Steganalysis of Hydan

Hydan is a steganographic tool which can be used to hide any kind of information inside executable files. In this work, we present an efficient distinguisher for it: We have developed a system that is able to detect executable files with embedded information through Hydan. Our system uses statistical analysis of instruction set distribution to distinguish between files with no hidden information and files that have been modified with Hydan. We have tested our algorithm against a mix of clean and stego-executable files. The proposed distinguisher is able to tell apart these files with a 0 ratio of false positives and negatives, thus detecting all files with hidden information through Hydan

Expanding the frontiers of Nigerian copyright laws in the age of social media

The social media is an avenue which promotes intellectual creativity and a minefield of ideas which can be deployed into important works. The Copyright Act (Cap C28, LFN 2004), lists the works which are eligible for copyright protection. Works in digital format may or may not fit into these protected categories. Multimedia works obscure the clear cut distinction of categories of works as they combine works of different kinds. They are also not static as they evolve with technology. It has been recommended that the different categories of works be protected according to their distinct features. We opine that this is untidy and does not make for uniformity. Also, the concept of fixation (on a stable material or medium) seems difficult to sustain as a pre-requisite for the qualification of a creation as a copyright work since intangibility and a transitory nature are common features of works placed on the internet. Sequel to the above, it is imperative to fix certain duties on online service providers just like other countries have done; duty to give notice of illegal activities and duty of identification of infringers upon request of the investigative authorities. Infringers should also be made to account for profits while the infringing contents were up. Finally, due to the potential for commercial exploitation of user- generated contents on social media sites, they should use effective content identification technology to eliminate from their services all infringing user generated contents.Keywords: Copyright, Multimedia, Fixation, User- Generated Content, Social Media, Internet, Online Service Provider

MP3 audio steganography technique using extended least significant bit

Audio Steganography is the process of concealing secret messages into audio file. The goal for using audio steganography is to avoid drawing suspicion to the transmission of the secret message. Prior research studies have indicated that the main properties in steganography technique are imperceptibility, robustness and capacity. MP3 file is a popular audio media, which provides different compression rate and performing steganography in MP3 format after compression is the most desirable one. To date, there is not much research work that embeds messages after compression. An audio steganographic technique that utilizes Standard Least Significant Bits (SLSB) of the audio stream to embed secret message has gained popularity over the years. Unfortunately the technique suffers from imperceptibility, security and capacity. This research offers an extended Least Significant Bit (XLSB) technique in order to circumvent the weakness. The secret message is scrambled before embedding. Scrambling technique is introduced in two steps; partitioning the secret message (speech) into blocks followed by block permutation, in order to confuse the contents of the secret message. To enhance difficulty for attackers to retrieve the secret message, the message is not embedded in every byte of the audio file. Instead the first position of embedding bit is chosen randomly and the rest of the bits are embedded only in even value of bytes of the audio file. For extracting the secret message, the permutation code book is used to reorder the message blocks into its original form. Md5sum and SHA-256 are used to verify whether the secret message is altered or not during transmission. Experimental results measured by peak signal to noise ratio, bit error rate, Pearson Correlation and chi-square show that the XLSB performs better than SLSB. Moreover, XLSB can embed a maximum of 750KB into MP3 file with 30db average result. This research contributes to the information security community by providing more secure steganography technique which provides message confidentiality and integrity

This property's mine; or the point missed entirely? The coevolution of copyright and technological protection measures; a framework for analysis

