Madihah Mohd Saudi

• Universiti Sains Islam Malaysia

The "DAMAI 2024: Empowering Mental Resilience through Emotional Intelligence and Cyber Skills" program was created to address the rising psychological and emotional challenges faced by Malaysia’s B40 youth, particularly in navigating the digital world. Issues like cyberbullying, social media addiction, and online safety pose significant risks to th...

The attack that occurred recently involved the utilization of malicious software, commonly referred to as malware, along with advanced techniques such as machine learning, specifically deep learning, code transformation, and polymorphism. This makes it harder for cyber experts to detect malware using traditional analysis methods. In view of the low...

The attack that occurred recently involved the utilization of malicious software, commonly referred to as malware, along with advanced techniques such as machine learning, specifically deep learning, code transformation, and polymorphism. This makes it harder for cyber experts to detect malware using traditional analysis methods. In view of the low...

Presently, our digital landscape faces a pervasive onslaught of diverse cyber threats, encompassing distributed denial of service (DDoS), phishing, ransomware, and smishing, all orchestrated with malicious intent. Counteracting these malicious incursions poses a formidable challenge, particularly in devising efficacious detection solutions. Ransomw...

A lake that is well-kept and managed is highly prized for its recreational, aesthetic, and water supply value. The goal of this study was to learn about the environmental performance and quality of the lake management plan and find ways to improve it. The current governance structure and system, as well as the policy direction affecting the lake ba...

COVID-19 and the movement control order (MCO) implemented in 2020 and 2021, have had a major impact on Universiti Sains Islam Malaysia (USIM) in all directions. To mitigate these problems, USIM’s top management has taken several initiatives to ensure the operation of the University is upheld to its most so that the student continue their study with...

In earlier years, most malware attacks were against Android smartphones. Unfortunately, for the past few years, the trend has shifted towards attacks against the Apple iOS smartphone. Consequently, an in-depth analysis of the malware and iOS architecture is important to identify the best mitigation solution against malware exploitation. Hence, this...

Compressed Natural Gas (CNG) is an alternative solution to the limited availability of fossil energy. CNG use's advantages include high octane value, applicable to vehicles requiring large power, cost-effectiveness, and lower emissions. However, applying the old CNG kit leaves emission problems and fuel wastage during deceleration. Although numerou...

The term Cloud computing is not new anymore in computing technology. This form of computing technology previously considered only as marketing term, but today Cloud computing not only provides innovative improvements in resource utilisation but it also creates a new opportunities in data protection mechanisms where the advancement of intrusion dete...

The air conditioning system (AC) in passenger cars requires precise control to provide a comfortable and healthy driving. In an AC system with limited manual control, the driver has to repeatedly change the setting to improve comfort. This problem may be overcome by implementing an automatic control system to maintain cabin temperature and humidity...

As the internet is considerably expanding and on-line information is increasing, the identification and detection of the large amounts of different web information become vitally important, particularly those of dark web or Islamic extremists. Webpages with extremist and terrorist content are believed to be the main factors in the radicalisation an...

Cyber-attacks such as ransomware, data breaches, and phishing triggered by malware, especially for iOS (iPhone operating system) platforms, are increasing. Yet not much works on malware detection for the iOS platform have been done compared to the Android platform. Hence, this paper presents an iOS malware classification inspired by phylogenetics....

Phishing is a cybercrime in which, the phishers try to control users’ credentials. The phishers usually construct fake URLs that take to phishing websites where the users might disclose, and loss their credentials. This paper introduces a new feature to detect phishing URLs. The length of folder name of URL’s path is utilized in this work as a phis...

Currently, we saw the increment trend of mobile application(app) exploitation that leads to loss of confidential information and money. Many malware camouflages itself as a genuine mobile app or exploits vulnerabilities inside mobile apps. Hence, this paper presents a mobile app called CallDetect that detects Android Application Interface (API) exp...

Along with the rapid development of new science and technology, smartphone functionality has become more attractive. Smartphones not only bring convenience to the public but also the security risks at the same time through the installation of malicious applications. Among these, Android ransomware is gaining momentum and there is a need for effecti...

Many accidents occur on construction sites leading to injury and death. According to the Occupational Safety Health Administration (OSHA), falls, electrocutions, being struck-by-objects and being caught in or between an object were the four main causes of worker deaths on construction sites. Many factors contribute to the increase in accidents, and...

