China
Africa
Explore chapters and articles related to this topic
Hardware Protection through Logic Obfuscation
Published in Suman Lata Tripathi, Sobhit Saxena, Sushanta Kumar Mohapatra, Advanced VLSI Design and Testability Issues, 2020
Jyotirmoy Pathak, Suman Lata Tripathi
With the recent burst in technology, the use of integrated circuits (ICs) in various fields has seen a tremendous increase. Due to this high demand, certain steps in the process of fabrication are done outside of the foundry, which makes it prone to several attacks. There are several processes employed for securing ICs against malicious attacks. One such method is known as hardware obfuscation. Hardware obfuscation basically means hiding the IC’s structure and function, which makes it much more difficult to reverse-engineer by the adversaries. The adversaries generally make use of reverse engineering to decipher the IC. Reverse engineering basically stands for the technology that is used to describe be the structure, functionality, and design of an IC. Once there is adequate knowledge of the inner structure of the circuit, it is quite easy to tamper it or use it illegally. Thereby, obfuscation provides a means of making the circuit structurally and functionally difficult to comprehend, which increases the cost and time required to reverse-engineer it, providing security.
Cybersecurity Incident Response in the Enterprise
Published in Mohiuddin Ahmed, Nour Moustafa, Abu Barkat, Paul Haskell-Dowland, Next-Generation Enterprise Security and Governance, 2022
Nickson M. Karie, Leslie F. Sikos
Successful exploitation can lead to the installation of malware, a backdoor or other ingress accessible to the attackers on the target systems. With an active exploit running on the target system, intruders may search for additional vulnerabilities or use privilege escalation to gain additional access to the system. Acquired privileges can then be used to install backdoors or remote access trojans that allow for persistence within the environment. Some malware may use obfuscation to conceal their presence and mask activities to avoid detection as well as thwart digital forensic investigation processes.
HMM Applications
Published in Mark Stamp, Introduction to Machine Learning with Applications in Information Security, 2017
From a high-level perspective, code obfuscation techniques include substitution, transposition, insertion, and deletion [109]. The specific code obfuscations implemented in several hacker-produced examples of metamorphic malware are summarized in Table 9.2.
A formally verified authentication protocol in secure framework for mobile healthcare during COVID-19-like pandemic
Published in Connection Science, 2021
Shaik Shakeel Ahamad, Al-Sakib Khan Pathan
One of the most critical attacks against MHA is repackaging attack (Chen et al., 2018) where an attacker with malicious intent alters an application distributed in the market and then redistributes it. In order to overcome the repackaging attacks on MHA from the get-go, our framework implements the following countermeasures: Self-Signing Restriction: This is a countermeasure against repackaging attacks. MHAs should be signed by both CA and CHA.Code Obfuscation: By obstructing analysis, it can prevent disclosure of logic or code (i.e. less chance of reverse engineering). SPMHF adopts logic obfuscation such as control obfuscation.Code Attestation: TPM and UICC are hardware-based platform security solutions in SPMHF. TPM ensures secure booting process from boot loader to the kernel of OS (Operating System) and loading of library modules. Platform integrity is checked remotely by privileged isolation between applications along with remote attestation. Thus, any forgery of data (exchanged between CCH and patient's application) can be detected.
Scalable Malware Detection System Using Distributed Deep Learning
Published in Cybernetics and Systems, 2023
Malware analysis is a difficult undertaking, and the following are some of the most prevalent difficulties encountered: - A signature-based method is used by the majority of malware detection tools. The suspicious binary file’s hash value is compared to their signature database. Despite its simplicity, the signature-based technique is incapable of identifying novel malware threats.To change the structure and pattern of a malware program to evade detection, the malware developers use code obfuscation. It is difficult for a malware analyst to decode or reverse engineer the obfuscated code.There is always the need to keep an eye on the live network. Live network monitoring, on the other hand, has never been an easy task. Traditional malware detection systems are incapable of handling large amounts of streaming data. Monitoring petabytes and exabytes of real-time streaming data through the network is a challenging scalability and performance issue.Data are communicated in many different formats by various devices linked to the network. The malware detection system must be capable of interpreting a variety of data formats, which is not an easy task. This topic has been studied by several researchers. However, it continues to be a difficult task.While certain machine learning and deep learning-based malware detection systems have demonstrated promising results in malware detection, one of the primary obstacles is the system’s learning time and detection delay.
Experiments with automatic software piracy detection utilising machine-learning classifiers for micro-signatures
Published in Journal of Experimental & Theoretical Artificial Intelligence, 2019
Alireza Khalilian, Alireza Mirzaeiyan, Mojtaba Vahidi-Asl, Hassan Haghighi
Obfuscation techniques (Baysa et al., 2013; Kaushal et al., 2012; Rajeswaran, 2015; Sridhara & Stamp, 2013) provide the major way to make metamorphic software. Register swap, garbage code insertion, instruction transposition, instruction reordering, code segment permutation and equivalent instruction replacement are among the most common obfuscation techniques (Sridhara & Stamp, 2013). A number of approaches have been proposed in the literature to detect metamorphic malware. Some of them include: Metamorphic Malware Analysis and Real-Time Detection (MARD) (Alam, Horspool, Traore, & Sogukpinar, 2015), methods based on Hidden Markov Models (HMMs) (Attaluri, 2007; Lin & Stamp, 2011; Wong & Stamp, 2006), Simple Substitution Distance (SSD) (Shanmugam et al., 2013), Opcode Graph Similarity (OGS) (Runwal et al., 2012), Singular Value Decomposition (SVD), Eigenvalue analysis (Deshpande, Park, & Stamp, 2014), structural entropy (Baysa et al., 2013), engine attribution (Chouchane, Stakhanova, Walenstein, & Lakhotia, 2013), repeated-instructions counting heuristics (Canfora, Iannaccone, & Visaggio, 2014) and function call graph analysis (Deshpande & Stamp, 2016). Although researchers have often achieved considerable effectiveness in their experiments, the current MMD approaches to some extent may face one or several of the following issues: Considerable false positives/negativesIneffectiveness against some types of obfuscation, particularly significant reduction in effectiveness against inserting a block of benign code into the malwareInappropriate runtime overheads, which make them inadequate for real-world applicationsThe complexity of the approach due to applying formal methods