Research on malicious code variants detection based on texture fingerprint by Xiao-guang HAN, UWu Q, AOXuan-xia Y, UOChang-you G, Fang ZHOU

“…Afterwards, the index structure for fingerprint texture is built on the statistical analy-sis of general texture fingerprints of malicious code samples. In the detection phase, according to the generation policy for malicious code texture fingerprint, the prototype system for texture fingerprint extraction and detection is con-structed by employing the integrated weight method to multi-segmented texture fingerprint similarity matching to de-tect variants and unknown malicious codes. …”
Get full text

Detecting malicious code variants using convolutional neural network (CNN) with transfer learning by Nazish Younas, Shazia Riaz, Saqib Ali, Rafiullah Khan, Farman Ali, Daehan Kwak

Subjects: Get full text

Research progress in code reuse attacking and defending by Xiangdong QIAO, Rongxiao GUO, Yong ZHAO

“…Code reuse attacks make use of binary code existed in the attacked target to perform attack action,such technique breaks out the traditional assumption that malicious behavior always be introduced from the outside，it is representative sample of the advanced memory corruption techniques and also the focus of attention in the software security research field.The generation background and implementation principle were described firstly,and then the recent progresses of the technique,including improvement and variants,implementation methods under the different architecture platforms,automatic construction and important extension including blind ROP and non-control data attacks based on code reuse attacks,were introduced respectively.Various defense mechanisms and possible counter-defense methods for code reuse attacks were also discussed.Finally a perspective of the future work in this research area was discussed.…”
Get full text

Secure mobile agents for efficient medical information retrieval: A verifiable variable threshold secret sharing approach. by Pradeep Kumar, Sur Singh Rawat, Kakoli Banerjee, Ayodeji Olalekan Salau, Gyanendra Kumar, Niraj Singhal

Get full text

Detecting Malware C&C Communication Traffic Using Artificial Intelligence Techniques by Mohamed Ali Kazi

“…This prevalence was expedited by the fact that the Zeus source code was inadvertently released to the public in 2004, allowing malware developers to reproduce the Zeus banking malware and develop variants of this malware. …”
Get full text

Process Injection Using Return-Oriented Programming by Bramwell Brizendine, Shiva Shashank Kusuma, Bhaskar P. Rimal

“…Return-oriented programming (ROP) is a code-reuse attack that uses borrowed chunks of executable code for arbitrary computation. …”
Get full text

JDroid: Android malware detection using hybrid opcode feature vector by Recep Sinan Arslan

“…However, the rich semantic information hidden in opcodes offers a promising way to distinguish benign applications from malicious ones. In this study, we propose a tool called JDroid that treats opcodes (Dalvik Opcode and Java ByteCode) as features based on static analysis. …”
Get full text

FLWD:A Webshell detection method based on federated learning by ZENG Qingpeng, CHAI Jiangli, WU Shuixiu

“…Webshell attacks were a common technique where attackers gained partial control over the Web server through a Webshell to carry out malicious activities. Due to the covert nature of Webshell operations and the continuous creation of new Webshell variants by attackers to evade security detection, coupled with the lack of information sharing and coordination between servers, uneven detection capabilities in responding to Webshell attacks emerged, making it difficult to establish a comprehensive and effective defense system. …”
Get full text

Cloud Telescope: An Ephemeral, Distributed, and Cloud-Native Architecture for Collecting Internet Background Radiation by Fabricio Bortoluzzi, Barry Irwin, Carla Merkle Westphall

“…The deployment of Network Telescopes has helped to detect and quantify major cyberspace outbreaks, from the rise of the Conficker malware, to uncovering massive botnet propagation activity, such as performed by Mirai and its variants, against the Internet-of-Things. This paper introduces the Cloud Telescope: an ephemeral, cloud-native architecture, described as Infrastructure-as-Code, enabling for geographically distributed capture of the IBR, along with a discussion of a 5-month-long validation experiment, in which a sensor fleet comprising 130 cloud instances was launched across twenty-six regions of the world. …”
Get full text

On cofactored verification of EdDSA signatures by Adrian Cinal, Oliwer Sobolewski

“…We further show that two mainstream cryptographic libraries, namely, OpenSSL and CIRCL, accidentally (and in a manner not immediately apparent when inspecting the code) use the correct variant of the verification equation for one parameter set of EdDSA, but incorrect for another. …”
Get full text