Currently, there are many attacks and exploitation to Android smartphones by the attackers all over the world. These attacks are based on profit and caused loss of money and productivity to the victim. This exploitation can be done via camera, SMS, call, audio, image or location exploitation by attacking the system call, permission or API inside the Android smartphone. Therefore, this paper presents 32 mobile malware classification based on system call and permission to detect camera exploitation for Android smartphone. The experiment was conducted in a controlled lab environment, by applying reverse engineering with 5560 training dataset from Drebin, where both static and dynamic analyses were used to identify and extract the permission and system call from the mobile applications (apps). These 32 classification have been evaluated with 500 mobile apps from Google Play Store and 19 mobile apps matched with the classification. This new classification can be used as the database and input for the development of new mobile malware detection model for camera exploitation.

Individual user and organizations benefit from cloud computing services, which allow permanent online storage of files. The problem occurs when companies store highly confidential documents in cloud servers. Therefore, this paper aims to introduce a backbone structure for a cloud storage system where the security and personal privacy is highly maximized. It is very obvious that cloud computing servers are highly protected against unauthorized access, but in some cases these files stored can be accessible by the maintenance staffs. Fully protection is needed to ensure that the files stored in the server are only accessible to owners. This paper proposes a system that will employ Rivest-Shamir-Adleman (RSA) and Advanced Encryption Standard (AES) combination encryption process using USB device. The files may be accessed in the cloud but all the files will remain encrypted till the USB device is plugged into the computer. The point of applying such method is to fully protect the files and avoid using one single password. The randomly generated passkeys are very complex combinations thus user will not be able to fully memorize them. The proposed system will detect the USB that contains the private-key used for the files to be downloaded from the cloud.

Skew detection and correction of documents is a problematic step in document image analysis. Many methods have been proposed by researchers for estimating the angle at which a document image is rotated (document skew) in binary image documents. Therefore, this paper aims to evaluate the most frequently skew detection techniques cited in the literature which are (i) Projection Profile Analysis (PP), (ii) Hough Transform (HT) and (iii) Nearest Neighbour (NN). This study points out the weaknesses and the strengths of each method and compares the performance of these methods in term of speed and accuracy. The evaluation result shows that in term of speed, the NN technique achieves the fastest time. However, NN performs poorly for the accuracy estimation. PP gives the best angle estimation even though it takes the longest time to execute. Hence, this finding can be used as the basis evaluation review for image analysis researchers in improving the existing technique of skew detection and recommend algorithm with a better accuracy in a shorter time.

Prior conducting malware analysis, many researchers were facing difficulties to clean up the dataset and they took longer time to complete these processes due to lack of malware dataset that are free from any noise or any irrelevant data and lack of malware analysis skill. Therefore, an efficient Easy Computer Emergency Response Team Malware Reservoir System (eZCERT) has been developed to overcome such problems. It is a comprehensive and an efficient malwares incident handling system where it consists of standard operating procedures (SOP) for malware incident handling. It also has the capability to detect and respond to malware attacks. Furthermore, the novelty of this system is based on the integration of the incident response, apoptosis, case-based reasoning (CBR) and Knowledge Data Discovery (KDD). The evaluation testing result showed that the eZCERT managed to produce a better accuracy detection rate. Hence, this eZCERT can he used as the basis guideline for malware researchers in building malware dataset and doing malware analysis.

Authentication plays a significant role in computer security to validate human users. CAPTCHA is one of human interaction proof test to verify whether user is a human or a computer program. It has become a very popular security mechanism used to prevent any automated abuse of online services which is intended for human user. The test usually is provided in the authentication phase where the user will be directed to the next page if they are authorized. From the login site, an attacker creates a program exploiting the username and password to get into a website. Recently, there are a lot of different types of CAPTCHA available on the internet. However, most of them have been successfully attacked by automated programs. Thus, this paper investigates existing related works on CAPTCHA which focus on login authentication and authorization by proposes a different approach using Jawi script. Based on investigations of the systematic review and preliminary findings, it shows that this is the first work that proposed using a different script and possible future directions for producing more reliable human/computer distinguishers. Future works will develop an alternative and stronger CAPTCHA to prevent breaking cyber-attack such as dictionary attack while maintaining ease of implementation on website and ease of use for human by reducing the difficulties on reading the CAPTCHA.

