paper we have proposed a context-aware reputation-based trust model for multi-agent environments. Due to the lack of a general method for recognition and representation of context notion, we proposed a functional ontology of context for evaluating trust (FOCET) as the building block of our model. In addition, a computational reputation-based trust model based on this ontology is developed. Our model benefits from powerful reasoning facilities and the capability of adjusting the effect of context on trust assessment. Simulation results shows that an appropriate context weight results in the enhancement of the total profit in open systems.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 152-157
Specific properties of MANETs results in basic differences between wired networks and wireless networks in security solutions. In recent years, trust models have established themselves as a main approach for security and performance improvement of sections of MANETs. Recent researches have used trust models for problems like routing, admission control and information sharing in MANETs. In spite of the considerable studies in this area, there remain several issues and challenges yet to be investigated. These include issues such as concern about application field of network, context and situations of network and the adaptability of trust models in various cases, all of which motivated the present study. In the first step a number of criteria were derived considering the inherent properties of trust and MANETs. Based on these criteria two trust levels with a variety of properties and behavior were introduced. Each level was useful for particular applications and situations. Next, Adaptive Multi Level Trust model called AMLeT was proposed using two complementary trust levels. AMLeT calculates trust in one level of hard or soft and updates calculated trust considering network field, modifications of context and situations with the passing of the time. AMLeT is extensible for different fields of network, applications and situations. Finally, in order to investigate AMLeT's performance and utility, AMLeT based AODV routing was improved. It was subject to evaluation with simulation tool. The results of simulation indicated overall improvement in the network performance without imposing particular overhead time in network operations. © 2011 IEEE.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (03029743)7038pp. 129-143
Distributed denial of service attacks are great security threats to computer networks, especially to large scale networks such as WiMAX. Detecting this kind of attack is not as easy as some other attacks, because the traffic created by attack is too similar to the traffic of the network in the normal case. So in this paper a novel framework is proposed to detect DDoS attack in IEEE802.16-based networks efficiently. The key idea of the proposed method is to exploit some statistical features of the incoming traffic. In fact we design a system in which some entropy-based features of the traffic are analyzed. Based on these features we decide whether the attack has occurred or not. Previous works have all focused on the entropy of IP address of the incoming packets, while in this system we have comprehensively considered some other entropybased features which help a lot in detecting the attack rather than just considering the entropy of the incoming IP addresses. Also in the proposed method we have tried to exploit the long range dependency of the traffic to detect the attack. The simulation results show that the proposed method can detect DDoS attacks efficiently. © 2011 Springer-Verlag.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 1-8
Trust is an interesting concept in modern computing environments such as pervasive computing, P2P networks, social networks, etc. There is a huge body of works on how to model and evaluate trust and how to decide based on it. However despite the importance of trust and its usages in some critical systems, verification and validation of trust systems have not been sufficiently considered yet. In this paper, a new method for modeling and verification of reputation-based trust systems using Colored Petri Nets is presented which is called TCPN. The proposed method results in proper models for simulation and verification using existing tools. A case study is also presented to illustrate the concepts and usages of TCPN. © 2011 IEEE.
International Journal of Innovative Computing, Information and Control (13494198)6(9)pp. 4219-4234
Scheduling is one of the core steps to efficiently exploit the capabilities of emergent computational systems such as grid. Grid environment is a dynamic, heterogeneous and unpredictable one sharing different services among many different users. Because of heterogeneous and dynamic nature of grid, the methods used in traditional systems could not be applied to grid scheduling and therefore new methods should be looked for. This paper represents a discrete Particle Swarm Optimization (DPSO) approach for grid job scheduling. PSO is a population based search algorithm based on the simulation of the social behavior of bird flocking and fish schooling. Particles fly in problem search space to find optimal or nearoptimal solutions. In this paper, the scheduler aims at minimizing makespan and flowtime simultaneously in grid environment. Experimental studies illustrate that the proposed method is more efficient and surpasses those of reported metaheuristic algorithms for this problem. © 2010 ICIC INTERNATIONAL.
