Memory Analysis for Malware Detection: A Comprehensive Survey Using the OSCAR Methodology Malware has sharply escalated, with a 30% surge in global cyberattacks in 2024, highlighting the limitations of traditional detection methods against sophisticated threats. This survey addresses gaps in prior work by applying the OSCAR methodology to review memory acquisition techniques, forensic methods, and […]
BCCC, York University, Toronto, ON, Canada The Third Annual Collaborative Workshop – BCCC & NICT Japan (September 5) Today, September 5, we held the third annual collaborative workshop between the Behaviour-Centric Cybersecurity Centre (BCCC) and NICT Japan, with special thanks to Dr. Takeshi Takahashi, Dr. Tao Ban, Prof. Seiichi Ozawa, Dr. Muhammad Fakhrur Rozi, and […]
VADViT: Vision Transformer-Driven Memory Forensics for Malicious Process Detection and Explainable Threat Attribution Modern malware’s complexity challenges traditional detection and existing ML-based memory forensics, which often rely on outdated features and struggle with large-scale data. We propose VADViT, a vision transformer model that converts VAD memory regions into fused Markov, entropy, and intensity images for […]
SCsVulSegLyzer: Detecting and Extracting Vulnerable Segments from Smart Contracts Using Weakly-Supervised Learning Smart contracts (SCs) are widely used in finance but remain attractive targets for hackers due to vulnerabilities, the immaturity of Solidity, and blockchain’s immutability. We present SCsVulSegLytix, a Transformer-based model that detects and extracts vulnerable segments directly from Solidity code using only contract-level […]
Hybrid attention-enhanced explainable model for encrypted traffic detection and classification Encrypted traffic detection is critical as protocols like TLS, VPNs, and Tor dominate modern networks. We propose a Hybrid Attention–LightGBM model with an augmented multi-dataset approach and Explainable AI tools (SHAP, LIME) to enhance interpretability, scalability, and generalization. Experiments show it outperforms state-of-the-art methods in […]
York U innovations advance global cybersecurity education: Through the development of innovative open-source tools and initiatives, York University’s Behaviour-Centric Cybersecurity Center (BCCC) is advancing public engagement and cybersecurity education across the globe.
Unveiling evasive malware behavior: toward generating a multi-sources benchmark dataset and evasive malware behavior profiling using network traffic and memory analysis Traditional detection methods struggle with evolving malware, and single-source datasets are no longer sufficient. We introduce BCCC-Mal-NetMem-2025, a multi-source dataset combining memory and network data, enriched with a benign behavior profiler (BUEBP) and the […]
Unveiling Smart Contracts Vulnerabilities: Toward Profiling Smart Contracts Vulnerabilities using Enhanced Genetic Algorithm and Generating Benchmark Dataset Smart Contracts (SCs) are critical in blockchain but remain vulnerable, with existing detection methods often lacking accuracy and scalability. We propose SCsVulLyzer V2.0, an analyzer extracting 240 features, combined with a Genetic Algorithm (GA)-based profiling method that leverages […]
Unveiling Smart Contracts Vulnerabilities: Toward Profiling Smart Contracts Vulnerabilities using Enhanced Genetic Algorithm and Generating Benchmark Dataset
A survey on encrypted network traffic: A comprehensive survey of identification/classification techniques, challenges, and future directions