Nowadays, the sectors most commonly targeted by malwares across the world are manufacturing, oil and gas, and education. Malwares such as BlackEnergy2 and Triton have the ability to cause severe, life-threatening damages to an organization and critical infrastructure systems such as oil and gas. Security researchers and practitioners are looking fo...

Security researchers and practitioners face many challenges in mitigating mobile malware attacks against smartphones. Ranges of techniques have been developed by different developers to ensure that smartphones remain free from such attacks. However, we still lack efficient techniques to mitigate mobile malware attacks, especially for the iOS platfo...

This paper introduces a new approach in countermeasuring XML signature wrapping attack called the Spatial Signature Algorithm (SSA). The motivation for proposing the SSA approach is due to the limitation of the SOAP (Simple Object Access Protocol) in handling the XML signature wrapping attacks. A different strategy is to be planned in order to dete...

Internet users all over the world are highly exposed to social media exploitation, where they are vulnerable to be targeted by this cyber-attack. Furthermore, excessive use of social media leads to Internet Addiction Disorder (IAD). Fortunately, social media exploitation and IAD can be monitored and controlled closely based on user’s mobile phone s...

Android is one of the most commonly targeted platforms in terms of mobile malware attacks on the part of many users worldwide. Different types of attacks and exploitations have been developed to masquerade as genuine mobile applications in order to obtain confidential information from the victim’s smartphone. Therefore, to overcome these challenges...

Living in cyber world with revolutionizes of Industrial 4.0, most of the users and organisations prefer to sell and buy products or services via website online transaction. This online transaction is done through a messaging protocol (SOAP) and signing entire SOAP (SESOAP) using Extensible Markup Language (XML). XML is implemented to secure the SOA...

Abstract: This paper presents a technique to detect cyber terrorists suspected activities over the net by integrating the Krill Herd and Simulated Annealing algorithms. Three new level of categorizations, including low, high, and interleave have been introduced in this paper to optimize the accuracy rate. Two thousand datasets had been used for tra...

Cloud computing introduces concerns about data protection and intrusion detection mechanism. A review of the literature shows that there is still a lack of works on cloud IDS that focused on implementing real-time hybrid detections using Dendritic Cell algorithm (DCA) as a practical approach. In addition, there is also lack of specific threat detec...

Ontology is known as a knowledge representation and acts as a sharing platform for common ideas within a similar domain. It has a tree structure to ease the information presentation to users. Nowadays, it is very important to have a consistent and systematic way of presenting and retrieving different sources of knowledge such as the Quran and Hadit...

The increasing popularity of Android mobile phones in recent years has attracted the attention of malware developers. Android applications (apps) pose many risks/threats to the user's privacy and system integrity. Currently, permission-based models are used in the Android systems to detect the dangerous apps that possess several weaknesses. In this...

At present, mobile botnet has become a cyber threat for smartphone users especially on the Android platform. It has the capabilities to exploit the vulnerabilities and steal confidential information in the victim’s smartphone. Zeus, DroidDream and MisoSMS are examples of mobile botnets that have affected thousands of users worldwide. Therefore, thi...

The popularity and adoption of Android smartphones has attracted malware authors to spread the malware to smartphone users. The malware on smartphone comes in various forms, such as trojans, viruses, worms and mobile botnet. However, mobile botnet or Android botnet are more dangerous since they pose serious threats by stealing user credential infor...

Android applications may pose risks to smartphone users. Most of the current security countermeasures for detecting dangerous apps show some weaknesses. In this paper, a risk assessment method is proposed to evaluate the risk level of Android apps in terms of confidentiality (privacy), integrity (financial) and availability (system). The proposed r...

This paper presents a trustworthy model for an e-commerce website consisting of technologically-driven factors that influence the e-commerce usage and by employing the Theory of Planned Behaviour as the basis of developing the model. For this paper, self-administered survey questionnaires were distributed to 600 respondents at small medium enterpri...

Rapid growth and usage of Android smartphones worldwide have attracted many attackers to exploit them. Currently, the attackers used mobile malware to attack victims' smartphones to steal confidential information such as username and password. The attacks are also motivated based on profit and money. The attacks come in different ways, such as via...

Currently, cyber threats and attacks become a main concern among Internet users. To detect and prevent new and unknown attacks, an intelligent intrusion prevention system (IPS) which is better compared with traditional systems is needed. Furthermore, the Next Generation Intrusion Prevention System (NIGPS) is more suitable that could provide an inte...

Keyword-based technique has low accuracy and always leads to wrong information retrieved. Therefore, many researchers implement semantic search to overcome the above problems. Many researchers have built different Quran ontology in various domains to facilitate the knowledge representation in the Quran. Nevertheless, there are many domain concepts...

