Malicious reverse engineering of software has served as a valuable technique for attackers to infringe upon and steal intellectual property. We can employ obfuscation techniques to protect against such attackers as useful tools to safeguard software....
Code obfuscation has become an essential practice in modern software development, designed to make source or machine code challenging for both humans and computers to comprehend. It plays a crucial role in cybersecurity by protecting intellectual pro...
As the most widely used description code in digital circuits and system on chip (SoC), the security of register transfer level (RTL) code is extremely critical. Code obfuscation is a typical method to ensure the security of RTL code, but popular obfu...
We present a novel methodology for classifying code obfuscation techniques in LLVM IR program embeddings. We apply isolated and layered code obfuscations to C source code using the Tigress obfuscator, compile them to LLVM IR, and convert each IR code...
With the increasing use of sophisticated obfuscation techniques, malware detection remains a critical challenge in cybersecurity. This paper introduces a novel deep learning approach to classify malware obfuscated by virtual machine (VM) code. We spe...
Despite recent remarkable advances in binary code analysis, malware developers still use complex anti-reversing techniques that make analysis difficult. Packers are used to protect malware, which are (commercial) tools that contain diverse anti-rever...
Websites on the Internet are becoming increasingly vulnerable to malicious JavaScript code because of its strong impact and dramatic effect. Numerous recent cyberattacks use JavaScript vulnerabilities, and in some cases employ obfuscation to conceal...
Process-level virtual machine (PVM) based code obfuscation is a viable means for protecting software against runtime code tampering and unauthorized code reverse engineering. PVM-based approaches rely on a VM to determine how instructions of the prot...
Technical job interviews have become a vulnerable environment for social engineering attacks, particularly when they involve direct interaction with malicious code. In this context, the present manuscript investigates an exploratory case study, aimin...
Android platform security is an active area of research where malware detection techniques continuously evolve to identify novel malware and improve the timely and accurate detection of existing malware. Adversaries are constantly in charge of employ...
In this paper, we present a method to create a safe arithmetic that can be used to obfuscate implementations that require operations over commutative groups. The method is based on the structure of the endomorphisms of certain extensions of the origi...
Malware authors apply different techniques of control flow obfuscation, in order to create new malware variants to avoid detection. Existing Siamese neural network (SNN)-based malware detection methods fail to correctly classify different malware fam...
With the improvement of software copyright protection awareness, code obfuscation technology plays a crucial role in protecting key code segments. As the obfuscation technology becomes more and more complex and diverse, it has spawned a large number...
API calls are programming interfaces used by applications. When it is difficult for an analyst to perform a direct reverse analysis of a program, the API provides an important basis for analyzing the behavior and functionality of the program. API add...
Original Entry Point (OEP) and API obfuscation techniques greatly hinder the analysis of malware. Contemporary packers, employing these sophisticated obfuscation strategies, continue to pose unresolved challenges, despite extensive research efforts....
Quantum obfuscation is one of the important primitives in quantum cryptography that can be used to enhance the security of various quantum cryptographic schemes. The research on quantum obfuscation focuses mainly on the obfuscatability of quantum fun...
Today’s sensor networks need robustness, security and efficiency with a high level of assurance. Error correction is an effective communicational technique that plays a critical role in maintaining robustness in informational transmission. The...
The swift evolution of information technology and growing connectivity in critical applications have elevated cybersecurity, protecting and certifying software and designs against rising cyber threats. For example, software and hardware have become h...
Recently, Android malicious code has increased dramatically and the technology of reinforcement is increasingly powerful. Due to the development of code obfuscation and polymorphic deformation technology, the current Android malicious code static det...
Malware detection and classification methods are being actively developed to protect personal information from hackers. Global images of malware (in a program that includes personal information) can be utilized to detect or classify it. This method i...
In the malware detection process, obfuscated malicious codes cannot be efficiently and accurately detected solely in the dynamic or static feature space. Aiming at this problem, an integrative feature extraction algorithm based on simhash was propose...
The detection and classification of threats in computer systems has been one of the main problems researched in Cybersecurity. As technology evolves, the tactics employed by adversaries have also become more sophisticated to evade detection systems....
Researchers have proposed different obfuscation transformations supported by numerous smartphone protection tools (obfuscators and deobfuscators). However, there is a need for a comprehensive study to empirically characterize these tools that belong...
Third-party library (TPL) reuse may introduce vulnerable or malicious code and expose the software, which exposes them to potential risks. Thus, it is essential to identify third-party dependencies and take immediate corrective action to fix critical...
Data-driven public security networking and computer systems are always under threat from malicious codes known as malware; therefore, a large amount of research and development is taking place to find effective countermeasures. These countermeasures...
