Nowadays, several tools have been proposed to support the operations performed during a security assessment process. In particular, it is a common practice to rely on automated tools to carry out some phases of this p...
详细信息
Nowadays, several tools have been proposed to support the operations performed during a security assessment process. In particular, it is a common practice to rely on automated tools to carry out some phases of this process in an automatic or semiautomatic way. In this article, we focus on tools for the automatic generation of custom executable payloads. Then, we will show how these tools can be transformed, through some human-oriented modifications on the generated payloads, into threats for a given asset's security. The danger of such threats lies in the fact that they may not be detected by common antivirus (AVs). More precisely, in this article, we show a general approach to make a payload generated through automated tools run undetected by most AVs. In detail, we first analyze and explain most of the methods used by AVs to recognize malicious payloads and, for each one of them, we outline the relative strengths and flaws, showing how these flaws could be exploited using a general approach to evade AVs controls, by performing simple human-oriented operations on the payloads. The testing activity we performed shows that our proposal is helpful in evading virtually all the most popular AVs on the market. Therefore, low-skilled malicious users could easily use our approach.
In recent years, malicious code attacks in the field of cyberspace security have become more and more serious. The traditional malicious code detection methods have low detection rate, incomplete feature extraction, t...
详细信息
ISBN:
(纸本)9781450384087
In recent years, malicious code attacks in the field of cyberspace security have become more and more serious. The traditional malicious code detection methods have low detection rate, incomplete feature extraction, time-consuming and laborious. This paper proposes a deep learning malicious code classification method combined with texture feature extraction. By pixelating binary executable files into gray images, on the basis of ensuring data balance and data accuracy, speed up robust feature (SURF) is used to extract texture features, and a malicious code classification and detection model gray scale image network (GSINet) is constructed based on convolution neural network (CNN) for training and classification detection. Experiments show that compared with the traditional bag-of-words model combined with classifiers, the accuracy of this method has increased by 13.3%; Compared with the existing detection methods, the accuracy rate is 99.0%, and the false positive rate is only 1%. In conclusion, the deep learning malicious code classification method combined with texture feature extraction effectively improves the accuracy of malicious code detection and reduces the false positive rate.
In this paper, we address the problem of protein complex prediction from a PPI network. This problem has two difficulties. One is that small complexes of size two and three are the majority of complexes recorded in da...
详细信息
ISBN:
(纸本)9781509042005
In this paper, we address the problem of protein complex prediction from a PPI network. This problem has two difficulties. One is that small complexes of size two and three are the majority of complexes recorded in databases, though it is relatively difficult to identify those small complexes due to their simple structure. Another is how to model the overlap between two predicted complexes because some known complexes are known to share the same proteins. Thus, such a model is a critical issue for accurate prediction. We have proposed a sampling-based protein complex prediction method, RocSampler (Regularizing Overlapping Complexes), which exploits, as part of a scoring function, regularization terms for the overlaps of predicted complexes and the distribution of sizes of predicted complexes. We have applied it to five yeast PPI networks and shown that it is superior to other existing methods. An executable file on Windows of RocSampler is available at http://***/∼om/software/RocSampler/.
This paper presents an improvement of interpolation-based (k,n)-threshold secret image sharing (SIS) scheme, where a secret data payload is optimized using Lagrange Interpolation operated in GF(2~8). A secret data can...
详细信息
ISBN:
(纸本)9781467325264
This paper presents an improvement of interpolation-based (k,n)-threshold secret image sharing (SIS) scheme, where a secret data payload is optimized using Lagrange Interpolation operated in GF(2~8). A secret data can be not only images but also any type of files, such as documents and executable files, which is hidden using Least Significant Bit (LSB) steganography into n innocent-looking images called camouflage images. In order to recover the secret data, at least k (≤n) camouflage images are required. The proposed scheme provides an authentication mechanism by parity-bit checking and lossless recovery of the secret data using GF(2~8) operation. Controlling the value of k, the size of camouflage images can be controlled to avoid a pixel expansion occurred in conventional SIS schemes.
暂无评论