Currently, we saw the increment trend of mobile application(app) exploitation that leads to loss of confidential information and money. Many malware camouflages itself as a genuine mobile app or exploits vulnerabilities inside mobile apps. Hence, this paper presents a mobile app called CallDetect that detects Android Application Interface (API) exploitation for call logs inspired by apoptosis. Apoptosis is known as cell-programmed death, and it is part of the human immunology system. Once it suspects any danger that might cause any harm to the human body, it will kill the suspected danger and itself. In the case of CallDetect, it will scan and uninstall the potentially malicious mobile application on a mobile phone. CallDetect consists of 13 new classifications of API call log, which are used as the database for CallDetect. These classifications were built by using static analysis and open source tools in a controlled lab environment. There were 5560 training datasets from Drebin and 550 anonymous testing dataset from Google Playstore. Our finding showed that 39 mobile apps, or 7%, were identified with possible call log exploitation. This paper can be used as a reference for call log API exploitation and can be further enhanced by integrating it with permission and system call exploitation.

This paper introduces a new approach in countermeasuring XML signature wrapping attack called the Spatial Signature Algorithm (SSA). The motivation for proposing the SSA approach is due to the limitation of the SOAP (Simple Object Access Protocol) in handling the XML signature wrapping attacks. A different strategy is to be planned in order to deter such attack without extensive computational expense. Spatial Signature Algorithm builds upon the notion of ratio signature that is recommended by a research in biotechnology. The research suggests the possibility of diagnosing a specific disease based on the idea of ratios, specifically on the comparative relationship between elements to detect the emergence of certain threats. Bridging this notion to security, the principle of using space and ratio to detect abnormality is extended to the application of spatial information and digital signature to detect and combat the XML wrapping signature attack.