检索结果-内蒙古大学图书馆

Ransomware Attacks of the COVID-19 Pandemic: Novel Strains, Victims, and Threat Actors

IT PROFESSIONAL 2023年第5期25卷 37-44页

作者： Baig, Zubair Mekala, Sri Harsha Zeadally, Sherali Deakin Univ Sch Informat Technol Cybersecur Geelong Vic 3216 Australia Deakin Univ Cybersecur Geelong Vic 3216 Australia Univ Kentucky Coll Commun & Informat Lexington KY 40506 USA

The COVID-19 pandemic has exposed many organizational vulnerabilities to cyber threats, with ransomware being at the top of the list. These can be attributed mainly to consolidated accessibility as organizational vision to enable remote connectivity to their digital resources for maintaining uninterrupted and safe business operations. During the period 2020-2022, there was a noted and significant disparity between the demand for IT support services to sustain remote IT operations and the level of security controls contingent for maintaining uninterrupted and secure services over various digital platforms. According to many studies, the number of ransomware attacks increased by 150-200% through the course of the pandemic, which caused disruptions across a wide range of industries. We present a holistic analysis of popular ransomware attacks that have occurred during the COVID-19 pandemic (mainly during 2020-2022) and identify popular and novel ransomware strains that have impacted businesses.

关键词： COVID 19 Pandemics Computer Security Surveillance Ransomware Threat Assessment Business Pandemic Novel Strains Threat Actors Presence Of Network Top Of The List Encrypted Data Wide Range Of Industries Dark Web Data Integration Data Protection Confidential Information Two Factor Learning And Development Access Control Network Infrastructure Potential Vulnerability Data Backup executable file Cybercrime Android Devices Strong Defense Brute Force Method

来源：评论

学校读者我要写书评

暂无评论

Static Analysis Method on Portable executable files for REMNUX based Malware Identification 10

Static Analysis Method on Portable Executable Files for REMN...

引用

IEEE 10th International Conference on Awareness Science and Technology (iCAST)

作者： Salman, Muhammad Husna, Diyanatul Viani, Nindya Univ Indonesia Elect Engn Dept Depok Indonesia

ISBN: (纸本)9781728138213

Malware is one of the most dangerous threats in the digital world today and in the future. Today, technological developments do not only give benefits but also reap serious challenges. One of the threats is the breach of computer network security system. Malware can be inserted anywhere, especially on various types of files that can be downloaded from the internet. It is important to analyze malware for of its complex development. This research projects our work on testing and analyzing executable files by utilizing various tools on REMnux operating system. It is aimed to recognize whether a file is safe or contains malware. The results of this study indicated that REMnux can be an appropriate tool to check a file's characteristics in the form of malware or not based on anomalous data check, metadata of file integrity, section entropy, and function that will be executed by that executable file. In addition, the results can also estimate the impact of malware performance if the file execution is not intentionally done by reverse engineering.

关键词： executable file malware reverse engineering static analysis remnux

来源：评论

学校读者我要写书评

暂无评论

A Deep Learning Malicious Code Classification Method Combined with Texture Feature Extraction GSINET 21

A Deep Learning Malicious Code Classification Method Combine...

引用

Proceedings of the 2021 4th International Conference on Artificial Intelligence and Pattern Recognition

作者： Pengfei Wei Yong Zhang Ling Yue Jialu Xu School of Science and Technology Xi'an University of Posts and Telecommunications China School of Computer Science and Technology Xi'an University of Posts and Telecommunications China and Industry School of Modern Post Xi'an University of Posts and Telecommunications China School of Electronic Engineering Xi'an University of Posts and Telecommunications China

ISBN: (纸本)9781450384087

In recent years, malicious code attacks in the field of cyberspace security have become more and more serious. The traditional malicious code detection methods have low detection rate, incomplete feature extraction, time-consuming and laborious. This paper proposes a deep learning malicious code classification method combined with texture feature extraction. By pixelating binary executable files into gray images, on the basis of ensuring data balance and data accuracy, speed up robust feature (SURF) is used to extract texture features, and a malicious code classification and detection model gray scale image network (GSINet) is constructed based on convolution neural network (CNN) for training and classification detection. Experiments show that compared with the traditional bag-of-words model combined with classifiers, the accuracy of this method has increased by 13.3%; Compared with the existing detection methods, the accuracy rate is 99.0%, and the false positive rate is only 1%. In conclusion, the deep learning malicious code classification method combined with texture feature extraction effectively improves the accuracy of malicious code detection and reduces the false positive rate.