Through the location of the mechanisms and forms that support our current state of being, I seek to illustrate imbalances in legal scholarship pertaining to Technological Protection Measures ('TPM'). In the process of this undertaking, a second intention can be ascertained, namely the inaugural formulation of an analytical framework that not only vitalises TPM scholarship, but other areas of the law grappling with the same technological problems posed by late modernity. This framework is ultimately described as Deleuzo-Foucauldian, emanating from the critical theories of Gilles Deleuze and Michel Foucault and a subset of academics that have either made similar observations, or elaborated on their legacies. After introducing the central preoccupation of this thesis in chapter one, chapter two will outline the critical theories underpinning the Deleuzo-Foucauldian framework I wish to advocate. In chapter three I describe the historical evolution of TPM, and illustrate how the general academic perception that TPM are a distinctly late- modem phenomenon is an illusory myth. Advocating that we undertake the writing of a Foucauldian 'genealogy' of TPM, in this process, will enable us to observe the contingencies that have brought about changes in copyright law and technological development and to observe power relations and diagrammatic shifts that have rendered a correlative evolution of copyright and technology problematic. In chapter four I attend to a strict legal analysis of the law on books, redressing what I perceive to be a predominantly US-centric approach to legal academia pertaining to TPM and copyright, drawing an analysis between US and European legislation. In chapter five I discuss the peculiar relationship of the role of law, with respect to those seeking to pursue legitimate fair use rights or permitted exceptions to copyright prevented by TPM. I also address oft-overlooked rhetorical tropes pertaining to IP generally, and TPM specifically. Finally, in chapter six I offer a conclusion

Author Retains Full Rights

Software and systems complexity can have a profound impact on information security. Such complexity is not only imposed by the imperative technical challenges of monitored heterogeneous and dynamic (IP and VLAN assignments) network infrastructures, but also through the advances in exploits and malware distribution mechanisms driven by the underground economics. In addition, operational business constraints (disruptions and consequences, manpower, and end-user satisfaction), increase the complexity of the problem domain... Copyright SANS Institut

Integrating Multiple Data Views for Improved Malware Analysis

Malicious software (malware) has become a prominent fixture in computing. There have been many methods developed over the years to combat the spread of malware, but these methods have inevitably been met with countermeasures. For instance, signature-based malware detection gave rise to polymorphic viruses. This arms race\u27 will undoubtedly continue for the foreseeable future as the incentives to develop novel malware continue to outweigh the costs. In this dissertation, I describe analysis frameworks for three important problems related to malware: classification, clustering, and phylogenetic reconstruction. The important component of my methods is that they all take into account multiple views of malware. Typically, analysis has been performed in either the static domain (e.g. the byte information of the executable) or the dynamic domain (e.g. system call traces). This dissertation develops frameworks that can easily incorporate well-studied views from both domains, as well as any new views that may become popular in the future. The only restriction that must be met is that a positive semidefinite similarity (kernel) matrix must be defined on the view, a restriction that is easily met in practice. While the classification problem can be solved with well known multiple kernel learning techniques, the clustering and phylogenetic problems required the development of novel machine learning methods, which I present in this dissertation. It is important to note that although these methods were developed in the context of the malware problem, they are applicable to a wide variety of domains

Internet based molecular collaborative and publishing tools

The scientific electronic publishing model has hitherto been an Internet based delivery of electronic articles that are essentially replicas of their paper counterparts. They contain little in the way of added semantics that may better expose the science, assist the peer review process and facilitate follow on collaborations, even though the enabling technologies have been around for some time and are mature. This thesis will examine the evolution of chemical electronic publishing over the past 15 years. It will illustrate, which the help of two frameworks, how publishers should be exploiting technologies to improve the semantics of chemical journal articles, namely their value added features and relationships with other chemical resources on the Web. The first framework is an early exemplar of structured and scalable electronic publishing where a Web content management system and a molecular database are integrated. It employs a test bed of articles from several RSC journals and supporting molecular coordinate and connectivity information. The value of converting 3D molecular expressions in chemical file formats, such as the MOL file, into more generic 3D graphics formats, such as Web3D, is assessed. This exemplar highlights the use of metadata management for bidirectional hyperlink maintenance in electronic publishing. The second framework repurposes this metadata management concept into a Semantic Web application called SemanticEye. SemanticEye demonstrates how relationships between chemical electronic articles and other chemical resources are established. It adapts the successful semantic model used for digital music metadata management by popular applications such as iTunes. Globally unique identifiers enable relationships to be established between articles and other resources on the Web and SemanticEye implements two: the Document Object Identifier (DOI) for articles and the IUPAC International Chemical Identifier (InChI) for molecules. SemanticEye’s potential as a framework for seeding collaborations between researchers, who have hitherto never met, is explored using FOAF, the friend-of-a-friend Semantic Web standard for social networks