Aviad Cohen

Aviad Cohen
Ben-Gurion University of the Negev | bgu · Department of Information Systems Engineering

Ph.D student and a Researcher

About

23
Publications
4,417
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
541
Citations
Citations since 2017
16 Research Items
518 Citations
2017201820192020202120222023020406080100120
2017201820192020202120222023020406080100120
2017201820192020202120222023020406080100120
2017201820192020202120222023020406080100120
Introduction
I'm a researcher at the Cyber Security Research Center (CSRC) at Ben-Gurion University of the Negev, Israel. I began my Ph.D. studies in 2015 in BGU’s Department of Information Systems Engineering. My research is aimed at the development of a holistic analysis framework for the detection of malicious emails. I'm a co-author of several papers dealing with the detection of malicious documents. My main areas of interest are computer and cyber security, machine learning, and big data analytics.

Publications

Publications (23)
Article
Full-text available
Office documents are used extensively by individuals and organizations. Most users consider these documents safe for use. Unfortunately, Office documents can contain malicious components and perform harmful operations. Attackers increasingly take advantage of naive users and leverage Office documents in order to launch sophisticated advanced persis...
Article
Initial penetration is one of the first steps of an Advanced Persistent Threat (APT) attack, and it is considered one of the most significant means of initiating cyber-attacks aimed at organizations. Such an attack usually results in the loss of sensitive and confidential information. Because email communication is an integral part of daily busines...
Conference Paper
Email communication carrying malicious attachments or links is often used as an attack vector for initial penetration of the targeted organization. Existing defense solutions prevent executables from entering organizational networks via emails, therefore recent attacks tend to use non-executable files such as PDF. Machine learning algorithms have r...
Article
Full-text available
Attackers increasingly take advantage of naive users who tend to treat non-executable files casually, as if they are benign. Such users often open non-executable files although they can conceal and perform malicious operations. Existing defensive solutions currently used by organizations prevent executable files from entering organizational network...
Article
Steganography is the primary method by which individuals can communicate covertly; cryptography, on the other hand, fails at this, as it is possible to detect (the presence of) encrypted-communication. Steganalysis has been used to detect the presence of steganography and acts as a countermeasure to it. The ongoing race between image-steganography...
Article
With the growing sophistication of malware, the need to devise improved malware detection schemes is crucial. The packing of executable files, which is one of the most common techniques for code protection, has been repurposed for code obfuscation by malware authors as a means of evading malware detectors (mainly static analysis-based detectors). T...
Article
Most work in heuristic search focused on path finding problems in which the cost of a path in the state space is the sum of its edges' weights. This paper addresses a different class of path finding problems in which the cost of a path is the product of its weights. We present reductions from different classes of multiplicative path finding problem...
Article
Steganography is the art of embedding a confidential message within a host message. Modern steganography is focused on widely used multimedia file formats, such as images, video files, and Internet protocols. Recently, cyber attackers have begun to include steganography (for communication purposes) in their arsenal of tools for evading detection. S...
Article
With the digitization of almost every aspect of our lives, privacy leakage in cyber space has become a pressing concern. Brain Computer Interface (BCI) systems have become more popular in recent years and are now being used for a variety of applications. BCI data represents an individual’s brain activity at a given time. Like many other kinds of da...
Article
Full-text available
Today, cardiac implantable electronic devices (CIEDs), such as pacemakers and implantable cardioverter defibrillators (ICDs), play an increasingly important role in healthcare ecosystems as patient life support devices. Physicians control, program and configure CIEDs on a regular basis using a dedicated programmer device. The programmer device is o...
Article
This paper presents TrustSign, a novel, trusted automatic malware signature generation method based on high-level deep features transferred from a VGG-19 neural network model pretrained on the ImageNet dataset. While traditional automatic malware signature generation techniques rely on static or dynamic analysis of the malware's executable, our met...
Article
Full-text available
In recent years, cyber-attacks against individuals, businesses, and organizations have increased. Cyber criminals are always looking for effective vectors to deliver malware to victims in order to launch an attack. Images are used on a daily basis by millions of people around the world, and most users consider images to be safe for use; however, so...
Article
Today, most organizations employ cloud computing environments for both computational reasons and for storing their critical files and data. Virtual servers are an example of widely used virtual resources provided by cloud computing architecture. Therefore, virtual servers are considered an attractive target for cyber-attackers, who launch their att...
Article
Full-text available
Researchers from academia and the corporate-sector rely on scholarly digital libraries to access articles. Attackers take advantage of innocent users who consider the articles’ files safe and thus open PDF-files with little concern. In addition, researchers consider scholarly libraries a reliable, trusted, and untainted corpus of papers. For these...
Article
In recent years, cyber-attacks against businesses and organizations have increased. Such attacks usually result in significant damage to the organization, such as the loss and/or leakage of sensitive and confidential information. Because email communication is an integral part of daily business operations, attackers frequently leverage email as an...
Article
Most organizations today employ cloud-computing environments and virtualization technology; Due to their prevalence and importance in providing services to the entire organization, virtual-servers are constantly targeted by cyber-attacks, and specifically by malware. Existing solutions, consisting of the widely-used antivirus (AV) software, fail to...
Article
Cloud computing is one of today's most popular and important IT trends. Currently, most organizations use cloud computing services (public or private) as part of their computer infrastructure. Virtualization technology is at the core of cloud computing, and virtual resources, such as virtual servers, are commonly used to provide services to the ent...
Article
Researchers from academic institutions and the corporate sector rely heavily on scholarly digital libraries for accessing journal articles and conference proceedings. Primarily downloaded in the form of PDF files, there is a risk that these documents may be compromised by attackers. PDF files have many capabilities that have been widely used for ma...
Article
Attackers increasingly take advantage of innocent users who tend to casually open email massages assumed to be benign, carrying malicious documents. Recent targeted attacks aimed at organizations, utilize the new Microsoft Word documents (*.docx). Anti-virus software fails to detect new unknown malicious files, including malicious docx files. In th...

Network

Cited By