期刊文献+
共找到22篇文章
< 1 2 >
每页显示 20 50 100
Privacy Preservation in IoT Devices by Detecting Obfuscated Malware Using Wide Residual Network
1
作者 Deema Alsekait Mohammed Zakariah +2 位作者 Syed Umar Amin Zafar Iqbal Khan Jehad Saad Alqurni 《Computers, Materials & Continua》 SCIE EI 2024年第11期2395-2436,共42页
The widespread adoption of Internet of Things(IoT)devices has resulted in notable progress in different fields,improving operational effectiveness while also raising concerns about privacy due to their vulnerability t... The widespread adoption of Internet of Things(IoT)devices has resulted in notable progress in different fields,improving operational effectiveness while also raising concerns about privacy due to their vulnerability to virus attacks.Further,the study suggests using an advanced approach that utilizes machine learning,specifically the Wide Residual Network(WRN),to identify hidden malware in IoT systems.The research intends to improve privacy protection by accurately identifying malicious software that undermines the security of IoT devices,using the MalMemAnalysis dataset.Moreover,thorough experimentation provides evidence for the effectiveness of the WRN-based strategy,resulting in exceptional performance measures such as accuracy,precision,F1-score,and recall.The study of the test data demonstrates highly impressive results,with a multiclass accuracy surpassing 99.97%and a binary class accuracy beyond 99.98%.The results emphasize the strength and dependability of using advanced deep learning methods such as WRN for identifying hidden malware risks in IoT environments.Furthermore,a comparison examination with the current body of literature emphasizes the originality and efficacy of the suggested methodology.This research builds upon previous studies that have investigated several machine learning methods for detecting malware on IoT devices.However,it distinguishes itself by showcasing exceptional performance metrics and validating its findings through thorough experimentation with real-world datasets.Utilizing WRN offers benefits in managing the intricacies of malware detection,emphasizing its capacity to enhance the security of IoT ecosystems.To summarize,this work proposes an effective way to address privacy concerns on IoT devices by utilizing advanced machine learning methods.The research provides useful insights into the changing landscape of IoT cybersecurity by emphasizing methodological rigor and conducting comparative performance analysis.Future research could focus on enhancing the recommended approach by adding more datasets and leveraging real-time monitoring capabilities to strengthen IoT devices’defenses against new cybersecurity threats. 展开更多
关键词 obfuscated malware detection IoT devices Wide Residual Network(WRN) malware detection machine learning
下载PDF
A User Proprietary Obfuscate System for Positions Sharing in Location-Aware Social Networks
2
作者 Wei Cherng Cheng Masayoshi Aritsugi 《Journal of Computer and Communications》 2015年第5期7-20,共14页
A user’s trajectory can be maliciously monitored by adversaries when they share the positions in location-aware social networking applications which require users to update their own locations continuously. An advers... A user’s trajectory can be maliciously monitored by adversaries when they share the positions in location-aware social networking applications which require users to update their own locations continuously. An adversary infers user’s locations from the trajectories, and gleans user’s private information through them via location-aware social networking applications and public available geographic data. In this paper, we propose a user proprietary obfuscate system to suit situations for position sharing and location privacy preserving in location-aware social network. Users transform the public available geographic data into personal obfuscate region maps with pre-defined profile to prevent the location leaking in stationary status. Our obfuscation with size restricted regions method tunes user’s transformed locations fitting into natural movement and prevents unreasonable snapshot locations been recorded in the trajectory. 展开更多
关键词 Location PRIVACY obfuscate Region Maps LOCATION-AWARE POSITIONS SHARING
下载PDF
Unified Detection of Obfuscated and Native Android Malware
3
作者 Pagnchakneat C.Ouk Wooguil Pak 《Computers, Materials & Continua》 SCIE EI 2022年第2期3099-3116,共18页