Ontology matching finds correspondences between similar entities of different ontologies. Two ontologies may be similar in some aspects such as structure, semantic etc. Most ontology matching systems integrate multiple matchers to extract all the similarities that two ontologies may have. Thus, we face a major problem to aggregate different similarities. Some matching systems use experimental weights for aggregation of similarities among different matchers while others use machine learning approaches and optimization algorithms to find optimal weights to assign to different matchers. However, both approaches have their own deficiencies. In this paper, we will point out the problems and shortcomings of current similarity aggregation strategies and propose a new strategy, which enables us to utilize the structural information of ontologies to get weights of matchers for the similarity aggregation task. We have tested our similarity aggregation strategy on the OAEI 2009 data set. Experimental results show a significant accuracy in several cases, especially for matching the classes of ontologies. © 2010 IEEE.
Future Generation Computer Systems (0167739X)26(2)pp. 228-235
A computational grid is composed of a set of resource consumers and resources providers. Usually these entities are independent and making decisions autonomously based on their policies and resource allocation in such systems is a challenging problem. In such systems using market-like techniques for this problem regulates the supply and demand for resources, provides an incentive for providers, and motivates the users to trade-off between deadline, budget, and the required level of quality of service. In this paper, we introduce a continuous double auction method (CDA) for grid resource allocation in which resources are considered as provider agents and users as consumer agents. In our proposed method these entities are allowed to participate in a grid independently and make decisions autonomously. We study this method in terms of economic efficiency and system performance. Experimental results illustrate that the proposed method is efficient in terms of successful execution rates, resource utilization rates and fair profit allocation. © 2009 Elsevier B.V.
IET Information Security (17518709)4(4)pp. 397-410
The mobile agent security against malicious hosts is one of the most important subjects in mobile agent technology. An extended requirement for an agent security in different applications is to provide it with anonymity property in such a way that the agent can travel in the network without exposing its owner identity and its itinerary. For this purpose, an agent anonymity protocol is proposed to maintain the anonymity of the agent owner and the agent itinerary. The introduced anonymous agent is also applied to disarm the host against the agent instead of using an armed agent, that is, an agent equipped with protection mechanisms. The analytical discussion demonstrated that this protocol preserves the autonomy of the agent in choosing the migration path and is also resistant against known traffic analysis attacks in mobile agent systems with plausible assumption. Moreover, it is feasible and adjustable regarding the required level of anonymity. © 2010 The Institution of Engineering and Technology.
Computing and Informatics (25858807)29(3)pp. 407-426
This paper considers verification of the liveness property Live(.R, I, G) for a term rewrite system (TRS) R, where I (Initial states) and G (Good states) are two sets of ground terms represented by finite tree automata. Considering I and G, we transform R to a new TRS R' such that termination of R' proves the property Live(R,I,G).
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025
There are some software applications especially in privacy protection domain which they need anonymity support. Therefore lots of methods and protocols have been presented so far for providing this requirement. However no specific software development methodology has been yet provided for specification of anonymity requirements and consideration of anonymity as part of software design and implementation life cycle. In this paper we present a methodology for development of anonymity applications. The proposed methodology consists of three relevant phases named AnoModel, AnoUML, and AnoAPI. Requirement analysis and specification is based on AnoModel which is a conceptual model of anonymity. Also design and implementation phases are partially covered by AnoUML (which is an extension of UML for supporting anonymity design elements) and AnoAPI (which is a programming interface for implementing anonymity primitives) respectively. To show the applicability of the proposed methodology, two case studies of using it are presented. © 2010 ACM.
