Currently, mobile botnet attacks have shifted from computers to smartphones due to its functionality, ease to exploit, and based on financial intention. Mostly, it attacks Android due to its popularity and high usage among end users. Every day, more and more malicious mobile applications (apps) with the botnet capability have been developed to exploit end users' smartphones. Therefore, this paper presents a new mobile botnet classification based on permission and Application Programming Interface (API) calls in the smartphone. This classification is developed using static analysis in a controlled lab environment and the Drebin dataset is used as the training dataset. 800 apps from the Google Play Store have been chosen randomly to test the proposed classification. As a result, 16 permissions and 31 API calls that are most related with mobile botnet have been extracted using feature selection and later classified and tested using machine learning algorithms. The experimental result shows that the Random Forest Algorithm has achieved the highest detection accuracy of 99.4% with the lowest false positive rate of 16.1% as compared to other machine learning algorithms. This new classification can be used as the input for mobile botnet detection for future work, especially for financial matters.

Currently, there are many attacks and exploitation to Android smartphones by the attackers all over the world. These attacks are based on profit and caused loss of money and productivity to the victim. This exploitation can be done via camera, SMS, call, audio, image or location exploitation by attacking the system call, permission or API inside the Android smartphone. Therefore, this paper presents 32 mobile malware classification based on system call and permission to detect camera exploitation for Android smartphone. The experiment was conducted in a controlled lab environment, by applying reverse engineering with 5560 training dataset from Drebin, where both static and dynamic analyses were used to identify and extract the permission and system call from the mobile applications (apps). These 32 classification have been evaluated with 500 mobile apps from Google Play Store and 19 mobile apps matched with the classification. This new classification can be used as the database and input for the development of new mobile malware detection model for camera exploitation.

Individual user and organizations benefit from cloud computing services, which allow permanent online storage of files. The problem occurs when companies store highly confidential documents in cloud servers. Therefore, this paper aims to introduce a backbone structure for a cloud storage system where the security and personal privacy is highly maximized. It is very obvious that cloud computing servers are highly protected against unauthorized access, but in some cases these files stored can be accessible by the maintenance staffs. Fully protection is needed to ensure that the files stored in the server are only accessible to owners. This paper proposes a system that will employ Rivest-Shamir-Adleman (RSA) and Advanced Encryption Standard (AES) combination encryption process using USB device. The files may be accessed in the cloud but all the files will remain encrypted till the USB device is plugged into the computer. The point of applying such method is to fully protect the files and avoid using one single password. The randomly generated passkeys are very complex combinations thus user will not be able to fully memorize them. The proposed system will detect the USB that contains the private-key used for the files to be downloaded from the cloud.

Audio steganography allows and inspires many researchers to design methods for secure communication. Based on the evaluation on the existing methods, it was found that most methods focused on one or two requirements while disregarding others, causing imbalanced performance. Moreover, most methods lack adaptivity and dynamic allocation. Therefore, in this research, a method called Adaptive Multi-level Phase Coding (AMPC) was proposed to optimize the above issues. The reverse logic of the main tradeoffs was used to empirically design several embedding levels that that simultaneously attained good performance for all aspects as much as possible. Then, an adaptive component was added by selecting the embedding level that provided the best performance for each embedding process. Moreover, the error spreading factor was introduced to achieve a fair payload distribution. The performance balance objective requires a new formulation that will enable the accurate selection of the degree of modification, multiple-bit embedding per modification, and reduced retrieval errors. As a result, the interval centering quantization (ICQ) was formulated and implemented in the proposed method. The experimental results show that AMPC successfully fulfilled the research objectives. Also, AMPC surpassed other phase coding methods in all aspects while time-domain methods achieved the highest transparency and capacity with the lowest robustness. Moreover, experiments show that the implementation of adaptive multi-level concept is able to improve the existing method's performance significantly. In summary, AMPC was able to achieve a stable embedding rate of 33 Kbps at 35 dB of SNR, which is higher than the recorded embedding rate of other phase coding methods.

Prior conducting malware analysis, many researchers were facing difficulties to clean up the dataset and they took longer time to complete these processes due to lack of malware dataset that are free from any noise or any irrelevant data and lack of malware analysis skill. Therefore, an efficient Easy Computer Emergency Response Team Malware Reservoir System (eZCERT) has been developed to overcome such problems. It is a comprehensive and an efficient malwares incident handling system where it consists of standard operating procedures (SOP) for malware incident handling. It also has the capability to detect and respond to malware attacks. Furthermore, the novelty of this system is based on the integration of the incident response, apoptosis, case-based reasoning (CBR) and Knowledge Data Discovery (KDD). The evaluation testing result showed that the eZCERT managed to produce a better accuracy detection rate. Hence, this eZCERT can he used as the basis guideline for malware researchers in building malware dataset and doing malware analysis.