关键词： convolution neural network deep learning executable file feature extraction malicious code classification

来源：评论

学校读者我要写书评

暂无评论

On the undetectability of payloads generated through automatic tools: A human-oriented approach

引用

CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE 2021年第19期33卷 e6351-e6351页

作者： Carpentieri, Bruno Castiglione, Arcangelo Palmieri, Francesco Pizzolante, Raffaele Univ Salerno Dept Comp Sci Fisciano Italy

Nowadays, several tools have been proposed to support the operations performed during a security assessment process. In particular, it is a common practice to rely on automated tools to carry out some phases of this process in an automatic or semiautomatic way. In this article, we focus on tools for the automatic generation of custom executable payloads. Then, we will show how these tools can be transformed, through some human-oriented modifications on the generated payloads, into threats for a given asset's security. The danger of such threats lies in the fact that they may not be detected by common antivirus (AVs). More precisely, in this article, we show a general approach to make a payload generated through automated tools run undetected by most AVs. In detail, we first analyze and explain most of the methods used by AVs to recognize malicious payloads and, for each one of them, we outline the relative strengths and flaws, showing how these flaws could be exploited using a general approach to evade AVs controls, by performing simple human-oriented operations on the payloads. The testing activity we performed shows that our proposal is helpful in evading virtually all the most popular AVs on the market. Therefore, low-skilled malicious users could easily use our approach.

关键词： antivirus evasion code obfuscation technique emerging threats executable file malicious code shellcode inspection

来源：评论

学校读者我要写书评

暂无评论

Detecting Unknown Malware from ASCII Strings with Natural Language Processing Techniques 14

Detecting Unknown Malware from ASCII Strings with Natural La...

引用

14th Annual Asia Joint Conference on Information Security (AsiaJCIS)

作者： Ito, Ryo Mimura, Mamoru Natl Def Acad Dept Comp Sci Yokosuka Kanagawa Japan

ISBN: (纸本)9781728125565

Attackers often use an executable file (malware) as a tool to obtain sensitive information from specific companies and individuals. Anti-virus software attempts to detect the malware by pattern matching method etc. However, it is difficult to detect unknown malware in these methods. The unknown malware is detected by a sandbox, etc. We consider another method because the sandbox requires much time for running ASCII strings extracted from executable files are helpful for analyzing malware. With the recent development of natural language processing (NLP) techniques, it is becoming possible to use these strings as a malware detection method. In this paper, we propose a malware detection method using ASCII strings with NLP techniques. Our method divides these strings into words, and distinguishes the difference of the words between benign and malicious executable files. To compare with the arrangement of words or the frequency of appearing words, uncommon words are unnecessary in NLP techniques. Thus, we consider that reducing the uncommon words improves the detection rate. Our method converts a corpus of frequent words into a feature vector with natural language processing techniques. In our experiments, we used a dataset containing more than 23,000 malware samples (more than 2,100 malware families) provided by FFRI and more than 16,000 benign files collected from "***". Our method achieves the F-measure more than 0.85. The experimental results show that our method detects unknown malware with high accuracy.

关键词： executable file malware detection machine learning SVM natural language processing Doc2Vec LSI

来源：评论

学校读者我要写书评

暂无评论

Sgi :: Iris4D :: 007-0904-020 Learning to Debug with Edge Fortran Edition V2.0 1988

引用

2016年

Sgi :: Iris4D :: 007-0904-020 Learning to Debug with Edge Fortran Edition V2.0 1988 by published by

关键词： advanced commands code command commands cursor debug edge edge commands edition elusive bugs executable file file fortran fortran edition input file iris4d learning left mouse output file program select source source code source window

来源：评论

学校读者我要写书评

暂无评论

Application of compiler transformations against software vulnerabilities exploitation

引用

PROGRAMMING AND COMPUTER SOFTWARE 2015年第4期41卷 231-236页

作者： Nurmukhametov, A. R. Kurmangaleev, Sh. F. Kaushan, V. V. Gaissaryan, S. S. Russian Acad Sci Inst Syst Programming Moscow 109004 Russia

Software vulnerabilities are a serious threat for security of information systems. Any software written in C/C++ contain considerable amount of vulnerabilities. Some of them can be used by attackers to seize control of the system. In this paper, for counteracting such vulnerabilities, we propose to use compiler transformations: function reordering by permutation within a module, insertion of additional local variables into the function's stack, local variables hashing on the stack. By means of these transformations, it is suggested to generate a diversified population of executable files of the application being compiled. Such an approach, for example, complicates planning of the ROP attacks on the entire population. Having obtained a single executable file, the attacker can create an ROP exploit, which works only for this version of the application. The other executable files of the population will remain insensitive to this attack.