The Android operating system has become a leading smartphone platform for mobile and other smart devices,which in turn has led to a diversity of malware applications.The amount of research on Android malware detection... The Android operating system has become a leading smartphone platform for mobile and other smart devices,which in turn has led to a diversity of malware applications.The amount of research on Android malware detection has increased significantly in recent years and many detection systems have been proposed.Despite these efforts,however,most systems can be thwarted by sophisticated Androidmalware adopting obfuscation or native code to avoid discovery by anti-virus tools.In this paper,we propose a new static analysis technique to address the problems of obfuscating and native malware applications.The proposed system provides a unified technique for extracting features from applications and native libraries using a selection algorithm that can extract a small set of unique and effective features for detecting malware applications rapidly and with a high detection rate.Evaluation using large Android malware detection datasets obtained from various sources confirmed that the proposed approach achieves very promising results in terms of improved accuracy,low false positive rate,and high detection rate. 展开更多
关键词 Android malware detection native code OBFUSCATION unified feature extraction
下载PDF
Malware Attacks Detection in IoT Using Recurrent Neural Network(RNN)
4
作者 Abeer Abdullah Alsadhan Abdullah A.Al-Atawi +3 位作者 Hanen karamti Abid Jameel Islam Zada Tan N.Nguyen 《Intelligent Automation & Soft Computing》 2024年第2期135-155,共21页
IoT(Internet of Things)devices are being used more and more in a variety of businesses and for a variety of tasks,such as environmental data collection in both civilian and military situations.They are a desirable att... IoT(Internet of Things)devices are being used more and more in a variety of businesses and for a variety of tasks,such as environmental data collection in both civilian and military situations.They are a desirable attack target for malware intended to infect specific IoT devices due to their growing use in a variety of applications and their increasing computational and processing power.In this study,we investigate the possibility of detecting IoT malware using recurrent neural networks(RNNs).RNNis used in the proposed method to investigate the execution operation codes of ARM-based Internet of Things apps(OpCodes).To train our algorithms,we employ a dataset of IoT applications that includes 281 malicious and 270 benign pieces of software.The trained model is then put to the test using 100 brand-new IoT malware samples across three separate LSTM settings.Model exposure was not previously conducted on these samples.Detecting newly crafted malware samples with 2-layer neurons had the highest accuracy(98.18%)in the 10-fold cross validation experiment.A comparison of the LSTMtechnique to other machine learning classifiers shows that it yields the best results. 展开更多
关键词 MALWARE malicious code code obfuscation IOT machine learning deep learning
下载PDF
A Smart Obfuscation Approach to Protect Software in Cloud
5
作者 Lei Yu Yucong Duan 《Computers, Materials & Continua》 SCIE EI 2023年第9期3949-3965,共17页
Cloud computing and edge computing brought more software,which also brought a new danger of malicious software attacks.Data synchronization mechanisms of software can further help reverse data modifications.Based on t... Cloud computing and edge computing brought more software,which also brought a new danger of malicious software attacks.Data synchronization mechanisms of software can further help reverse data modifications.Based on the mechanisms,attackers can cover themselves behind the network and modify data undetected.Related knowledge of software reverse engineering can be organized as rules to accelerate the attacks,when attackers intrude cloud server to access the source or binary codes.Therefore,we proposed a novel method to resist this kind of reverse engineering by breaking these rules.Our method is based on software obfuscations and encryptions to enhance the security of distributed software and cloud services in the 5G era.Our method is capable of(1)replacing theoriginal assembly codes of theprotectedprogramwithequivalent assembly instructions inan iteration way,(2)obfuscating the control flow of the protected program to confuse attackers meanwhile keeps the program producing the same outputs,(3)encrypting data to confuse attackers.In addition,the approach can periodically and automatically modify the protected software binary codes,and the binary codes of the protected software are encrypted to resist static analysis and