63 research outputs found

    Evaluation Methodologies in Software Protection Research

    Full text link
    Man-at-the-end (MATE) attackers have full control over the system on which the attacked software runs, and try to break the confidentiality or integrity of assets embedded in the software. Both companies and malware authors want to prevent such attacks. This has driven an arms race between attackers and defenders, resulting in a plethora of different protection and analysis methods. However, it remains difficult to measure the strength of protections because MATE attackers can reach their goals in many different ways and a universally accepted evaluation methodology does not exist. This survey systematically reviews the evaluation methodologies of papers on obfuscation, a major class of protections against MATE attacks. For 572 papers, we collected 113 aspects of their evaluation methodologies, ranging from sample set types and sizes, over sample treatment, to performed measurements. We provide detailed insights into how the academic state of the art evaluates both the protections and analyses thereon. In summary, there is a clear need for better evaluation methodologies. We identify nine challenges for software protection evaluations, which represent threats to the validity, reproducibility, and interpretation of research results in the context of MATE attacks

    Analyzing the Unanalyzable: an Application to Android Apps

    Get PDF
    In general, software is unreliable. Its behavior can deviate from users’ expectations because of bugs, vulnerabilities, or even malicious code. Manually vetting software is a challenging, tedious, and highly-costly task that does not scale. To alleviate excessive costs and analysts’ burdens, automated static analysis techniques have been proposed by both the research and practitioner communities making static analysis a central topic in software engineering. In the meantime, mobile apps have considerably grown in importance. Today, most humans carry software in their pockets, with the Android operating system leading the market. Millions of apps have been proposed to the public so far, targeting a wide range of activities such as games, health, banking, GPS, etc. Hence, Android apps collect and manipulate a considerable amount of sensitive information, which puts users’ security and privacy at risk. Consequently, it is paramount to ensure that apps distributed through public channels (e.g., the Google Play) are free from malicious code. Hence, the research and practitioner communities have put much effort into devising new automated techniques to vet Android apps against malicious activities over the last decade. Analyzing Android apps is, however, challenging. On the one hand, the Android framework proposes constructs that can be used to evade dynamic analysis by triggering the malicious code only under certain circumstances, e.g., if the device is not an emulator and is currently connected to power. Hence, dynamic analyses can -easily- be fooled by malicious developers by making some code fragments difficult to reach. On the other hand, static analyses are challenged by Android-specific constructs that limit the coverage of off-the-shell static analyzers. The research community has already addressed some of these constructs, including inter-component communication or lifecycle methods. However, other constructs, such as implicit calls (i.e., when the Android framework asynchronously triggers a method in the app code), make some app code fragments unreachable to the static analyzers, while these fragments are executed when the app is run. Altogether, many apps’ code parts are unanalyzable: they are either not reachable by dynamic analyses or not covered by static analyzers. In this manuscript, we describe our contributions to the research effort from two angles: ① statically detecting malicious code that is difficult to access to dynamic analyzers because they are triggered under specific circumstances; and ② statically analyzing code not accessible to existing static analyzers to improve the comprehensiveness of app analyses. More precisely, in Part I, we first present a replication study of a state-of-the-art static logic bomb detector to better show its limitations. We then introduce a novel hybrid approach for detecting suspicious hidden sensitive operations towards triaging logic bombs. We finally detail the construction of a dataset of Android apps automatically infected with logic bombs. In Part II, we present our work to improve the comprehensiveness of Android apps’ static analysis. More specifically, we first show how we contributed to account for atypical inter-component communication in Android apps. Then, we present a novel approach to unify both the bytecode and native in Android apps to account for the multi-language trend in app development. Finally, we present our work to resolve conditional implicit calls in Android apps to improve static and dynamic analyzers

    Challenges and perspectives of hate speech research

    Get PDF
    This book is the result of a conference that could not take place. It is a collection of 26 texts that address and discuss the latest developments in international hate speech research from a wide range of disciplinary perspectives. This includes case studies from Brazil, Lebanon, Poland, Nigeria, and India, theoretical introductions to the concepts of hate speech, dangerous speech, incivility, toxicity, extreme speech, and dark participation, as well as reflections on methodological challenges such as scraping, annotation, datafication, implicity, explainability, and machine learning. As such, it provides a much-needed forum for cross-national and cross-disciplinary conversations in what is currently a very vibrant field of research

    Obfuscated Malware Detection in IoT Android Applications Using Markov Images and CNN

    Get PDF
    The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI linkThe threat of malware in the Internet of Things (IoT) is ever-present given that many IoT systems today rely on the Android operating system. There has been a consistent rise in Android malware recently, with new variants adopting sophisticated detection avoidance techniques, including various forms of obfuscation. Hence, there is a need to improve the effectiveness of Android malware detection as obfuscation becomes more prevalent in the wild. In this article, we present a novel approach for obfuscated malware detection in IoT Android applications based on the visualization of app executables with Markov images. The app images are trained using a convolutional neural network (CNN) to detect obfuscated malware and for the identification of the obfuscation type. We evaluate the performance of the proposed system by experimenting with four different classification models using 12000 Android applications. The CNN model created to distinguish between malware and benign apps obtained an accuracy of 99.41%. The model for identifying obfuscated malware from benign applications obtained 99.65% accuracy while the model created to identify obfuscated malware from non-obfuscated malware yielded an accuracy of 99.81%. The model for classifying obfuscated malware into 14 different obfuscation categories obtained an accuracy of 99.67%. These results show that CNN models trained from Markov images generated using application byte code can be highly effective for obfuscated malware detection and classification. Moreover, our proposed system provides a more sustainable and cost-effective method for obfuscated malware detection compared to the manual feature-engineering-based approaches that are more prevalent in the current literature

