no code implementations • 7 Sep 2022 • Mohammad Naseri, Yufei Han, Enrico Mariconti, Yun Shen, Gianluca Stringhini, Emiliano De Cristofaro
Modern defenses against cyberattacks increasingly rely on proactive approaches, e. g., to predict the adversary's next actions based on past events.
no code implementations • 28 Feb 2022 • Harel Berger, Chen Hajaj, Enrico Mariconti, Amit Dvir
The changes in the ratio between benign and malicious samples have a clear effect on each one of the models, resulting in a decrease of more than 40% in their detection rate.
no code implementations • 24 May 2019 • Yun Shen, Enrico Mariconti, Pierre-Antoine Vervier, Gianluca Stringhini
With the increased complexity of modern computer attacks, there is a need for defenders not only to detect malicious activity as it happens, but also to predict the specific steps that will be taken by an adversary when performing an attack.
no code implementations • 9 Mar 2018 • Lucky Onwuzurike, Mario Almeida, Enrico Mariconti, Jeremy Blackburn, Gianluca Stringhini, Emiliano De Cristofaro
Aiming to counter them, detection techniques based on either static or dynamic analysis that model Android malware, have been proposed.
Cryptography and Security
no code implementations • 20 Nov 2017 • Lucky Onwuzurike, Enrico Mariconti, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, Gianluca Stringhini
Aiming to assess whether MaMaDroid's effectiveness mainly stems from the API abstraction or from the sequencing modeling, we also evaluate a variant of it that uses frequency (instead of sequences), of abstracted API calls.
no code implementations • 13 Dec 2016 • Enrico Mariconti, Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, Gianluca Stringhini
Finally, we compare against DroidAPIMiner, a state-of-the-art system that relies on the frequency of API calls performed by apps, showing that MaMaDroid significantly outperforms it.
Cryptography and Security