On the Feasibility of Malware Authorship Attribution

There are many occasions in which the security community is interested to discover the authorship of malware binaries, either for digital forensics analysis of malware corpora or for thwarting live threats of malware invasion. Such a discovery of authorship might be possible due to stylistic features inherent to software codes written by human programmers. Existing studies of authorship attribution of general purpose software mainly focus on source code, which is typically based on the style of programs and environment. However, those features critically depend on the availability of the program source code, which is usually not the case when dealing with malware binaries. Such program binaries often do not retain many semantic or stylistic features due to the compilation process. Therefore, authorship attribution in the domain of malware binaries based on features and styles that will survive the compilation process is challenging. This paper provides the state of the art in this literature. Further, we analyze the features involved in those techniques. By using a case study, we identify features that can survive the compilation process. Finally, we analyze existing works on binary authorship attribution and study their applicability to real malware binaries.Comment: FPS 201

DeepAPT: Nation-State APT Attribution Using End-to-End Deep Neural Networks

In recent years numerous advanced malware, aka advanced persistent threats (APT) are allegedly developed by nation-states. The task of attributing an APT to a specific nation-state is extremely challenging for several reasons. Each nation-state has usually more than a single cyber unit that develops such advanced malware, rendering traditional authorship attribution algorithms useless. Furthermore, those APTs use state-of-the-art evasion techniques, making feature extraction challenging. Finally, the dataset of such available APTs is extremely small. In this paper we describe how deep neural networks (DNN) could be successfully employed for nation-state APT attribution. We use sandbox reports (recording the behavior of the APT when run dynamically) as raw input for the neural network, allowing the DNN to learn high level feature abstractions of the APTs itself. Using a test set of 1,000 Chinese and Russian developed APTs, we achieved an accuracy rate of 94.6%

Digital Transformation of Education: An Integrated Framework for Metaverse, Blockchain, and AI-Driven Learning

The integration of Metaverse, Blockchain, and Artificial Intelligence (AI) has the potential to revolutionize the educational landscape by providing immersive, secure, and personalized learning environments. This study proposes a conceptual framework that combines these technologies to address the key challenges faced by contemporary education systems, including accessibility, engagement, security, and personalization. The Metaverse serves as the immersive platform, offering virtual classrooms, interactive simulations, and gamified learning experiences. Blockchain provides the foundation for secure and transparent academic records, enabling tamper-proof credential verification and decentralized data management. AI enhances the educational experience by powering adaptive learning systems, predictive analytics, and intelligent tutoring systems that personalize content delivery and identify at-risk students. This framework aims to foster a more inclusive, efficient, and student-centered learning ecosystem. Practical use cases demonstrate how the integration of these technologies can improve STEM education, medical training, credentialing systems, and inclusive learning environments. However, the implementation of these technologies presents challenges related to infrastructure costs, regulatory compliance, and ethical considerations in AI decision-making. Future research should explore the empirical validation of this framework, scalability issues, and strategies for overcoming adoption barriers to fully realize the transformative potential of these technologies in education