dynamic analysis.Furthermore,a simplified virtual machine is implemented to make the protected codes unreadable to attackers.Cloud game is one of the specific scenarios which needs low latency and strong data consistency.Cheat engine,Ollydbg,and Interactive Disassembler Professional(IDA)are used prevalently for games.Our improved methods can protect the software from the most vulnerable aspects.The improved dynamic code swapping and the simplified virtual machine technologies for cloud games are the main innovations.We inductively learned that our methods have been working well according to the security mechanisms and time complexity analysis.Experiments show that hidden dangers can be eliminated with efficient methods:Execution time and file sizes of the target codes can be multiple times than that of the original program codes which depend on specific program functions. 展开更多
关键词 OBFUSCATION self-modification ENCRYPTION edge computing
下载PDF
Control Flow Obfuscation Based Protection Method for Android Applications 被引量:2
6
作者 Yong Peng Guanyu Su +2 位作者 Bin Tian Maohua Sun Qi Li 《China Communications》 SCIE CSCD 2017年第11期247-259,共13页
With the popularization and rapid development of mobile intelligent terminals(MITs), the number of mobile applications, or apps, has increased exponentially. It is increasingly common for malicious code to be inserted... With the popularization and rapid development of mobile intelligent terminals(MITs), the number of mobile applications, or apps, has increased exponentially. It is increasingly common for malicious code to be inserted into counterfeit apps, which can cause significant economic damage and threaten the security of users. Code obfuscation techniques are a highly efficient group of methods for code security protection. In this paper, we propose a novel control flow obfuscation based method for Android code protection. First, algorithms to insert irrelevant code and flatten the control flow are employed that minimize the cost of obfuscation while ensuring its strength. Second, we improve the traditional methods of control flow flattening to further reduce the costs of obfuscation. Lastly, the use of opaque predicates is strengthened by establishing an access control strategy, which converts the identification of opaque predicates in the entire program into a graph traversal problem, and thereby increases the strength of the code protection. We did some experiments to evaluate our method, and the results show that the proposed method can work well. 展开更多
关键词 control flow obfuscation control flow obfuscation software security
下载PDF
AdaptiveMutate:a technique for privacy preservation 被引量:1
7
作者 Louma Chaddad Ali Chehab +1 位作者 Imad H.Elhajj Ayman Kayssi 《Digital Communications and Networks》 SCIE 2019年第4期245-255,共11页
Mobile apps are known to be rich sources for gathering privacy-sensitive information about smartphone users.Despite the presence of encryption,passive network adversaries who have access to the network infrastructure ... Mobile apps are known to be rich sources for gathering privacy-sensitive information about smartphone users.Despite the presence of encryption,passive network adversaries who have access to the network infrastructure can eavesdrop on the traffic and therefore fingerprint a user’s app by means of packet-level traffic analysis.Since it is difficult to prevent the adversaries from accessing the network,providing secrecy in hostile environments becomes a serious concern.In this study,we propose AdaptiveMutate,a privacy-leak thwarting technique to defend against the statistical traffic analysis of apps.First,we present a method for the identification of mobile apps using traffic analysis.Further,we propose a confusion system in which we obfuscate packet lengths,and/or inter-arrival time information leaked by the mobile traffic to make it hard for intruders to differentiate between the altered app traffic and the actual one using statistical analysis.Our aim is to shape one class of app traffic to obscure its features with the minimum overhead.Our system strives to dynamically maximize its efficiency by matching each app with the corresponding most dissimilar app.Also,AdaptiveMutate has an adaptive capability that allows it to choose the most suitable feature to mutate,depending on the type of apps analyzed and the classifier used,if known.We evaluate the efficiency of our model by conducting a comprehensive simulation analysis that mutates different apps to each other using AdaptiveMutate.We conclude that our algorithm is most efficient when we mutate a feature of one app to its most dissimilar one in another app.When applying the identification technique,we achieve a classification accuracy of 91.1%.Then,using our obfuscation technique,we are able to reduce this accuracy to 7%.Also,we test our algorithm against a recently published approach for mobile apps classification and we are able to reduce its accuracy from 94.8%to 17.9%.Additionally,we analyze the tradeoff between the shaping cost and traffic privacy protection,specifically,the associated overhead and the feasibility for real-time implementation. 展开更多
