English
Related papers

Related papers: Towards Generic Deobfuscation of Windows API Calls

200 papers

Static malware analysis is well-suited to endpoint anti-virus systems as it can be conducted quickly by examining the features of an executable piece of code and matching it to previously observed malicious code. However, static code…

Cryptography and Security · Computer Science 2018-06-19 Matilda Rhode , Pete Burnap , Kevin Jones

JavaScript is a popular attack vector for releasing malicious payloads on unsuspecting Internet users. Authors of this malicious JavaScript often employ numerous obfuscation techniques in order to prevent the automatic detection by…

Cryptography and Security · Computer Science 2020-09-22 Adrian Herrera

Analyzing the behavior of a program running on a processor that supports speculative execution is crucial for applications such as execution time estimation and side channel detection. Unfortunately, existing static analysis techniques…

Programming Languages · Computer Science 2019-08-16 Meng Wu , Chao Wang

To avoid detection, adversaries often use command-line obfuscation. There are numerous techniques of the command-line obfuscation, all designed to alter the command-line syntax without affecting its original functionality. This variability…

Cryptography and Security · Computer Science 2024-08-06 Vojtech Outrata , Michael Adam Polak , Martin Kopp

Both malware and antivirus detection tools advance in their capabilities. Malware aim is to evade the detection while antivirus is to detect the malware. Over time, the detection techniques evolved from simple static signature matching over…

Cryptography and Security · Computer Science 2019-06-26 Ivica Stipovic

In this paper, we present a black-box attack against API call based machine learning malware classifiers, focusing on generating adversarial sequences combining API calls and static features (e.g., printable strings) that will be…

Cryptography and Security · Computer Science 2018-06-26 Ishai Rosenberg , Asaf Shabtai , Lior Rokach , Yuval Elovici

Most behavioral detectors of malware remain specific to a given language and platform, mostly PE executables for Windows. The objective of this paper is to define a generic approach for behavioral detection based on two layers respectively…

Cryptography and Security · Computer Science 2009-02-03 Gregoire Jacob , Herve Debar , Eric Filiol

We present a new approach that bridges binary analysis techniques with machine learning classification for the purpose of providing a static and generic evaluation technique for opaque predicates, regardless of their constructions. We use…

Cryptography and Security · Computer Science 2019-09-05 Ramtine Tofighi-Shirazi , Irina Asăvoae , Philippe Elbaz-Vincent , Thanh-Ha Le

As the web moves away from stateful tracking, browser fingerprinting is becoming more prevalent. Unfortunately, existing approaches to detect browser fingerprinting do not take into account potential evasion tactics such as code…

Cryptography and Security · Computer Science 2022-06-29 Ray Ngan , Surya Konkimalla , Zubair Shafiq

Control Flow Graphs are one of the main data sources for software analysis that use dynamic and static software analysis methods. Protected software and modern malware increasingly depend on dynamic code loading techniques to evade static…

Cryptography and Security · Computer Science 2026-05-29 Oleksandr Mostovyi

Despite their ability to aid developers in detecting potential defects early in the software development life cycle, static analysis tools often suffer from precision issues (i.e., high false positive rates of reported alarms). To improve…

Software Engineering · Computer Science 2024-01-22 Yuwei Zhang , Ying Xing , Ge Li , Zhi Jin

It is needed to ensure the integrity of systems that process sensitive information and control many aspects of everyday life. We examine the use of machine learning algorithms to detect malware using the system calls generated by…

Cryptography and Security · Computer Science 2018-10-01 Michael R. Smith , Joe B. Ingram , Christopher C. Lamb , Timothy J. Draelos , Justin E. Doak , James B. Aimone , Conrad D. James

Application Programming Interfaces (APIs) often have usage constraints, such as restrictions on call order or call conditions. API misuses, i.e., violations of these constraints, may lead to software crashes, bugs, and vulnerabilities.…

Software Engineering · Computer Science 2018-03-14 Sven Amann , Hoan Anh Nguyen , Sarah Nadi , Tien N. Nguyen , Mira Mezini

Malware analysis techniques are divided into static and dynamic analysis. Both techniques can be bypassed by circumvention techniques such as obfuscation. In a series of works, the authors have promoted the use of symbolic executions…

Cryptography and Security · Computer Science 2022-04-13 Charles-Henry Bertrand Van Ouytsel , Axel Legay

Speculative execution attacks undermine the security of constant-time programming, the standard technique used to prevent microarchitectural side channels in security-sensitive software such as cryptographic code. Constant-time code must…

Cryptography and Security · Computer Science 2023-12-18 Rutvik Choudhary , Alan Wang , Zirui Neil Zhao , Adam Morrison , Christopher W. Fletcher

AI methods have been proven to yield impressive performance on Android malware detection. However, most AI-based methods make predictions of suspicious samples in a black-box manner without transparency on models' inference. The expectation…

Cryptography and Security · Computer Science 2022-11-21 Zhi Lu , Vrizlynn L. L. Thing

A novel approach to malware classification is introduced based on analysis of instruction traces that are collected dynamically from the program in question. The method has been implemented online in a sandbox environment (i.e., a security…

Applications · Statistics 2014-04-10 Curtis Storlie , Blake Anderson , Scott Vander Wiel , Daniel Quist , Curtis Hash , Nathan Brown

Malwares are becoming persistent by creating full- edged variants of the same or different family. Malwares belonging to same family share same characteristics in their functionality of spreading infections into the victim computer. These…

Cryptography and Security · Computer Science 2017-07-11 Anishka Singh , Rohit Arora , Himanshu Pareek

This study independently reproduces the malware detection methodology presented by Felli cious et al. [7], which employs order-invariant API call frequency analysis using Random Forest classification. We utilized the original public dataset…

Cryptography and Security · Computer Science 2026-01-14 Juhani Merilehto

The continuous increase in malware samples, both in sophistication and number, presents many challenges for organizations and analysts, who must cope with thousands of new heterogeneous samples daily. This requires robust methods to quickly…

Cryptography and Security · Computer Science 2025-03-26 Theodoros Apostolopoulos , Vasilios Koutsokostas , Nikolaos Totosis , Constantinos Patsakis , Georgios Smaragdakis