Search Results (3)

The Aho-Corasick (AC) algorithm remains one of the most influential developments in deterministic multi-pattern matching due to its ability to recognize multiple strings in linear time within a single data stream. Originally conceived for bibliographic text retrieval, the structure of the algorithm is based on a trie augmented with failure links and output functions, which has proven to be remarkably adaptable across computational domains. This review presents a comprehensive synthesis of the AC algorithm, with details on its theoretical foundations, formal automaton structure, and operational principles, as well as tracing its historical evolution from text-search systems to large-scale malware detection. This work further explores the integration of Aho-Corasick automata within modern antivirus architectures, describing mechanisms of signature compilation, real-time scanning pipelines, and large-scale deployment in contemporary cybersecurity systems. The deterministic structure of the Aho-Corasick automaton provides linear-time pattern recognition relative to input size, while practical performance characteristics reflect memory and architecture constraints in large signature sets. This linear-time property enables predictable and efficient malware detection, where each byte of input induces a constant computational cost. Such deterministic efficiency makes the algorithm ideally suited for real-time antivirus scanning and signature-based threat identification. Thus, nearly fifty years after its inception, AC continues to bridge formal automata theory and modern cybersecurity practice. Full article

In this study, we propose a method for successfully evading antivirus detection by encoding malicious shellcode with fountain codes. The Meterpreter framework for Microsoft Windows 32-bit and 64-bit architectures was used to produce the shellcode used in this investigation. The experimental results proved that detection rates were substantially decreased. Specifically, the number of detected instances using antivirus vendors for 32-bit shellcode decreased from 18 to 3, while for 64-bit shellcode, it decreased from 16 to 1. This method breaks up a malicious payload into many packets, each with their own distinct structure, and then encodes them. This obfuscation approach maintains the shellcode’s integrity, ensuring correct code execution. However, in the persistence phase of the penetration testing process, this method offers an additional means of evading antivirus techniques. Full article

The internet of things (IoT) has prepared the way for a highly linked world, in which everything is interconnected, and information exchange has become more easily accessible via the internet, making it feasible for various applications that enrich the quality of human life. Despite such a potential vision, users’ privacy on these IoT devices is a significant concern. IoT devices are subject to threats from hackers and malware due to the explosive expansion of IoT and its use in commerce and critical infrastructures. Malware poses a severe danger to the availability and reliability of IoT devices. If left uncontrolled, it can have profound implications, as IoT devices and smart services can collect personally identifiable information (PII) without the user’s knowledge or consent. These devices often transfer their data into the cloud, where they are stored and processed to provide the end users with specific services. However, many IoT devices do not meet the same security criteria as non-IoT devices; most used schemes do not provide privacy and anonymity to legitimate users. Because there are so many IoT devices, so much malware is produced every day, and IoT nodes have so little CPU power, so antivirus cannot shield these networks from infection. Because of this, establishing a secure and private environment can greatly benefit from having a system for detecting malware in IoT devices. In this paper, we will analyze studies that have used ML as an approach to solve IoT privacy challenges, and also investigate the advantages and drawbacks of leveraging data in ML-based IoT privacy approaches. Our focus is on using ML models for detecting malware in IoT devices, specifically spyware, ransomware, and Trojan horse malware. We propose using ML techniques as a solution for privacy attack detection and test pattern generation in the IoT. The ML model can be trained to predict behavioral architecture. We discuss our experiments and evaluation using the “MalMemAnalysis” datasets, which focus on simulating real-world privacy-related obfuscated malware. We simulate several ML algorithms to prove their capabilities in detecting malicious attacks against privacy. The experimental analysis showcases the high accuracy and effectiveness of the proposed approach in detecting obfuscated and concealed malware, outperforming state-of-the-art methods by 99.50%, and would be helpful in safeguarding an IoT network from malware. Experimental analysis and results are provided in detail. Full article