关键词： Retinopathy of Prematurity computer software Furnace conveyors control systems Confidential Information executable file Attackers compilers Function Population Permutation

来源：评论

学校读者我要写书评

暂无评论

RocSampler: Regularizing overlapping protein complexes in protein-protein interaction networks

RocSampler: Regularizing overlapping protein complexes in pr...

引用

IEEE International Conference on Computational Advances in Bio and Medical Sciences (ICCABS)

作者： Osamu Maruyama Yuki Kuwahara Institute of Mathematics for Industry Kyushu University Fukuoka 819-0395 Japan Graduate School of Mathematics Kyushu University Fukuoka 819-0395 Japan

ISBN: (纸本)9781509042005

In this paper, we address the problem of protein complex prediction from a PPI network. This problem has two difficulties. One is that small complexes of size two and three are the majority of complexes recorded in databases, though it is relatively difficult to identify those small complexes due to their simple structure. Another is how to model the overlap between two predicted complexes because some known complexes are known to share the same proteins. Thus, such a model is a critical issue for accurate prediction. We have proposed a sampling-based protein complex prediction method, RocSampler (Regularizing Overlapping Complexes), which exploits, as part of a scoring function, regularization terms for the overlaps of predicted complexes and the distribution of sizes of predicted complexes. We have applied it to five yeast PPI networks and shown that it is superior to other existing methods. An executable file on Windows of RocSampler is available at http://***/∼om/software/RocSampler/.

关键词： Complexes complexes Protein-Protein Interaction overlaps Protein Interaction Maps windows windows executable file pulse position indicator Database

来源：评论

学校读者我要写书评

暂无评论

Research and Implementation of executable file Compression for Mobile Terminals of MIS

Research and Implementation of Executable File Compression f...

引用

Global Mobile Congress 2009

作者： Huang Xiao-jun Yang Jing Du Wen Beijing Univ Posts & Telecom Key Lab Univ Wireless Commun Minist Educ Beijing Peoples R China

ISBN: (纸本)9781424453023

An executable file compression solution for mobile terminals of MIS was proposed, optimal compression algorithm was selected and ported to BREW platform. Meanwhile, concrete implementation of this proposal was given. Experiment results on mobile terminals using Arm7 chip show that, under the premise of guaranteeing the running speed of the application, this solution with strong practicability can reduce the executable file size to 35 similar to 55 percents of its origin, which has a significant savings in storage capacity of mobile phones on CDMA platform, and has greatly reduced the network transmission time of the executable file.

关键词： executable file Compression Algorithm Mobile terminals

来源：评论

学校读者我要写书评

暂无评论

Detecting Forensically Relevant Information From PE executables

Detecting Forensically Relevant Information From PE Executab...

引用

International Conference on Recent Trends in Information Technology (ICRTIT)

作者： Jophin, Shany Vijayan, Meera Dija, S. Adi Shankara Inst Engn & Technol Dept Comp Sci Kalady India CDAC Resource Ctr Cyber Forens Trivandrum Kerala India

ISBN: (纸本)9781479910243

Cyber forensics analysis is the procedure to find crucial evidence with respect to a crime from a digital media. Malware forensics and Network security plays a crucial role in the current scenario where malware attacks are a common problem. A malicious software which can be commonly termed as a malware would cause interruption to a computer operation and may collect necessary information or illegally access private systems. A malware may either take the form of a script, code, spyware and many other kinds of malicious programs. Reverse engineering principles are applied in this domain to analyze malware. It is the comprehensive process of breaking software to figure out how it works. This paper proposes an advanced and resource friendly malware forensics analysis procedure which uses the principles of static analysis to figure out the exact purpose of an executable file. Portable executable format can be explored with higher accuracy using the proposed method.

关键词： Network Security Portable executable Format Reverse Engineering executable file Cyber Forensics Malware Analysis

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：