关键词 Side-channel information App profiling OBFUSCATION Traffic classification Packet length statistics Inter-arrival time
下载PDF
Deobfuscating Mobile Malware for Identifying Concealed Behaviors
8
作者 Dongho Lee Geochang Jeon +1 位作者 Sunjun Lee Haehyun Cho 《Computers, Materials & Continua》 SCIE EI 2022年第9期5909-5923,共15页
The smart phone market is continuously increasing and there are more than 6 billion of smart phone users worldwide with the aid of the 5G technology.Among them Android occupies 87%of the market share.Naturally,the wid... The smart phone market is continuously increasing and there are more than 6 billion of smart phone users worldwide with the aid of the 5G technology.Among them Android occupies 87%of the market share.Naturally,the widespread Android smartphones has drawn the attention of the attackers who implement and spread malware.Consequently,currently the number of malware targeting Android mobile phones is ever increasing.Therefore,it is a critical task to find and detect malicious behaviors of malware in a timely manner.However,unfortunately,attackers use a variety of obfuscation techniques for malware to evade or delay detection.When an obfuscation technique such as the class encryption is applied to a malicious application,we cannot obtain any information through a static analysis regarding its malicious behaviors.Hence,we need to rely on the manual,dynamic analysis to find concealed malicious behaviors from obfuscated malware.To avoid malware spreading out in larger scale,we need an automated deobfuscation approach that accurately deobfuscates obfuscated malware so that we can reveal hidden malicious behaviors.In this study,we introduce widely-used obfuscation techniques and propose an effective deobfuscation method,named ARBDroid,for automatically deobfuscating the string encryption,class encryption,and API hiding techniques.Our evaluation results clearly demonstrate that our approach can deobfuscate obfuscated applications based on dynamic analysis results. 展开更多
关键词 ANDROID OBFUSCATION deobfuscation android reversing
下载PDF
Disguisable Symmetric Encryption Schemes for an Anti-forensics Purpose
9
作者 Ding Ning Gu Dawu Liu Zhiqiang 《China Communications》 SCIE CSCD 2010年第6期56-63,共8页
In this paper, we propose a new notion of secure disguisable symmetric encryption schemes, which captures the idea that the attacker can decrypt an encrypted fie to different meaningful values when different keys are ... In this paper, we propose a new notion of secure disguisable symmetric encryption schemes, which captures the idea that the attacker can decrypt an encrypted fie to different meaningful values when different keys are put to the decryption algorithm. This notion is aimed for the following anti-forensics purpose: the attacker can cheat the forensics investigator by decrypting an encrypted file to a meaningful file other than that one he encrypted, in the case that he is caught by the forensics investigator and ordered to hand over the key for decryption. We then present a construction of secure disguisable symmetric encryption schemes. 展开更多
关键词 symmetric encryption OBFUSCATION ANTI-FORENSICS
下载PDF
High Performance Classification of Android Malware Using Ensemble Machine Learning
10
作者 Pagnchakneat C.Ouk Wooguil Pak 《Computers, Materials & Continua》 SCIE EI 2022年第7期381-398,共18页