Torkladani, B.,
Shojaei, M.,
Movahhedinia, N.,
Shojaei, M.,
Movahhedinia, N.,
Torkladani, B. 2025 29th International Computer Conference, Computer Society of Iran, CSICC 20251pp. 279-283
High data rate transmissions in recent broadband wireless technologies such as WiMAX have caused them to be more vulnerable to security threats. Moreover, due to new application scopes, the security requirements of WiMAX networks have been escalated in this technology, transmission of high volume of Ranging Request (RNG-REQ) messages toward the base station (BS) can lead to exposure to Distributed Denial of Service (DDoS) attacks. In this paper, we present an analytical model for such attacks in Mobile WiMAX using so-called H parameter which has been used for traffic analysis in campus networks and Internet. A model for the traffic generated by this vulnerability is presented to detect DDoS attacks. © 2010 IEEE.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 131-138
Anonymity is an important issue in information security, which its main goal is to protect entities privacy in the systems. Different methods and protocols (with different types of anonymity services) have been developed so far to provide special anonymity requirements of applications. Each of these systems has been developed with different ad hoc approaches. In this paper we present a conceptual framework that makes specification, analysis and design of anonymity applications more systematic. To do this, first we go toward presenting a conceptual model of anonymity which can be used in clear description of different aspects of anonymity. Then we extract a list of anonymity primitives from the existing anonymity providing methods. These primitives are base functions which can be composed to form anonymity services to provide specified anonymity requirements of the system. Copyright 2009 ACM.
Torkladani, B.,
Izakian, H.,
Zamanifar, K.,
Abraham, A.,
Snášel, V.,
Izakian, H.,
Torkladani, B.,
Zamanifar, K.,
Abraham, A.,
Snášel, V. 2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 29-35
In this paper, we introduce a continuous double auction method for grid resource allocation in which resources are considered as provider agents and users as consumer agents. In each time step, each provider agent determines its requested value based on its workload and each consumer agent determines its bid value based on two constraints: the remaining time for bidding, and the remaining resources for bidding. We study this method in terms of economic efficiency and system performance. Experimental results show that the proposed method is better than Earliest Deadline First (EDF) method, which is a default strategy in many schedulers.
International Review on Computers and Software (discontinued) (18286003)4(6)pp. 627-632
Noise reduction is a major concern in digital image processing systems, which have been investigated by several techniques. One kind of important noises in images is known as Salt & Pepper, which may have different causes. In this paper a new approach for eliminating this type of noise is presented. The approach is different from all previous works in this field, and is based on classification. More precisely, it tries to classify pixels of an image to one of two categories: noisy or not noisy. Afterward, it employs a median filter for pixels which have been classified as noisy, and remains others unchanged; hence, edges and other fine details are kept. Experimental results show this sustaining capability of the proposed scheme both in visual inspection and numerical measurement. © 2009 Praise Worthy Prize S.r.l. - All rights reserved.
Communications in Computer and Information Science (18650937)31pp. 100-109
This paper represents a Particle Swarm Optimization (PSO) algorithm, for grid job scheduling. PSO is a population-based search algorithm based on the simulation of the social behavior of bird flocking and fish schooling. Particles fly in problem search space to find optimal or near-optimal solutions. In this paper we used a PSO approach for grid job scheduling. The scheduler aims at minimizing makespan and flowtime simultaneously. Experimental studies show that the proposed novel approach is more efficient than the PSO approach reported in the literature. © 2009 Springer Berlin Heidelberg.
Evaluating trust is a context-aware application that several models have been proposed for that in the literature. However, small numbers of these models are context-aware and each of them has its own specific context definition and representation. Due to the role of reputation as one of the main input factors for evaluating trust and lack of a general method for recognition and representation of the notion of context for reputation; we have proposed a context-aware ontological reputation model for evaluating trust in this paper. The proposed model can be used to build special services on a middleware layer which could be applied to different reputation-based trust evaluation models transparently to make them context-aware. Moreover, CORMET enables the interoperation of reputation-based trust models which use different internal context models.
Communications in Computer and Information Science (18650937)6pp. 745-748
In this paper, we will introduce a new approach for scoring Farsi (also called Persian) documents in a Persian Search engine. This approach is based on a new stemming method for Farsi language. Our new stemming method works without any dictionary. Evaluation results show significant improvement in performance (precision/ recall) of the Information Retrieval (IR) system using this stemmer. we have combine our stemming method with a mathematical scoring approach named FDS to obtain a powerful scoring policy for relevant documents in a Persian search engine. © 2008 Springer-Verlag.
