* update 2024-02-07 06:15:43

arXiv_db/Malware/2024.md

@@ -262,3 +262,51 @@
 
 </details>
 
+<details>
+
+<summary>2024-02-03 17:36:05 - Unveiling Human Factors and Message Attributes in a Smishing Study</summary>
+
+- *Daniel Timko, Daniel Hernandez Castillo, Muhammad Lutfor Rahman*
+
+- `2311.06911v3` - [abs](http://arxiv.org/abs/2311.06911v3) - [pdf](http://arxiv.org/pdf/2311.06911v3)
+
+> With the booming popularity of smartphones, threats related to these devices are increasingly on the rise. Smishing, a combination of SMS (Short Message Service) and phishing has emerged as a treacherous cyber threat used by malicious actors to deceive users, aiming to steal sensitive information, money or install malware on their mobile devices. Despite the increase in smishing attacks in recent years, there are very few studies aimed at understanding the factors that contribute to a user's ability to differentiate real from fake messages. To address this gap in knowledge, we have conducted an online survey on smishing detection with 214 participants. In this study, we presented them with 16 SMS screenshots and evaluated how different factors affect their decision making process in smishing detection. Next, we conducted a follow-up survey to garner information on the participants' security attitudes, behavior and knowledge. Our results highlighted that attention and security behavioral scores had a significant impact on participants' accuracy in identifying smishing messages. Interestingly, we found that participants had more difficulty identifying real messages from fake ones, with an accuracy of 65.6% with fake messages and 44.6% with real messages. Our study is crucial in developing proactive strategies to encounter and mitigate smishing attacks. By understanding what factors influence smishing detection, we aim to bolster users' resilience against such threats and create a safer digital environment for all.
+
+</details>
+
+<details>
+
+<summary>2024-02-04 04:01:04 - Malware Detection in IOT Systems Using Machine Learning Techniques</summary>
+
+- *Ali Mehrban, Pegah Ahadian*
+
+- `2312.17683v2` - [abs](http://arxiv.org/abs/2312.17683v2) - [pdf](http://arxiv.org/pdf/2312.17683v2)
+
+> Malware detection in IoT environments necessitates robust methodologies. This study introduces a CNN-LSTM hybrid model for IoT malware identification and evaluates its performance against established methods. Leveraging K-fold cross-validation, the proposed approach achieved 95.5% accuracy, surpassing existing methods. The CNN algorithm enabled superior learning model construction, and the LSTM classifier exhibited heightened accuracy in classification. Comparative analysis against prevalent techniques demonstrated the efficacy of the proposed model, highlighting its potential for enhancing IoT security. The study advocates for future exploration of SVMs as alternatives, emphasizes the need for distributed detection strategies, and underscores the importance of predictive analyses for a more powerful IOT security. This research serves as a platform for developing more resilient security measures in IoT ecosystems.
+
+</details>
+
+<details>
+
+<summary>2024-02-04 20:23:15 - Evading Deep Learning-Based Malware Detectors via Obfuscation: A Deep Reinforcement Learning Approach</summary>
+
+- *Brian Etter, James Lee Hu, Mohammedreza Ebrahimi, Weifeng Li, Xin Li, Hsinchun Chen*
+
+- `2402.02600v1` - [abs](http://arxiv.org/abs/2402.02600v1) - [pdf](http://arxiv.org/pdf/2402.02600v1)
+
+> Adversarial Malware Generation (AMG), the generation of adversarial malware variants to strengthen Deep Learning (DL)-based malware detectors has emerged as a crucial tool in the development of proactive cyberdefense. However, the majority of extant works offer subtle perturbations or additions to executable files and do not explore full-file obfuscation. In this study, we show that an open-source encryption tool coupled with a Reinforcement Learning (RL) framework can successfully obfuscate malware to evade state-of-the-art malware detection engines and outperform techniques that use advanced modification methods. Our results show that the proposed method improves the evasion rate from 27%-49% compared to widely-used state-of-the-art reinforcement learning-based methods.
+
+</details>
+
+<details>
+
+<summary>2024-02-05 12:31:19 - Unraveling the Key of Machine Learning Solutions for Android Malware Detection</summary>
+
+- *Jiahao Liu, Jun Zeng, Fabio Pierazzi, Lorenzo Cavallaro, Zhenkai Liang*
+
+- `2402.02953v1` - [abs](http://arxiv.org/abs/2402.02953v1) - [pdf](http://arxiv.org/pdf/2402.02953v1)
+
+> Android malware detection serves as the front line against malicious apps. With the rapid advancement of machine learning (ML), ML-based Android malware detection has attracted increasing attention due to its capability of automatically capturing malicious patterns from Android APKs. These learning-driven methods have reported promising results in detecting malware. However, the absence of an in-depth analysis of current research progress makes it difficult to gain a holistic picture of the state of the art in this area.   This paper presents a comprehensive investigation to date into ML-based Android malware detection with empirical and quantitative analysis. We first survey the literature, categorizing contributions into a taxonomy based on the Android feature engineering and ML modeling pipeline. Then, we design a general-propose framework for ML-based Android malware detection, re-implement 12 representative approaches from different research communities, and evaluate them from three primary dimensions, i.e., effectiveness, robustness, and efficiency. The evaluation reveals that ML-based approaches still face open challenges and provides insightful findings like more powerful ML models are not the silver bullet for designing better malware detectors. We further summarize our findings and put forth recommendations to guide future research.
+
+</details>
+