Using Object Detection Network for Malware Detection and Identification in Network Traffic Packets

In recent years,the number of exposed vulnerabilities has grown rapidly and more and more attacks occurred to intrude on the target computers using these vulnerabilities such as different malware.Malware detection has attracted more attention and still faces severe challenges.As malware detection based traditional machine learning relies on exports’experience to design efficient features to distinguish different malware,it causes bottleneck on feature engineer and is also time-consuming to find efficient features.Due to its promising ability in automatically proposing and selecting significant features,deep learning has gradually become a research hotspot.In this paper,aiming to detect the malicious payload and identify their categories with high accuracy,we proposed a packet-based malicious payload detection and identification algorithm based on object detection deep learning network.A dataset of malicious payload on code execution vulnerability has been constructed under the Metasploit framework and used to evaluate the performance of the proposed malware detection and identification algorithm.The experimental results demonstrated that the proposed object detection network can efficiently find and identify malicious payloads with high accuracy.

FastAFLGo:Toward a Directed Greybox Fuzzing

While the size and complexity of software are rapidly increasing,not only is the number of vulnerabilities increasing,but their forms are diversifying.Vulnerability has become an important factor in network attack and defense.Therefore,automatic vulnerability discovery has become critical to ensure software security.Fuzzing is one of the most important methods of vulnerability discovery.It is based on the initial input,i.e.,a seed,to generate mutated test cases as new inputs of a tested program in the next execution loop.By monitoring the path coverage,fuzzing can choose high-value test cases for inclusion in the new seed set and capture crashes used for triggering vulnerabilities.Although there have been remarkable achievements in terms of the number of discovered vulnerabilities,the reduction of time cost is still inadequate.This paper proposes a fast directed greybox fuzzing model,FastAFLGo.A fast convergence formula of temperature is designed,and the energy scheduling scheme can quickly determine the best seed to make the program execute toward the target basic blocks.Experimental results show that FastAFLGo can discover more vulnerabilities than the traditional fuzzing method in the same execution time.

A Generation Method of Letter-Level Adversarial Samples

In recent years,with the rapid development of natural language processing,the security issues related to it have attracted more and more attention.Character perturbation is a common security problem.It can try to completely modify the input classification judgment of the target program without people’s attention by adding,deleting,or replacing several characters,which can reduce the effectiveness of the classifier.Although the current research has provided various methods of perturbation attacks on characters,the success rate of some methods is still not ideal.This paper mainly studies the sample generation of optimal perturbation characters and proposes a characterlevel text adversarial sample generation method.The goal is to use this method to achieve the best effect on character perturbation.After sentiment classification experiments,this model has a higher perturbation success rate on the IMDB dataset,which proves the effectiveness and rationality of this method for text perturbation and provides a reference for future research work.