English
Related papers

Related papers: Anonymous YARA Rules Are Not Anonymous

200 papers

YARA has established itself as the de facto standard for "Detection as Code," enabling analysts and DevSecOps practitioners to define signatures for malware identification across the software supply chain. Despite its pervasive use, the…

Software Engineering · Computer Science 2026-03-17 Dectot--Le Monnier de Gouville Esteban , Mohammad Hamdaqa , Moataz Chouchen

Yara rules are a ubiquitous tool among cybersecurity practitioners and analysts. Developing high-quality Yara rules to detect a malware family of interest can be labor- and time-intensive, even for expert users. Few tools exist and…

Cryptography and Security · Computer Science 2020-09-09 Edward Raff , Richard Zak , Gary Lopez Munoz , William Fleming , Hyrum S. Anderson , Bobby Filar , Charles Nicholas , James Holt

Malware often uses obfuscation techniques or is modified slightly to evade signature detection from antivirus software and malware analysis tools. Traditionally, to determine if a file is malicious and identify what type of malware a sample…

Cryptography and Security · Computer Science 2021-11-30 Adam Lockett

Attributing a piece of malware to its creator typically requires threat intelligence. Binary attribution increases the level of difficulty as it mostly relies upon the ability to disassemble binaries to identify authorship style. Our survey…

Cryptography and Security · Computer Science 2021-01-19 Jason Gray , Daniele Sgandurra , Lorenzo Cavallaro

A strategy used by malicious actors is to "live off the land," where benign systems and tools already available on a victim's systems are used and repurposed for the malicious actor's intent. In this work, we ask if there is a way for…

Cryptography and Security · Computer Science 2024-11-28 Siddhant Gupta , Fred Lu , Andrew Barlow , Edward Raff , Francis Ferraro , Cynthia Matuszek , Charles Nicholas , James Holt

Graphs of developer networks are important for software engineering research and practice. For these graphs to realistically represent the networks, accurate developer identities are imperative. We aim to identify developer identity errors…

Software Engineering · Computer Science 2019-01-14 Sadika Amreen , Audris Mockus , Chris Bogart , Yuxia Zhang , Russell Zaretzki

Polymorphic malware continually alters its structure to evade signature-based defences, challenging both commercial antivirus (AV) and enterprise detection systems. This study introduces a reproducible framework for analysing eight…

Cryptography and Security · Computer Science 2025-12-01 Shreyansh Swami , Ishwardeep Singh , Ujjwalpreet Singh , Chinmay Prawah Pant

There are many occasions in which the security community is interested to discover the authorship of malware binaries, either for digital forensics analysis of malware corpora or for thwarting live threats of malware invasion. Such a…

Cryptography and Security · Computer Science 2017-01-11 Saed Alrabaee , Paria Shirani , Mourad Debbabi , Lingyu Wang

Today's security tools predominantly rely on predefined rules crafted by experts, making them poorly adapted to the emergence of software supply chain attacks. To tackle this limitation, we propose a novel tool, RuleLLM, which leverages…

Software Engineering · Computer Science 2025-04-25 XiangRui Zhang , HaoYu Chen , Yongzhong He , Wenjia Niu , Qiang Li

The performance figures of modern drift-adaptive malware classifiers appear promising, but does this translate to genuine operational reliability? The standard evaluation paradigm primarily focuses on baseline performance metrics,…

Cryptography and Security · Computer Science 2026-01-22 Alexander Herzog , Aliai Eusebi , Lorenzo Cavallaro

Program authorship attribution has implications for the privacy of programmers who wish to contribute code anonymously. While previous work has shown that complete files that are individually authored can be attributed, we show here for the…

The ability to identify authors of computer programs based on their coding style is a direct threat to the privacy and anonymity of programmers. While recent work found that source code can be attributed to authors with high accuracy,…

Cryptography and Security · Computer Science 2017-12-19 Aylin Caliskan , Fabian Yamaguchi , Edwin Dauber , Richard Harang , Konrad Rieck , Rachel Greenstadt , Arvind Narayanan

Practitioners have reported a directional pattern in AI-assisted code generation: AI-generated code tends to fail quietly, preserving the appearance of functionality while degrading or concealing guarantees. This paper introduces the…

Software Engineering · Computer Science 2026-04-21 William M. Parris

Sandbox evasion remains a critical challenge for automated malware analysis, as modern malware employs environment checks to detect analysis platforms and suppress malicious behavior. Existing approaches rely on manually crafted bypass…

Cryptography and Security · Computer Science 2026-05-22 Zhiyong Sui , Lamine Noureddine , Mst Eshita Khatun , Sideeq Bello , Justin Woodring , Aisha Ali-Gombe

Where can we find malware source code? This question is motivated by a real need: there is a dearth of malware source code, which impedes various types of security research. Our work is driven by the following insight: public archives, like…

Cryptography and Security · Computer Science 2020-06-01 Md Omar Faruk Rokon , Risul Islam , Ahmad Darki , Vagelis E. Papalexakis , Michalis Faloutsos

We propose a novel type system for verifying that programs correctly implement constant-resource behavior. Our type system extends recent work on automatic amortized resource analysis (AARA), a set of techniques that automatically derive…

Programming Languages · Computer Science 2018-01-09 Van Chan Ngo , Mario Dehesa-Azuara , Matthew Fredrikson , Jan Hoffmann

The study of Code Stylometry, and in particular Code Authorship Attribution (CAA), aims to analyze coding styles to identify the authors of code samples. CAA is crucial in cybersecurity and software forensics for addressing, detecting…

Software Engineering · Computer Science 2025-06-23 Atish Kumar Dipongkor , Ziyu Yao , Kevin Moran

We introduce a family of information leakage measures called maximal $\alpha,\beta$-leakage, parameterized by real numbers $\alpha$ and $\beta$. The measure is formalized via an operational definition involving an adversary guessing an…

Information Theory · Computer Science 2022-11-29 Atefeh Gilani , Gowtham R. Kurri , Oliver Kosut , Lalitha Sankar

Malware family classification aims to identify the specific family (e.g., GuLoader or BitRAT) a malware sample may belong to, in contrast to malware detection or sample classification, which only predicts a Yes/No outcome. Accurate family…

Cryptography and Security · Computer Science 2025-10-28 Yufan Chen , Daoyuan Wu , Juantao Zhong , Zicheng Zhang , Debin Gao , Shuai Wang , Yingjiu Li , Ning Liu , Jiachi Chen , Rocky K. C. Chang

While attackers often distribute malware to victims via open-source, community-driven package repositories, these repositories do not currently run automated malware detection systems. In this work, we explore the security goals of the…

Cryptography and Security · Computer Science 2023-09-19 Duc-Ly Vu , Zachary Newman , John Speed Meyers
‹ Prev 1 2 3 10 Next ›