The Quran covers every field of life namely medical, political, social, economic, and others. The extraction of quranic knowledge is a challenging task, as the Quran is rich in its linguistic and multi-layered meanings, difficult if done without the use of other resources such as the Hadith and Tafsir by Muslim Scholars. Several Quranic ontologies...

The target of botnet attacks has shifted from the personal computers to smartphones and mobile devices due to computational power and functionality of the mobile devices. Mobile botnet is a network consists of compromised mobile devices controlled by a botmaster through a command and control (C&C) network. Nowadays mobile botnets attacks are increa...

Mobile malware is ubiquitous in many malicious activities such as money stealing. Consumers are charged without their consent. This paper explores how mobile malware exploit the system calls via SMS. As a solution, we proposed a system calls classification based on surveillance exploitation system calls for SMS. The proposed system calls classifica...

Nowadays, mobile botnet is becoming a new threat for smartphone users especially on the Android platform. The rapid growth of smartphones technology becomes a major cause of the increasing number of mobile botnet attacks. Zeus and DroidDream are examples of mobile botnets that affect thousands of users all over the world. These mobile botnets secre...

Currently, mobile botnet attacks have shifted from computers to smartphones due to its functionality, ease to exploit, and based on financial intention. Mostly, it attacks Android due to its popularity and high usage among end users. Every day, more and more malicious mobile applications (apps) with the botnet capability have been developed to expl...

XML signature wrapping attack poses a great threat to the integrity of web services. This is evident in the losses suffered by the Amazon Company in the past. This paper presents a new algorithm called the Spatial Information Approach (SIA). The paper forges the digital signature based on the principle of ratio signature which is adopted from a stu...

Android has dominated the smartphone market share with 82.8% compared to other platforms such as iOS, Windows, Blackberry OS and others in the world. This growth makes the android being most targeted by mobile malwares. There are many ways to infect users with malicious applications such as by uploading the infected apps at the third party store, r...

Information security models designed based on a different set of assumptions which are based on the characteristics of information system, motivations of organization to protect information, goals of the attacker and data validation of the model. The threats to information security are real and growing. Financial organizations need to take protecti...

Cloud computing is defined as a technology that consists of a large number of physical computers connected by using the Internet or it is a distributed computing technology over the network. A large resources, database, applications, services and software are an essential part of this technology. Cloud computing services could be interrupted by mal...

Smartphones have become an important part of human lives, and this led to an increase number of smartphone users. However, this also attracts hackers to develop malicious applications especially Android botnet to steal the private information and causing financial losses. Due to the fast modifications in the technologies used by malicious applicati...

Nowadays it becomes harder for malware analyst to detect malwares efficiently especially with the growth of data. Therefore, further research needs to be carried out to improve the malwares detection performance. In this paper, an in-depth study on the existing indexing rule or methods used for malware detection and classification is further discus...

The Quran covers all aspects of our life and usually referred, as a book of knowledge. The extraction of Quranic knowledge is a difficult task, as the Quran is rich in its linguistics and multi-layered meanings, difficult if done without the use of other resources such as the Hadith and Tafsir by Muslim Scholars. Several Quranic ontologies have bee...

Phishing is a cybercrime in which, phishers try to steal users’ personal information usually to gain financial benefits. Heuristics, blacklist and white list methods are commonly used to fight phishing attacks. These methods however may not always be the perfect choices to detect emerging spam and phishing emails. Applying immunity approach can ach...

With the massive growth of mobile applications and websites contains Quran verses in our daily lives, it is a challenge to identify whether a digital copy or even a verse of Quran is either authentic or not. Due to the sensitivity and the nature of Quran, even a small changes is intolerable as it could bring to a total different meaning. As problem...

Android mobile devices are used for various applications. Online banking and shopping are increasingly being performed on smartphones. As the role of smartphones in business grows, the floodgates have opened mobile devices to malware threats, which can be exploited for malicious purposes. Mobile malware is growing in sophistication and continues to...

Now-a-days smartphones have been used worldwide for an effective communication which makes our life easier. Unfortunately, currently most of the cyber threats such as identity theft and mobile malwares are targeting smartphone users and based on profit gain. They spread faster among the users especially via the Android smartphones. They exploit the...

Nowadays, mobile botnet has become as one of the most dangerous threats for smartphone. It has the capabilities of committing many criminal activities, such as remote access, Denial of Service (DoS), phishing, spreading malwares, stealing information and building mobile devices for illegitimate exchange of information and it is crucial to have an e...