Frontiers in Artificial Intelligence and Applications (09226389)177(1)pp. 87-98
Negotiation is a process between self-interested agents trying to reach an agreement on one or multiple issues in an ecommerce domain. The knowledge of an agent about the opponents' strategies improves the negotiation outcome. However, an agent negotiates with incomplete information about its opponent. Given this, to detect the opponent's strategy, we can use the similarity between opponents' strategies. In this paper we present a method for measuring the similarity between negotiators' strategies. Offers are generated by the agent's strategy therefore our similarity measure is based on the history of offers in negotiation sessions. We extended the Levenshtein distance technique to detect similarity between strategies. We implement this measure and experimentally show that the result of using the measure improves the recognition of the opponent's strategy. © 2008 The authors and IOS Press. All rights reserved.
Lecture Notes in Electrical Engineering (18761119)6pp. 297-307
Automated negotiation is a key form of interaction in complex systems composed of autonomous agents. Negotiation is a process of making offers and counteroffers, with the aim of finding an acceptable agreement [1]. The agents (negotiators) decide for themselves what actions they should perform, at what time, and under what terms and conditions [1, 2]. The outcome of the negotiation depends on several parameters such as the agents' strategies and the knowledge which one agent has about the opponents [2-5]. In recent years, the problem of modeling and predicting negotiator behavior has become increasingly important because this can be used to improve negotiation outcome and increase satisfaction of results [2-6]. In this chapter we consider the problem of defining strategies' similarity or distance between strategies. We start with the idea that similarity between negotiators should somehow reflect the amount of work that has to be done to convert one negotiation session to another. We formalize this notion as Levenshtein or edit distance [8, 9] between negotiations. We apply dynamic programming for computing the edit distances and show the resulting algorithm is efficient in practice. Indetail, the chapter is organized as follows. In Sect. 22.2 we present the problem in negotiations. The definition of similarity between negotiation strategies is given in Sect. 22.3. In Sect. 22.4 we review the negotiation protocol used in our experimentation. We use some negotiation strategies in our simulation discussed in Sect. 22.5. In Sect. 22.6 we present some results of computing similarity measures. Section 22.7 contains conclusions and remarks about future directions. © 2008 Springer Science+Business Media, LLC.
Journal of Applied Sciences (discontinued) (18125654)8(20)pp. 3561-3571
In this study, a formal model for specification of Access Control Policies (ACP) is represented. This model is capable of expressing several ACPs and combining them in a unified framework. We call present model Constrained Policy Graph (CPG), which is an extension of Take-Grant (TG) protection model. Although TG can be used to specify the ACPs but it represents the policies without any constraint (e.g., time, location, or any other restriction parameters). Furthermore, it hasn't ever been used for combining the policies and nested expression of them. In present proposed model, not only the policies can be constrained according to system requirements but also, it can be used for combining ACPs as well as their nested specification. Furthermore, ACPs can be verified conflicts or contradictions using this model. One of the main applications of the proposed model is specifying and combining the ACPs of web services and verifying their composed policies in web service composition. © 2008 Asian Network for Scientific Information.
2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 203-212
Web services are self-contained, modular units of application logic which provide business functionality to other applications via Internet connections. Several models have been used to compose Web services which are mainly served at specification level and provide static data dependent coordination processes. Hence they can not support reconfigurable dynamic coordination processes in which participant Web services and the coordination process itself will not be known explicitly prior to execution and would be determined dynamically at run time. In this paper we present a framework to coordinate Web services using Reo coordination language. Reo is a channel-based exogenous coordination language which has a formal basis and supports loose coupling, distribution, dynamic reconfiguration and mobility. Given that Web services are inherently loosely coupled and primarily built independently, the channel-based structure of Reo and its reconfigurability will provide a reconfigurable coordination mechanism for Web service composition. The proposed approach is a distributed dynamic orchestration framework which uses Reo channels as a communication means between Web services and benefits from Reo reconfiguration property to provide a dynamic coordination process. Due to data independence property of Reo, the proposed model is a data neutral framework which is mainly focused on coordination. In this paper we also present a number of case studies by using the proposed framework and investigate its pros and cons through these case studies. © 2007 IEEE.