Although Android becomes a leading operating system in market,Android users suffer from security threats due to malwares.To protect users from the threats,the solutions to detect and identify the malware variant are e... Although Android becomes a leading operating system in market,Android users suffer from security threats due to malwares.To protect users from the threats,the solutions to detect and identify the malware variant are essential.However,modern malware evades existing solutions by applying code obfuscation and native code.To resolve this problem,we introduce an ensemble-based malware classification algorithm using malware family grouping.The proposed family grouping algorithm finds the optimal combination of families belonging to the same group while the total number of families is fixed to the optimal total number.It also adopts unified feature extraction technique for handling seamless both bytecode and native code.We propose a unique feature selection algorithm that improves classification performance and time simultaneously.2-gram based features are generated from the instructions and segments,and then selected by using multiple filters to choose most effective features.Through extensive simulation with many obfuscated and native code malware applications,we confirm that it can classify malwares with high accuracy and short processing time.Most existing approaches failed to achieve classification speed and detection time simultaneously.Therefore,the approach can help Android users to keep themselves safe from various and evolving cyber-attacks very effectively. 展开更多
关键词 Android malware classification family grouping native code OBFUSCATION unified feature extraction
下载PDF
Measuring Whitespace Pattern Sequences as an Indication of Plagiarism
11
作者 Nikolaus Baer Robert Zeidman 《Journal of Software Engineering and Applications》 2012年第4期249-254,共6页
There are several methods and technologies for comparing the statements, comments, strings, identifiers, and other visible elements of source code in order to efficiently identify similarity. In a prior paper we found... There are several methods and technologies for comparing the statements, comments, strings, identifiers, and other visible elements of source code in order to efficiently identify similarity. In a prior paper we found that comparing the whitespace patterns was not precise enough to identify copying by itself. However, several possible methods for improving the precision of a whitespace pattern comparison were presented, the most promising of which was an examination of the sequences of lines with matching whitespace patterns. This paper demonstrates a method of evaluating the sequences of matching whitespace patterns and a detailed study of the method’s reliability. 展开更多
关键词 PLAGIARISM SOURCE CODE SOURCE CODE Similarity Whitespace OBFUSCATION Indentation Maintainability Copyright INFRINGEMENT Intellectual Property LITIGATION Open SOURCE
下载PDF
A Comparison of Malware Detection Techniques Based on Hidden Markov Model
12
作者 Saja Alqurashi Omar Batarfi 《Journal of Information Security》 2016年第3期215-223,共9页
Malware is a software which is designed with an intent to damage a network or computer resources. Today, the emergence of malware is on boom letting the researchers develop novel techniques to protect computers and ne... Malware is a software which is designed with an intent to damage a network or computer resources. Today, the emergence of malware is on boom letting the researchers develop novel techniques to protect computers and networks. The three major techniques used for malware detection are heuristic, signature-based, and behavior based. Among these, the most prevalent is the heuristic based malware detection. Hidden Markov Model is the most efficient technique for malware detection. In this paper, we present the Hidden Markov Model as a cutting edge malware detection tool and a comprehensive review of different studies that employ HMM as a detection tool. 展开更多
关键词 MALWARE HMM Detection Tool Obfuscation Techniques METAMORPHIC
下载PDF
Malware Evasion Attacks Against IoT and Other Devices: An Empirical Study
13
作者 Yan Xu Deqiang Li +1 位作者 Qianmu Li Shouhuai Xu 《Tsinghua Science and Technology》 SCIE EI CAS CSCD 2024年第1期127-142,共16页
The Internet of Things(loT)has grown rapidly due to artificial intelligence driven edge computing.While enabling many new functions,edge computing devices expand the vulnerability surface and have become the target of... The Internet of Things(loT)has grown rapidly due to artificial intelligence driven edge computing.While enabling many new functions,edge computing devices expand the vulnerability surface and have become the target of malware attacks.Moreover,attackers have used advanced techniques to evade defenses by transforming their malware into functionality-preserving variants.We systematically analyze such evasion attacks and conduct a large-scale empirical study in this paper to evaluate their impact on security.More specifically,we focus on two forms of evasion attacks:obfuscation and adversarial attacks.To the best of our knowledge,this paper is the first to investigate and contrast the two families of evasion attacks systematically.We apply 10 obfuscation attacks and 9 adversarial attacks to 2870 malware examples.The obtained findings are as follows.(1)Commercial Off-The-Shelf(COTS)malware detectors are vulnerable to evasion attacks.(2)Adversarial attacks affect COTS malware detectors slightly more effectively than obfuscated malware examples.(3)Code similarity detection approaches can be affected by obfuscated examples and are barely affected by adversarial attacks.(4)These attacks can preserve the functionality of original malware examples. 展开更多