The increasing number of smartphone over the last few years reflects an impressive growth in the number of advanced malicious applications targeting the smartphone users. Recently, Android has become the most popular operating system opted by users and the most targeted platform for smartphone malware attack. Besides, current mobile malware classification and detection approaches are relatively immature as the new advanced malware exploitation and threats are difficult to be detected. Therefore, an efficient approach is proposed to improve the performance of the mobile malware classification and detection. In this research, a new system call classification with call logs exploitation for mobile attacks has been developed using tokenization approach. The experiment was conducted using static and dynamic-based analysis approach in a controlled lab. System calls with call logs exploitation from 5560 Drebin samples were extracted and further examined. This research paper aims to find the best n value and classifier in classifying the dataset based on the new patterns produced. Naive Bayes classifier has successfully achieved accuracy of 99.86% which gives the best result among other classifiers. This new system call classification can be used as a guidance and reference for other researchers in the same field for security against mobile malware attacks targeted to call logs exploitation.

The invention of smartphone have made life easier as it is capable of providing important functions used in user's daily life. While different operating system (OS) platform was built for smartphone, Android has become one of the most popular choice. Nonetheless, it is also the most targeted platform for mobile malware attack causing financial loss to the victims. Therefore, in this research, the exploitation on system calls in Android OS platform caused by mobile malware that could lead to financial loss were examined. The experiment was conducted in a controlled lab environment using open source tools by implementing dynamic analysis on 1260 datasets from the Android Malware Genome Project. Based on the experiment conducted, a new system call classification to exploit call logs for mobile attacks has been developed using Covering Algorithm. This new system call classification can be used as a reference for other researcher in the same field to secure against mobile malware attacks by exploiting call logs. In the future, this new system call classification could be used as a basis to develop a new model to detect mobile attacks exploitation via call logs.

The Huber Markov Random Field (H-MRF) has been proposed for image resolution enhancement as a preferable alternative to Gaussian Random Markov Fields (G-MRF) for its ability to preserve discontinuities in the image. However, its performance relies on a good choice of a regularisation parameter. While automating this choice has been successfully tackled for G-MRF, the more sophisticated form of H-MRF makes this problem less straightforward. In this paper we develop an approximate solution to this problem, by upper-bounding the partition function of the H-MRF. We demonstrate the working and flexibility of our approach in image super-resolution experiments.

Existing steganography methods are still lacking in terms of capacity. Hence, a new steganography method for Arabic text is proposed. The method hides secret information bits within Arabic letters using two features, which are the moon and sun letters and the redundant Arabic extension character "-" known as Kashida. The Arabic alphabet contains 28 letters, which are classified into 14 sun letters and 14 moon letters. This classification is based on the way these letters affect the pronunciation of the definite article (SIC) at the beginning of words. This method uses the sun letters with one extension to hold the secret bits, 01., the sun letters with two extensions to hold the secret bits, 10., the moon letters with one extension to hold the secret bits, 00. and the moon letters with two extensions to hold the secret bits, 11.. The capacity performance of the proposed method is then compared to three popular text steganographic methods. Capacity is measured based on two factors which are Embedding Ratio (ER) and The Efficiency Ratio (TER). The results show that the Letter Points and Extensions Method produces 24.91% and 21.56% as the average embedding ratio and the average efficiency ratio correspondingly. For the Two Extensions, Kashida. Character Method, the results for the average embedding ratio and the efficiency ratio are 56.76% and 41.81%. For the Text Using Kashida Variation Algorithm method, the average embedding ratio and the average efficiency ratio are 31.61% and 27.82% respectively. Meanwhile, the average embedding ratio and the efficiency ratio for the Proposed Method are 61.16% and 55.70%. Hence, it is concluded that the Proposed Method outweighs the other three methods in terms of their embedding ratio and efficiency ratio which leads to the conclusion that the Proposed Method could provide higher capacity than the other methods.

Most of the existing techniques on relation extraction focus on extracting relation between subject, predicate and object in a single sentence. However, these techniques unable to handle the situation when the text has sentences that are incomplete: either does not have or unclear subject or object in sentence (i.e. "unsure" value). Thus this does not properly represent the domain text. This paper proposes an approach to predict and identify the unsure value to complete the sentences in the domain text. The proposed approach is based on the probability theory to identify terms (i.e., subject or object) that are more likely to replace the "unsure" value. We use voting machine domain text as a case study.