Nowadays, Android has become the most widely used platform for smartphones. Due to the active used of smartphones, the floodgates of mobile malware threats are open every single day. Mobile malware harms users by illegally disable a mobile device, allowing malicious user to remotely control the device and steal personal information stored on the de...

At present, mobile botnet has become a cyber threat for smartphone users especially on the Android platform. It has the capabilities to exploit the vulnerabilities and steal confidential information in the victim's smartphone. Zeus, DroidDream and MisoSMS are examples of mobile botnets that have affected thousands of users worldwide. Therefore, thi...

Now a days, a proper method for presenting information is crucial due to the increase of mass volume and complexity of information. As for Muslim, Quran is referred as one of the main resources for guidance and reference for their daily life. Currently, there are many methods have been used for Quran verses retrieval. However, there is still lack o...

Phishing is a cybercrime in which, Internet users are delivered, commonly through emails, to simulated websites where they could be lured to disclose their personal information for attackers’ benefit. Phishing attacks were increased about 60 % in the second half of 2013 over what was seen in first half of the same year. Although the number of propo...

Nowadays smart phone has been used all over the world and has become as one of the most targeted platforms of mobile botnet to steal confidential information especially related with online banking. It is seen as one of the most dangerous cyber threat. Therefore in this research paper, a systematic analysis on mobile botnet detection techniques is f...

This study looks into the downscaling of statistical model to produce and predict hydrological modelling in the study area based on secondary data derived from the Department of Drainage and Irrigation (DID) since 1982-2012. The combination of chemometric method and time series analysis in this study showed that the monsoon season and rainfall did...

Flood is a major problem in Johor river basin, which normally happened during monsoon season. However in this study, it shows that rainfall did not have a strong relationship for the changes of water level compared to suspended solid and stream flow, where both variables have p-values of <0.0001 and these variables also became the main factors in c...

Individual user and organizations benefit from cloud computing services, which allow permanent online storage of files. The problem occurs when companies store highly confidential documents in cloud servers. Therefore, this paper aims to introduce a backbone structure for a cloud storage system where the security and personal privacy is highly maxi...

Prior conducting malware analysis, many researchers were facing difficulties to clean up the dataset and they took longer time to complete these processes due to lack of malware dataset that are free from any noise or any irrelevant data and lack of malware analysis skill. Therefore, an efficient Easy Computer Emergency Response Team Malware Reserv...

The invention of smartphone have made life easier as it is capable of providing important functions used in user's daily life. While different operating system (OS) platform was built for smartphone, Android has become one of the most popular choice. Nonetheless, it is also the most targeted platform for mobile malware attack causing financial loss...

Most of the existing techniques on relation extraction focus on extracting relation between subject, predicate and object in a single sentence. However, these techniques unable to handle the situation when the text has sentences that are incomplete: either does not have or unclear subject or object in sentence (i.e. "unsure" value). Thus this does...

Non-taxonomic relation is one of the most important components in ontology to describe a domain. Currently, most studies focused on extracting non-taxonomic relationships from text within the scope of single sentence. The predicate between two concepts (i.e. subject and object) that appear in a same sentence is extracted as potential relation. Ther...

Individual user and organizations benefit from cloud computing services, which allow permanent online storage of files. The problem occurs when companies store highly confidential documents in cloud servers. Therefore, this paper aims to introduce a backbone structure for a cloud storage system where the security and personal privacy is highly maxi...

Phishing is a threat that causes Internet users to lose the control over their accounts. A variety of anti-phishing approaches have been proposed, one of this variety is anti-phishing client-side tools. Most of these tools are rely on black/white list and heuristic methods. Most of these tools however, still unable to catch all phishing emails, es...

Given an apparent lack of coherence and a paucity of computer system field of studies, research imitates and demonstrates non consensus in how computer security fits into the satisfaction, success, usage, efficiency, and effectiveness of computer system field. This study is a part of research aims to extend the Technology to Performance Chain model...

An innovative breakthrough in computer science is cloud computing and involves several computers which are connected via the Internet or it is dispersed over a network. A large database, services, applications, software and resources are an integral part of this technology. It has the capability to operate a program or applications on numerous conn...

Nowadays, worms are becoming more sophisticated, intelligent and hard to be detected and responded than before and it becomes as one of the main issues in cyber security. It caused loss millions of money and productivities in many organizations and users all over the world. Currently, there are many works related with worm detection techniques but...