关键词 Android malware OBFUSCATION adversarial examples
原文传递
Are our clone detectors good enough?An empirical study of code effects by obfuscation
14
作者 Weihao Huang Guozhu Meng +3 位作者 Chaoyang Lin Qiucun Yan Kai Chen Zhuo Ma 《Cybersecurity》 EI CSCD 2023年第4期163-181,共19页
Clone detection has received much attention in many fields such as malicious code detection,vulnerability hunting,and code copyright infringement detection.However,cyber criminals may obfuscate code to impede violatio... Clone detection has received much attention in many fields such as malicious code detection,vulnerability hunting,and code copyright infringement detection.However,cyber criminals may obfuscate code to impede violation detection.To date,few studies have investigated the robustness of clone detectors,especially in-fashion deep learning-based ones,against obfuscation.Meanwhile,most of these studies only measure the difference between one code snippet and its obfuscation version.However,in reality,the attackers may modify the original code before obfuscating it.Then what we should evaluate is the detection of obfuscated code from cloned code,not the original code.For this,we conduct a comprehensive study evaluating 3 popular deep-learning based clone detectors and 6 commonly used traditional ones.Regarding the data,we collect 6512 clone pairs of five types from the dataset BigCloneBench and obfuscate one program of each pair via 64 strategies of 6 state-of-art commercial obfuscators.We also collect 1424 non-clone pairs to evaluate the false positives.In sum,a benchmark of 524,148 code pairs(either clone or not)are generated,which are passed to clone detectors for evaluation.To automate the evaluation,we develop one uniform evaluation framework,integrating the clone detectors and obfuscators.The results bring us interesting findings on how obfuscation affects the performance of clone detection and what is the difference between traditional and deep learning-based clone detectors.In addition,we conduct manual code reviews to uncover the root cause of the phenomenon and give suggestions to users from different perspectives. 展开更多
关键词 Clone detection OBFUSCATION Evaluation
原文传递
Cryptographic obfuscation for smart contracts: Trustless bitcoin bridge and more
15
作者 Sora Suegami 《Blockchain(Research and Applications)》 2023年第1期134-165,共32页
Privacy protection for smart contracts is currently inadequate.Existing solutions for privacy-preserving smart contracts either support only a limited class of smart contracts or rely on noncryptographic assumptions.W... Privacy protection for smart contracts is currently inadequate.Existing solutions for privacy-preserving smart contracts either support only a limited class of smart contracts or rely on noncryptographic assumptions.We propose a cryptographic obfuscation scheme for smart contracts based on existing blockchain mechanisms,standard cryptographic assumptions,and witness encryption.In the proposed scheme,an obfuscated smart contract does not reveal its algorithm and hardcoded secrets and preserves encrypted states.Any user can provide it with encrypted inputs and allow an untrusted third party to execute it.Although multiparty computation(MPC)among dynamically changing users is necessary,its privacy is protected if at least one user is honest.If the MPC does not finish within a period of time,anyone can cancel and restart it.The proposed scheme also supports decentralized obfuscation where even the participants of the obfuscation process cannot learn secrets in the obfuscated smart contract unless all of them are malicious.As its applications,we present a new trustless bitcoin bridge mechanism that exposes no secret key and privacy-preserving anti-money laundering built into smart contracts. 展开更多
关键词 Privacy-preserving smart contract Blockchain Cryptographic obfuscation Witness encryption Blockchain bridge mechanism
原文传递
Layered obfuscation:a taxonomy of software obfuscation techniques for layered security 被引量:3
16
作者 Hui Xu Yangfan Zhou +1 位作者 Jiang Ming Michael Lyu 《Cybersecurity》 CSCD 2020年第1期356-373,共18页