    Design, Implementation, and Automation of a Risk Management Approach for Man-at-the-End Software Protection

    Full text link
    The last years have seen an increase in Man-at-the-End (MATE) attacks against software applications, both in number and severity. However, software protection, which aims at mitigating MATE attacks, is dominated by fuzzy concepts and security-through-obscurity. This paper presents a rationale for adopting and standardizing the protection of software as a risk management process according to the NIST SP800-39 approach. We examine the relevant constructs, models, and methods needed for formalizing and automating the activities in this process in the context of MATE software protection. We highlight the open issues that the research community still has to address. We discuss the benefits that such an approach can bring to all stakeholders. In addition, we present a Proof of Concept (PoC) decision support system that instantiates many of the discussed construct, models, and methods and automates many activities in the risk analysis methodology for the protection of software. Despite being a prototype, the PoC's validation with industry experts indicated that several aspects of the proposed risk management process can already be formalized and automated with our existing toolbox and that it can actually assist decision-making in industrially relevant settings.Comment: Preprint submitted to Computers & Security. arXiv admin note: substantial text overlap with arXiv:2011.0726

    Code clone detection in obfuscated Android apps

    Get PDF
    The Android operating system has long become one of the main global smartphone operating systems. Both developers and malware authors often reuse code to expedite the process of creating new apps and malware samples. Code cloning is the most common way of reusing code in the process of developing Android apps. Finding code clones through the analysis of Android binary code is a challenging task that becomes more sophisticated when instances of code reuse are non-contiguous, reordered, or intertwined with other code. We introduce an approach for detecting cloned methods as well as small and non-contiguous code clones in obfuscated Android applications by simulating the execution of Android apps and then analyzing the subsequent execution traces. We first validate our approach’s ability on finding different types of code clones on 20 injected clones. Next we validate the resistance of our approach against obfuscation by comparing its results on a set of 1085 apps before and after code obfuscation. We obtain 78-87% similarity between the finding from non-obfuscated applications and four sets of obfuscated applications. We also investigated the presence of code clones among 1603 Android applications. We were able to find 44,776 code clones where 34% of code clones were seen from different applications and the rest are among different versions of an application. We also performed a comparative analysis between the clones found by our approach and the clones detected by Nicad on the source code of applications. Finally, we show a practical application of our approach for detecting variants of Android banking malware. Among 60,057 code clone clusters that are found among a dataset of banking malware, 92.9% of them were unique to one malware family or benign applications

    Tools and Algorithms for the Construction and Analysis of Systems

    Get PDF
    This open access book constitutes the proceedings of the 28th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2022, which was held during April 2-7, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 46 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 159 submissions. The proceedings also contain 16 tool papers of the affiliated competition SV-Comp and 1 paper consisting of the competition report. TACAS is a forum for researchers, developers, and users interested in rigorously based tools and algorithms for the construction and analysis of systems. The conference aims to bridge the gaps between different communities with this common interest and to support them in their quest to improve the utility, reliability, exibility, and efficiency of tools and algorithms for building computer-controlled systems

