301,786 research outputs found
Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers
In this paper, we present a black-box attack against API call based machine
learning malware classifiers, focusing on generating adversarial sequences
combining API calls and static features (e.g., printable strings) that will be
misclassified by the classifier without affecting the malware functionality. We
show that this attack is effective against many classifiers due to the
transferability principle between RNN variants, feed forward DNNs, and
traditional machine learning classifiers such as SVM. We also implement GADGET,
a software framework to convert any malware binary to a binary undetected by
malware classifiers, using the proposed attack, without access to the malware
source code.Comment: Accepted as a conference paper at RAID 201
JooFlux: Hijacking Java 7 InvokeDynamic To Support Live Code Modifications
Changing functional and non-functional software implementation at runtime is
useful and even sometimes critical both in development and production
environments. JooFlux is a JVM agent that allows both the dynamic replacement
of method implementations and the application of aspect advices. It works by
doing bytecode transformation to take advantage of the new invokedynamic
instruction added in Java SE 7 to help implementing dynamic languages for the
JVM. JooFlux can be managed using a JMX agent so as to operate dynamic
modifications at runtime, without resorting to a dedicated domain-specific
language. We compared JooFlux with existing AOP platforms and dynamic
languages. Results demonstrate that JooFlux performances are close to the Java
ones --- with most of the time a marginal overhead, and sometimes a gain ---
where AOP platforms and dynamic languages present significant overheads. This
paves the way for interesting future evolutions and applications of JooFlux
Recommended from our members
UPC++ v1.0 Programmer’s Guide, Revision 2020.3.0
UPC++ is a C++11 library that provides Partitioned Global Address Space (PGAS) programming. It is designed for writing parallel programs that run efficiently and scale well on distributed-memory parallel computers. The PGAS model is single program, multiple-data (SPMD), with each separate constituent process having access to local memory as it would in C++. However, PGAS also provides access to a global address space, which is allocated in shared segments that are distributed over the processes. UPC++ provides numerous methods for accessing and using global memory. In UPC++, all operations that access remote memory are explicit, which encourages programmers to be aware of the cost of communication and data movement. Moreover, all remote-memory access operations are by default asynchronous, to enable programmers to write code that scales well even on hundreds of thousands of cores
- …