Software obfuscation has been developed for over 30 years.A problem always confusing the communities is what security strength the technique can achieve.Nowadays,this problem becomes even harder as the software econom... Software obfuscation has been developed for over 30 years.A problem always confusing the communities is what security strength the technique can achieve.Nowadays,this problem becomes even harder as the software economy becomes more diversified.Inspired by the classic idea of layered security for risk management,we propose layered obfuscation as a promising way to realize reliable software obfuscation.Our concept is based on the fact that real-world software is usually complicated.Merely applying one or several obfuscation approaches in an ad-hoc way cannot achieve good obscurity.Layered obfuscation,on the other hand,aims to mitigate the risks of reverse software engineering by integrating different obfuscation techniques as a whole solution.In the paper,we conduct a systematic review of existing obfuscation techniques based on the idea of layered obfuscation and develop a novel taxonomy of obfuscation techniques.Following our taxonomy hierarchy,the obfuscation strategies under different branches are orthogonal to each other.In this way,it can assist developers in choosing obfuscation techniques and designing layered obfuscation solutions based on their specific requirements. 展开更多
关键词 Software obfuscation Layered security Element-layer obfuscation Component-layer obfuscation Inter-component obfuscation Application-layer obfuscation
原文传递
Generic,efficient,and effective deobfuscation and semantic-aware attack detection for Power Shell scripts 被引量:1
17
作者 Chunlin XIONG Zhenyuan LI +4 位作者 Yan CHEN Tiantian ZHU Jian WANG Hai YANG Wei RUAN 《Frontiers of Information Technology & Electronic Engineering》 SCIE EI CSCD 2022年第3期361-381,共21页
In recent years,Power Shell has increasingly been reported as appearing in a variety of cyber attacks.However,because the PowerShell language is dynamic by design and can construct script fragments at different levels... In recent years,Power Shell has increasingly been reported as appearing in a variety of cyber attacks.However,because the PowerShell language is dynamic by design and can construct script fragments at different levels,state-of-the-art static analysis based Power Shell attack detection approaches are inherently vulnerable to obfuscations.In this paper,we design the first generic,effective,and lightweight deobfuscation approach for PowerShell scripts.To precisely identify the obfuscated script fragments,we define obfuscation based on the differences in the impacts on the abstract syntax trees of PowerShell scripts and propose a novel emulation-based recovery technology.Furthermore,we design the first semantic-aware PowerShell attack detection system that leverages the classic objective-oriented association mining algorithm and newly identifies 31 semantic signatures.The experimental results on 2342 benign samples and 4141 malicious samples show that our deobfuscation method takes less than 0.5 s on average and increases the similarity between the obfuscated and original scripts from 0.5%to 93.2%.By deploying our deobfuscation method,the attack detection rates for Windows Defender and VirusTotal increase substantially from 0.33%and 2.65%to 78.9%and 94.0%,respectively.Moreover,our detection system outperforms both existing tools with a 96.7%true positive rate and a 0%false positive rate on average. 展开更多
关键词 POWERSHELL Abstract syntax tree Obfuscation and deobfuscation Malicious script detection
原文传递
Complete Bipartite Anonymity for Location Privacy
18
作者 董恺 顾涛 +1 位作者 陶先平 吕建 《Journal of Computer Science & Technology》 SCIE EI CSCD 2014年第6期1094-1110,共17页
Users are vulnerable to privacy risks when providing their location information to location-based services (LBS). Existing work sacrifices the quality of LBS by degrading spatial and temporal accuracy for ensuring u... Users are vulnerable to privacy risks when providing their location information to location-based services (LBS). Existing work sacrifices the quality of LBS by degrading spatial and temporal accuracy for ensuring user privacy. In this paper, we propose a novel approach, Complete Bipartite Anonymity (CBA), aiming to achieve both user privacy and quality of service. The theoretical basis of CBA is that: if the bipartite graph of k nearby users' paths can be transformed into a complete bipartite graph, then these users achieve k-anonymity since the set of "end points