3,059 research outputs found
PowerDrive: Accurate De-Obfuscation and Analysis of PowerShell Malware
PowerShell is nowadays a widely-used technology to administrate and manage
Windows-based operating systems. However, it is also extensively used by
malware vectors to execute payloads or drop additional malicious contents.
Similarly to other scripting languages used by malware, PowerShell attacks are
challenging to analyze due to the extensive use of multiple obfuscation layers,
which make the real malicious code hard to be unveiled. To the best of our
knowledge, a comprehensive solution for properly de-obfuscating such attacks is
currently missing. In this paper, we present PowerDrive, an open-source, static
and dynamic multi-stage de-obfuscator for PowerShell attacks. PowerDrive
instruments the PowerShell code to progressively de-obfuscate it by showing the
analyst the employed obfuscation steps. We used PowerDrive to successfully
analyze thousands of PowerShell attacks extracted from various malware vectors
and executables. The attained results show interesting patterns used by
attackers to devise their malicious scripts. Moreover, we provide a taxonomy of
behavioral models adopted by the analyzed codes and a comprehensive list of the
malicious domains contacted during the analysis
SeMA: A Design Methodology for Building Secure Android Apps
UX (user experience) designers visually capture the UX of an app via
storyboards. This method is also used in Android app development to
conceptualize and design apps.
Recently, security has become an integral part of Android app UX because
mobile apps are used to perform critical activities such as banking,
communication, and health. Therefore, securing user information is imperative
in mobile apps.
In this context, storyboarding tools offer limited capabilities to capture
and reason about security requirements of an app. Consequently, security cannot
be baked into the app at design time. Hence, vulnerabilities stemming from
design flaws can often occur in apps. To address this concern, in this paper,
we propose a storyboard based design methodology to enable the specification
and verification of security properties of an Android app at design time.Comment: Updates based on AMobile 2019 review
- …