    Membership Inference Attacks: Threat Analysis

    Get PDF
    Στην σύγχρονη εποχή, οι εταιρίες και οι οργανισμοί σε όλο τον κόσμο, χρησιμοποιούν υπηρεσίες μοντέλων μηχανικής μάθησης, ως ένα εργαλείο για την βελτίωση της ζωής των πελατών τους. Αλγόριθμοι συστάσεων ταινιών, παιχνιδιών και τάσεων, μηχανές αναζήτη- σης, αλλά και ενδοεταιρικές υπηρεσίες σε φαρμακευτικούς, στρατιωτικούς οργανισμούς, λειτουργούν βασιζόμενοι σε μια συνεχή ροή δεδομένων, η οποία συνεχώς αυξάνεται σε όγκο και πλήθος. Οι χρήστες αγνοώντας το πως οι πάροχοι χρησιμοποιούν τα δεδομένα τους , συννενούν να παραδώσουν το δικαίωμα της ιδιωτικότητας των δεδομένων τους, βασιζόμενοι στον εκαστοτε οργανισμό για την διατήρηση της ανωνυμίας και της ιδιοτικότητας των ευαίσθη- των πληροφοριών τους. Απο την άλλη πλευρά, οι πάροχοι κατευνάζουν τις όποιες ανη- συχίες των χρηστών υποσχόμενοι πως χρησιμοποιούν τις τελευταίες τεχνολογίες ιδιοτι- κοποίησης δεδομένων, αγνοόντας το γεγονός ό,τι τα μοντέλα μηχανικής μάθησης, που τοσο πασχίζουν να βγάλουν στην παραγωγή, διαθέτουν ευπάθιες, οι οποίες διακιβεύουν τα ευαίσθητα, προσωπικά δεδομένα των χρηστών τους. Επιθέσεις, τετοιου τύπου ονομάζονται Population Inference attacks και συγκεκριμένα εμείς θα ασχοληθούμε με τα Membership Inference Attacks. Σε αυτές τις επιθέσεις, το μοντέλο θύμα, εκπαιδεύεται πάνω σε ένα κρυφό συνολο δεδομέ- νων, που αποτελεί τον στόχο. Ο κακόβουλος χρήστης από τη δικιά του πλευρά, προσπαθεί να συμπαιράνει αν κάποιοι χρήστες-στόχοι ανήκουν μέσα στο παραπάνω σύνολο εκπαί- δευσης. Ως προς της επίδειξη του κινδύνου μια τέτοιας επίθεσης σκεφτήκε ενα σενάριο όπου, ο επιτιθέμενος γνωρίζει πως τα κλινικά δεδομένα ενός χρήστη, χρησιμοποιήθηκαν για την εκπάιδευση ενός μοντέλου προβλεψεων σχετικών με μία ασθένεια. Ο επιτιθέμενος, γνωρίζει πλέον αν το θύμα έχει την ασθένεια ή όχι, εφόσον το μοντέλο του έχει εκθέσει τις προσωπικές πληροφορίες του θύματος. Η εργασίας αυτή έχει ως στόχο ο αναγνώστης να εξετάσει, αναλύσει και κατανοήσει τον τρόπο λειτουργίας των Membership Inference Attacks, καθώς και τις επιπτώσεις τους και τις διάφορετικές άμυνες που μπορεί κανείς να λάβει για να αποφευχθεί η διαρροή δεδο- μένων κατά την εκπάιδευση μοντέλων μηχανικής μάθησης. Για την καλύτερη κατανόηση και ενίσχυση των επιχειρημάτων που ακολουθούν, παρέ- χουμε διαγράμματα και πίνακες ως οπτίκά βοηθήματα.In the new era of data, companies and organizations around the world offer Machine Learning Services as a tool for enhancing people’s lives. Recommendation algorithms, search engine’s, intra-orgranization usage in medicine, military etc. Αll of the above are working on top of continuous data streams which are getting larger and more rich on user data, day by day. Users, unaware how their data are being used, accept terms and conditions, giving away the right of data privacy, participating in various machine learning experiments with the promise of each vendor’s data anonymity process. The vendors are reassuring users that their data are safe and completely anonymized, ignoring the fact that the machine learning models, they so much strive to incorporate to their product flow, suffers from subtle vulnerabilities, which can be used to expose and identify users, along with their, otherwise, private data. These types of attacks are called Population Inference Attacks and we are, specifically, going to deepen our knowledge and analyze with detail the so-called Membership Infer- ence Attack. In these attacks, the target uses a machine learning model trained on a secret ’target’ dataset. On the other hand the attacker, tries to inference whether some user-victim is a member of this dataset. To display the danger posed by this attack consider the scenario where an attacker knows that the clinical records of a user-victim are part of a disease- related-model’s training set, then the attacker can infer if the person has the disease with high certainty, leading to a serious privacy breach. The goal of this thesis is to further examine, analyze and understand the mechanism, reasoning behind membership inference attacks against machine learning models, as well as the effect and the various ways we could prevent data leakage during training of ML models. Throughout this thesis, a plethora of plots and boards will be provided to the reader, to enhance his/her understanding of this study via experiments

    Narrative exchange and intercultural encounter between forced migrants and receiving communities in Torino (Italy) and Edinburgh (Scotland)

    Get PDF
    This thesis undertakes a comparative study of community education projects in Torino (Italy) and Edinburgh (Scotland) which use narrative exchange to facilitate intercultural encounter between people who are forced migrants and those from receiving communities. It investigates the effectiveness of narrative exchange as a tool for addressing, interpreting and challenging the dynamics of intercultural encounter and community integration in contemporary urban contexts. The thesis presents a unique interdisciplinary contribution to academic debates around migration and integration, drawing on insights from social science combined with a narrative inquiry methodology and a deliberately narrative form. It addresses the epistemological tension between the qualitative, narrative-based work and knowledge embodied in community education projects and the more quantitative requirements of funding criteria which must be met to continue such work. Furthermore, it offers a series of practice-based findings and learnings intended as a resource of practical use in the field of community education. Taking ‘journey’ as a founding metaphor, the thesis is cast in the form of a travel narrative moving through the phases of a PhD, the lives and stories of people and projects encountered, and processes of learning, unlearning and relearning. It is presented as a journey narrated through the voice of the researcher as traveller or wayfarer. The thesis employs qualitative research methods and is conducted multilingually, with maps and poetry occurring and recurring. Material is gathered through conversations and participant observation. Narrative inquiry is the overarching research methodology, employed to analyse material gathered and identify which types of narrative exchange can facilitate dialogical intercultural encounter in urban migratory contexts
    corecore