In this study, we propose a method for successfully evading antivirus detection by encoding malicious shellcode with fountain codes. The Meterpreter framework for Microsoft Windows 32-bit and 64-bit architectures was used to produce the shellcode use...
Many open-source projects are developed by the community and have a common basis. The more source code is open, the more the project is open to contributors. The possibility of accidental or deliberate use of someone else’s source code as a clo...
This paper investigates federated learning (FL) for cross-site scripting (XSS) detection under out-of-distribution (OOD) drift. Real-world XSS traffic involves fragmented attacks, heterogeneous benign inputs, and client imbalance, which erode convent...
The methods proposed in this paper are leveraging Challenge–Response–Pair (CRP) mechanisms that are directly using each digital file as a source of randomness. Two use cases are considered: the protection and verification of authenticity...
Attacks using Uniform Resource Locators (URLs) and their JavaScript (JS) code content to perpetrate malicious activities on the Internet are rampant and continuously evolving. Methods such as blocklisting, client honeypots, domain reputation inspecti...
This study employed chaotic systems as an innovative approach for shellcode obfuscation to evade current antivirus detection methods. Standard AV solutions primarily rely on static signatures and heuristic analysis to identify malicious code. However...
Since its introduction, researching malware has had two main goals. On the one hand, malware writers have been focused on developing software that can cause more damage to a targeted host for as long as possible. On the other hand, malware analysts h...
Modern, commonly used cryptosystems based on encryption keys require that the length of the stream of encrypted data is approximately the length of the key or longer. In practice, this approach unnecessarily complicates strong encryption of very shor...
Detection and mitigation of modern malware are critical for the normal operation of an organisation. Traditional defence mechanisms are becoming increasingly ineffective due to the techniques used by attackers such as code obfuscation, metamorphism,...
A webshell is a command execution environment in the form of web pages. It is often used by attackers as a backdoor tool for web server operations. Accurately detecting webshells is of great significance to web server protection. Most security produc...
Coinhive released its browser-based cryptocurrency mining code in September 2017, and vicious web page writers, called vicious miners hereafter, began to embed mining JavaScript code into their web pages, called mining pages hereafter. As a result, b...
In the context of escalating network adversarial challenges, effectively identifying a Webshell processed using evasion techniques such as encoding, obfuscation, and nesting remains a critical challenge in the field of cybersecurity. To address the p...
This study introduces an energy-aware hybrid security framework that safeguards embedded systems against code theft, closing a critical gap. The approach integrates bitstream encryption, dynamic key generation, and Dynamic Function eXchange (DFX)-bas...
Malware have been tremendously growing in recent years. Most malware use obfuscation techniques for evasion and hiding purposes, but they preserve the functionality and malicious behavior of original code. Although most research work has been mainly...
With the increasing popularity of Android smartphones, malware targeting the Android platform is showing explosive growth. Currently, mainstream detection methods use static analysis methods to extract features of the software and apply machine learn...
Aiming at the problems of small key space and weak resistance to differential attacks in existing encryption algorithms, we proposed a chaotic digital image encryption scheme based on an optimized artificial fish swarm algorithm and DNA coding. First...
Modern malware poses a severe threat to cybersecurity, continually evolving in sophistication. To combat this threat, researchers and security professionals continuously explore advanced techniques for malware detection and analysis. Dynamic analysis...
In previous years, cybercriminals have utilized various strategies to evade identification, including obfuscation, confusion, and polymorphism technology, resulting in an exponential increase in the amount of malware that poses a serious threat to co...
Malware plays a critical role in network attacks, making its analysis essential for ensuring network security. To evade detection, malware developers often use packing techniques to hide malicious code, making it difficult for analysts to identify th...
Android ransomware is one of the most threatening attacks that is increasing at an alarming rate. Ransomware attacks usually target Android users by either locking their devices or encrypting their data files and then requesting them to pay money to...
In recent years, the presence of malware has been growing exponentially, resulting in enormous demand for efficient malware classification methods. However, the existing machine learning-based classifiers have high false positive rates and cannot eff...
Reversible data hiding in encrypted point clouds presents unique challenges due to their unstructured geometry, absence of mesh connectivity, and high sensitivity to spatial perturbations. In this paper, we propose an efficient and secure reversible...
The rapid growth of Internet-connected devices integrating into our everyday lives has no end in sight. As more devices and sensor networks are manufactured, security tends to be a low priority. However, the security of these devices is critical, and...
Smart contracts are deployed and represented as bytecodes in blockchain networks, and these bytecodes are machine-readable codes. Only a small number of deployed smart contracts have their verified human-readable code publicly accessible to blockchai...
Cross-site scripting (XSS) attacks are among the threats facing web security, resulting from the diversity and complexity of HTML formats. Research has shown that some text processing-based methods are limited in their ability to detect this type of...