connecting to a specific start point in a graph" is an equivalence class. To achieve CBA, we design a Collaborative Path Confusion (CPC) protocol which enables nearby nsers to discover and authenticate each other without knowing their real identities or accurate locations, predict tile encounter location using users' moving pattern information, and generate fake traces obfuscating the real ones. We evaluate CBA using a real-world dataset, and compare its privacy performance with existing path confusion approach. The results show that CBA enhances location privacy by increasing the chance for a user confusing his/her path with others by 4 to 16 times in low user density areas. We also demonstrate that CBA is secure under the trace identification attack. 展开更多
关键词 location privacy K-ANONYMITY path confusion query obfuscation complete bipartite anonymity
原文传递
Research on location privacy protection method of sensor-cloud base station
19
作者 Zhao Guosheng Zhang Jingting Wang Jian 《The Journal of China Universities of Posts and Telecommunications》 EI CSCD 2021年第1期64-77,106,共15页
In view of the privacy security issues such as location information leakage in the interaction process between the base station and the sensor nodes in the sensor-cloud system, a base station location privacy protecti... In view of the privacy security issues such as location information leakage in the interaction process between the base station and the sensor nodes in the sensor-cloud system, a base station location privacy protection algorithm based on local differential privacy(LDP) is proposed. Firstly, through the local obfuscation algorithm(LOA), the base station can get the data of the real location and the pseudo location by flipping a coin, and then send the data to the fog layer, then the obfuscation location domain set is obtained. Secondly, in order to reconstruct the location distribution of the real location and the pseudo location in the base station, the location domain of the base station is divided into several decentralized sub-regions, and a privacy location reconstruction algorithm(PLRA) is performed in each sub-region. Finally, the base station correlates the location information of each sub-region, and then uploads the data information containing the disturbance location to the fog node layer. The simulation results show that compared with the existing base station location anonymity and security technique(BLAST) algorithm, the proposed method not only reduce the algorithm’s running time and network delay, but also improve the data availability. So the proposed method can protect the location privacy of the base station more safely and efficiently. 展开更多
关键词 sensor-cloud base station location local differential privacy obfuscation algorithm location reconstruction
原文传递
Layered obfuscation:a taxonomy of software obfuscation techniques for layered security
20
作者 Hui Xu Yangfan Zhou +1 位作者 Jiang Ming Michael Lyu 《Cybersecurity》 2018年第1期1030-1047,共18页
Software obfuscation has been developed for over 30 years.A problem always confusing the communities is what security strength the technique can achieve.Nowadays,this problem becomes even harder as the software econom... Software obfuscation has been developed for over 30 years.A problem always confusing the communities is what security strength the technique can achieve.Nowadays,this problem becomes even harder as the software economy becomes more diversified.Inspired by the classic idea of layered security for risk management,we propose layered obfuscation as a promising way to realize reliable software obfuscation.Our concept is based on the fact that real-world software is usually complicated.Merely applying one or several obfuscation approaches in an ad-hoc way cannot achieve good obscurity.Layered obfuscation,on the other hand,aims to mitigate the risks of reverse software engineering by integrating different obfuscation techniques as a whole solution.In the paper,we conduct a systematic review of existing obfuscation techniques based on the idea of layered obfuscation and develop a novel taxonomy of obfuscation techniques.Following our taxonomy hierarchy,the obfuscation strategies under different branches are orthogonal to each other.In this way,it can assist developers in choosing obfuscation techniques and designing layered obfuscation solutions based on their specific requirements. 展开更多
关键词 Software obfuscation Layered security Element-layer obfuscation Component-layer obfuscation Inter-component obfuscation Application-layer obfuscation
原文传递
上一页 1 2 下一页 到第
使用帮助 返回顶部