Nowadays, mobile botnet is considered as one of the biggest cyber threats attacking the smartphones especially on the Android platform. The loss of money, confidential information and productivity due to mobile botnet attacks to the smartphones, have triggered the formation of this research paper. This research paper presents a comprehensive review...

This paper attempts to present a new approach of forecasting the WiMAX traffic by exploiting Artificial Neural Networks (ANN). To develop the model, actual data is gathered from the LibyaMax network that spans the duration of 180 days in total. Traffic data is separated into three cases based on the base stations involved (A, B and AB). The model i...

Nowadays mobile devices such as smartphones had widely been used. People use smartphones not limited for phone calling or sending messages but also for web browsing, social networking and online banking transaction. To certain extend, all confidential information are kept in their smartphone. As a result, smartphones became as one of the cyber-crim...

Cloud computing technology is a concept of providing dramatically scalable and virtualized resources, bandwidth, software and hardware on demand to users. Users can request cloud services via a web browser or web service. Cloud computing consists of valuable resources, such as, networks, servers, applications, storage and services with a shared net...

Malwares attack such as by the worm, virus, trojan horse and botnet have caused lots of troublesome for many organisations and users which lead to the cybercrime. Living in a cyber world, being infected by these malwares be-coming more common. Nowadays the malwares attack especially by the trojan horse is becoming more sophisticated and intelligent...

Phishing is a threat in which users are sent fake emails that urge them to click a link (URL) which takes to a phisher's website. At that site, users' accounts information could be lost. Many technical and non-technical solutions have been proposed to fight phishing attacks. To stop such attacks, it is important to select the correct feature(s) to...

This research paper presents a framework on how to build up malware dataset. Many researchers took longer time to clean the dataset from any noise or to transform the dataset into a format that can be used straight away for testing. Therefore, this research is proposing a framework to help researchers to speed up the malware dataset cleaning proces...

The functional need of executing transaction on Electronic Commerce has made security a necessary built-in feature. Also, placing the E-Commerce portal in cloud through cloud computing technologies has undoubtedly increased the security challenges. Thus necessitate a design of secured authentication framework to be employed by the web-based E-Comme...

For the past few years, malware or also known as malicious code is seen as one of the biggest threats of the cyber attacks. It has caused lot of damages, loss of money and productivity to many organizations and end users. Malicious code can be divided into many categories such as viruses, worms and trojan horses. Each of these categories has it own...

Given a paucity of research and apparent lack of coherence in information system research, it seems that there is no consensus in the information system field as to how security fits into the information system acceptance, usage, success, utilization, and/or performance impact (effectiveness, efficiency, and satisfaction). This paper is part of an...

This paper presents a new STAKCERT KDD processes for worm detection. The enhancement introduced in the data-preprocessing resulted in the formation of a new STAKCERT model for worm detection. In this paper we explained in detail how all the processes involved in the STAKCERT KDD processes are applied within the STAKCERT model for worm detection. Ba...

In this paper, a new STAKCERT worm relational model is being developed based on the evaluation of the STAKCERT worm classification using the dynamic, static and statistical analysis. A case study was conducted to evaluate the effectiveness of this STAKCERT relational model. The case study result analysis showed that the 5 main features in the relat...

This paper presents the result of the statistical analysis on relationship between sub features in STAKCERT worm classification. The sub features of the STAKCERT worm classification in this paper were using the statistical analysis to prove the relationship between the sub features. Prior to that, the static and the dynamic analysis were conducted...

Wireless Sensor Networks (WSNs) use tiny, inexpensive sensor nodes with several distinguishing characteristics: they have very low processing power and radio ranges, permit very low energy consumption and perform limited and specific monitoring and sensing functions. However, its security becomes an issue because in WSNs, there is virtual communica...

A procedure is one of the most important elements that should be emphasized when handling any incident related with the cyber world. It is easily forgotten by many organizations, IT administrator and users, especially when dealing with the worms attack. Using the incident response methodology as the basis to build up the STAKCERT framework, the res...

A worm attack is one of the most eye-catching and challenging issues in the cyber world. New and different types of worm attacks are being introduced day by day. Different names have been given to these worms as they evolve such as the dasiasuperwormpsila and researchers all over the world are trying to find the best remedy to counter such attacks....

Sensor Network are emerging as a new tool for important application in diverse fields like military surveillance, habitat monitoring, weather, home electrical appliances and others. Technically, sensor network nodes are limited in respect to energy supply, computational capacity and communication bandwidth. In order to prolong the lifetime of the s...