Torkladani, B.,
Raji, F.,
Brenjkoub, M.,
Raji, F.,
Torkladani, B.,
Brenjkoub, M. 2025 29th International Computer Conference, Computer Society of Iran, CSICC 2025pp. 534-537
The mobile agent is desired to be able to roam autonomously and anonymously from one agent platform to another one. To achieve this aim, a novel secure protocol is proposed to provide anonymity of the agent owner as well as the agent itinerary. In the presented method, a set of trusted auxiliary hosts named as Mixers are employed to insert a transient fictitious owner in each step of the agent itinerary. The ability of the proposed protocol is analyzed and its resistance against traffic analysis attacks is illustrated. © 2007 IEEE.
Lecture Notes in Engineering and Computer Science (20780958)pp. 859-863
Negotiation is a process between self-interested agents in ecommerce trying to reach an agreement on one or multi issues. The outcome of the negotiation depends on several parameters such as the agents' strategies and the knowledge one agent has about the opponents. One way for discovering opponent's strategy is to find the similarity between strategies. In this paper we present a simple model for measuring the similarity of negotiators' strategies. Our measure is based only on the history of the offers during the sessions of negotiation and we use a notion of Levenshtein distance. We implement this measure and experimentally show that the result of using this measure can improve the recognition of negotiation strategy. Also, this measure can be used for modeling behaviors of negotiators and predictive decision-making.
Torkladani, B.,
Ghassemi, F.,
Bakhsh, N.N.,
Sirjani, M.,
Ghassemi, F.,
Bakhsh, N.N.,
Torkladani, B.,
Sirjani, M. 2025 29th International Computer Conference, Computer Society of Iran, CSICC 20252pp. 3028-3033
Multi agent systems are applied as a solution for distributed IT systems. Organizational concepts are usually applied to analyze and design such systems. Thus, a multi agent system can be seen as an organization which coordinates agent interactions. In this paper we propose a formal model to specify the coordination behavior of a multi agent system organization. This formal model enables the developers to have a cross checking between the agent interactions, the organizational structure and the coordination behavior of the organization. We can also apply this formal model to evaluate the system properties such as security. © 2006 IEEE.
Multi-agent systems are used as a solution for complex and distributed systems. Since agents are autonomous they can be coordinated exogenously by a coordination language Reo. Reo coordinates agents without having any knowledge about agents. We apply organizational concepts to analyze and design such systems. In this paper, we propose a formal model to specify the results achieved during these phases. This formal model helps in designing a coherent and consistent system. The formal model is applied to make the implementation of system by Reo systematically. We will specify and implement system by Reo according to the formal model. This paper also defines how to convert the formal specification to a Reo circuit by providing Reo circuits for the different patterns of interaction protocols and how to compose simpler circuits to support more complex patterns. © 2010.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (03029743)3502pp. 9-22
Passive testing of a network protocol is the process of detecting faults in the protocol implementation by passively observing its input/output behaviors (execution trace) without interrupting the normal network operations. In observing the trace, we can focus on the most expected relevant properties of the protocol specification by defining some invariants on the specification and checking them on the trace. While intuitive extraction of the invariants from the protocol requirements with respect to the control portion of the protocol system is relatively simple, taking the data portion into account is difficult. In this paper we propose algorithms for checking the correctness of given invariants on the specification and extracting the required constraints on the variables (data portion). Once we generate the constraints for a given invariant, we can check if the execution trace is confirmed by the specification with respect to the invariant and its constraints. We show the applicability of the algorithm on a case study: the simple connection protocol (SCP). © IFIP 2005.
