Publications

Undecidable Problems in Malware Analysis

Malware analysis is a challenging task in the theory as well as the practice of computer science. Many important problems in malware analysis have been shown to be undecidable. These problems include virus detection, detecting unpacking execution, matching malware samples against a set of given templates, and detecting trigger-based behavior. In the paper that is prepared by Prof. Dr. Ali Aydın Selçuk, Fatih Orhan and Berker Batur give a review of the undecidability results in malware analysis and discuss what can be done in practice. Related article can be examined here.

Conference

International Conference for Internet Technology and Secured Transactions , ICITST-2017

December, 2017

Authors
Prof. Dr. Ali Aydın Selçuk
Fatih Orhan
Berker Batur

KDD 2017 Best Paper Award and Best Student Paper Award for Applied Data Science rack

HinDroid: An Intelligent Android Malware Detection System Based on Structured Heterogeneous Information Network” paper prepared by Shifu Hou, Yanfang Ye, Yangqiu Song and Melih Abdulhayoglu. In the paper, to detect Android malware, instead of using Application Programming Interface (API) calls only, they further analyze the different relationships between them and create higher-level semantics which require more efforts for attackers to evade the detection. It has been selected as the KDD 2017 Best Paper, as well as the KDD 2017 Best Student Paper, for the Applied Data Science track. Related article can be examined here.

Conference

Conference on Knowledge Discovery and Data Mining, KDD 2017

August, 2017

Authors
Shifu Hou
Yanfang Ye
Yangqiu Song
Melih Abdulhayoglu

Spam Email Detection by Employing Machine Learning Methods over n-Gram Features of Email Hyperlink Texts

Within the scope of academic cooperation with Comodo and Assist. Prof. Dr. Murat Aydos and his colleagues form Hacettepe University, studies were conducted on Spam Email Detection by Employing Machine Learning Methods. Throughout the study, a novel, large scale dataset covering 140.000 hyperlink texts belonging to spam and ham emails has been used for feature extraction and performance evaluation. In order to generate the required vocabularies, unigram, bigram and trigram models have been examined. Next, three different machine learning methods (SVM, Naive Bayes as a non-active and SVM-Pegasos as an active learner method) have been employed to classify each link. According to the results, classification using trigram-based bag-of-words representation reaches up to 99% accuracy with at most 1% false-positive rate by outperforming unigram and bigram models. Apart from having high accuracy, the proposed approach also preserves the privacy of the customers since it does not require any kind of analysis on e-mail body contents.

Conference

The 11th IEEE International Conference AICT2017

September, 2017

Authors
Ahmet Selman Bozkır
Esra Sahin
Murat Aydos
Fatih Orhan

Mobile Malware Detection Using Deep Neural Network

Mobile Malware Detection Using Deep Neural Networks studies conducted by Assoc. Prof. Dr. Ali Gökhan Yavuz and his student İrfan Bulut from Yildiz Technical University is one of the successful studies carried out under Comodemia. In this study, we present a novel model based on deep learning for the prediction of mobile malware without requiring execution in a sandbox environment. Application permissions were used as features. After optimizing their weights with automatic encoder and they were classified with a multilayer perceptron with an accuracy of 93.67%.

Conference

Signal Processing and Communications Applications Conference (SIU)

May, 2017

Authors
Irfan Bulut
A. Gökhan Yavuz

METU Cyber Defense and Security R&D Lab: CyDeS

The CyDeS Laboratory was established under the METU Informatics Institute in Mid-2014, with the support of Comodo Group, Inc., one of the leading companies in the world in the field of information technology and security certification. Since then, CyDeS has consolidated a substantial amount of ongoing research related to cybersecurity being carried out at METU, in addition to guiding and sponsoring new research projects. Cydes has been hosting International Symposium on Cyber Defense & Security Conference at the METU Informatics Institute. The event brought together distinguished guests from all backgrounds: including public, private and academic circles. In this regard, it was very important for achieving CyDeS vision for leading cyber security research by bridging researchers with the companies that are active in the field.

Zero-day Malware detection by Ensemble based Hybridization of Static and Dynamic Malware Detection Techniques

Zero Day Malware Detection by Ensemble Based Hybridization for Static and Dynamic Malware Detection Techniques presentation is done by Mesut Kaya, Berker BATUR and Tamer Tavaslıoğlu. The related study can be examined here.

Reconfigurable Framework for Remote Monitoring and Management of Computer Systems

Within the cooperation with academia, “Reconfigurable Framework for Remote Monitoring and Management of Computer Systems" article is prepared by Assoc. Prof. Dr. Halit Oğuztüzün from Orta Doğu Technical University Computer Engineering Department and Gülşah Yalçın from Comodo. Remote Monitoring and Management systems are information technology software tools to organize and manage client workstations. They are used by many companies that are willing to minimize their labor cost, collect and measure the data of a variety of clients, administrate them from a single point, in a reliable and secure way. Dynamic profile deployment, dynamic reconfiguration of monitors in response to changes in clients’ profiles and creating notifications or running a procedure on the fly are the main features of remote monitoring systems which can be fully expressed by Dynamic Software Product Line Approach. Reconfigurable Framework for Remote Monitoring and Management of Computer Systems aims to provide IT service providers with a dynamically reconfigurable, reusable and easy to define smart monitoring and measurement mechanism.