Authentication plays a significant role in computer security to validate human users. CAPTCHA is one of human interaction proof test to verify whether user is a human or a computer program. It has become a very popular security mechanism used to prevent any automated abuse of online services which is intended for human user. The test usually is provided in the authentication phase where the user will be directed to the next page if they are authorized. From the login site, an attacker creates a program exploiting the username and password to get into a website. Recently, there are a lot of different types of CAPTCHA available on the internet. However, most of them have been successfully attacked by automated programs. Thus, this paper investigates existing related works on CAPTCHA which focus on login authentication and authorization by proposes a different approach using Jawi script. Based on investigations of the systematic review and preliminary findings, it shows that this is the first work that proposed using a different script and possible future directions for producing more reliable human/computer distinguishers. Future works will develop an alternative and stronger CAPTCHA to prevent breaking cyber-attack such as dictionary attack while maintaining ease of implementation on website and ease of use for human by reducing the difficulties on reading the CAPTCHA.

The increasing number of smartphone over the last few years reflects an impressive growth in the number of advanced malicious applications targeting the smartphone users. Recently, Android has become the most popular operating system opted by users and the most targeted platform for smartphone malware attack. Besides, current mobile malware classification and detection approaches are relatively immature as the new advanced malware exploitation and threats are difficult to be detected. Therefore, an efficient approach is proposed to improve the performance of the mobile malware classification and detection. In this research, a new system call classification with call logs exploitation for mobile attacks has been developed using tokenization approach. The experiment was conducted using static and dynamic-based analysis approach in a controlled lab. System calls with call logs exploitation from 5560 Drebin samples were extracted and further examined. This research paper aims to find the best n value and classifier in classifying the dataset based on the new patterns produced. Naive Bayes classifier has successfully achieved accuracy of 99.86% which gives the best result among other classifiers. This new system call classification can be used as a guidance and reference for other researchers in the same field for security against mobile malware attacks targeted to call logs exploitation.

The invention of smartphone have made life easier as it is capable of providing important functions used in user's daily life. While different operating system (OS) platform was built for smartphone, Android has become one of the most popular choice. Nonetheless, it is also the most targeted platform for mobile malware attack causing financial loss to the victims. Therefore, in this research, the exploitation on system calls in Android OS platform caused by mobile malware that could lead to financial loss were examined. The experiment was conducted in a controlled lab environment using open source tools by implementing dynamic analysis on 1260 datasets from the Android Malware Genome Project. Based on the experiment conducted, a new system call classification to exploit call logs for mobile attacks has been developed using Covering Algorithm. This new system call classification can be used as a reference for other researcher in the same field to secure against mobile malware attacks by exploiting call logs. In the future, this new system call classification could be used as a basis to develop a new model to detect mobile attacks exploitation via call logs.

Existing steganography methods are still lacking in terms of capacity. Hence, a new steganography method for Arabic text is proposed. The method hides secret information bits within Arabic letters using two features, which are the moon and sun letters and the redundant Arabic extension character "-" known as Kashida. The Arabic alphabet contains 28 letters, which are classified into 14 sun letters and 14 moon letters. This classification is based on the way these letters affect the pronunciation of the definite article (SIC) at the beginning of words. This method uses the sun letters with one extension to hold the secret bits, 01., the sun letters with two extensions to hold the secret bits, 10., the moon letters with one extension to hold the secret bits, 00. and the moon letters with two extensions to hold the secret bits, 11.. The capacity performance of the proposed method is then compared to three popular text steganographic methods. Capacity is measured based on two factors which are Embedding Ratio (ER) and The Efficiency Ratio (TER). The results show that the Letter Points and Extensions Method produces 24.91% and 21.56% as the average embedding ratio and the average efficiency ratio correspondingly. For the Two Extensions, Kashida. Character Method, the results for the average embedding ratio and the efficiency ratio are 56.76% and 41.81%. For the Text Using Kashida Variation Algorithm method, the average embedding ratio and the average efficiency ratio are 31.61% and 27.82% respectively. Meanwhile, the average embedding ratio and the efficiency ratio for the Proposed Method are 61.16% and 55.70%. Hence, it is concluded that the Proposed Method outweighs the other three methods in terms of their embedding ratio and efficiency ratio which leads to the conclusion that the Proposed Method could provide higher capacity than the other methods.

Most of the existing techniques on relation extraction focus on extracting relation between subject, predicate and object in a single sentence. However, these techniques unable to handle the situation when the text has sentences that are incomplete: either does not have or unclear subject or object in sentence (i.e. "unsure" value). Thus this does not properly represent the domain text. This paper proposes an approach to predict and identify the unsure value to complete the sentences in the domain text. The proposed approach is based on the probability theory to identify terms (i.e., subject or object) that are more likely to replace the "unsure" value. We use voting machine domain text as a case study.