A Simple Obfuscation Scheme for Pattern-Matching with Wildcards.

We give a simple and efficient method for obfuscating pattern matching with wildcards. ... In other words, we construct a way to check an input against a secret pattern, which is described in terms of prescribed values interspersed with unconstrained "wildcard" slots. ... Acknowledgments The second, third, fourth, and fifth authors are supported in part by the Defense The authors wish to thank Cong Zhang for discussions in preliminary stages of this work. ...

doi:10.1007/978-3-319-96878-0_25 fatcat:tczme4ininaj7bqgovnbsbxo2i

Specifically, we give simpler and stronger security proofs for obfuscation schemes for point functions, general-output point functions and pattern matching with wildcards. ... (CRYPTO 2018) on obfuscating the pattern matching with wildcards functionality. ... This work started at ENS over the summer; we thank Luke Kowalczyk for telling us about [3] , as well as Michel Abdalla, Georg Fuchsbauer and Hendrik Waldner for helpful discussions. ...

doi:10.5281/zenodo.3405951 fatcat:fwqxvhzfqfhubi2om7sizmsj4u

Open Access

We are also able to obfuscate a 32-bit conjunction program with 53 bits of security in 7 minutes and evaluate the obfuscated program in 43 milliseconds on a commodity desktop computer, which implies that ... Our design and implementation advances are applicable to obfuscating more general compute-and-compare programs and can also be used for many cryptographic schemes based on lattice trapdoors. 354 2018 IEEE ... The work factor for a specific conjunction pattern depends on the number of wildcard bits, denoted as X. ...

doi:10.1109/sp.2018.00007 dblp:conf/sp/CousinsCGKPRRS18 fatcat:tokd33t7xnbbvp2jwooksxrqce

Since uFETCH transforms the problem of encrypted search into a simple problem of subsequence matching for SaaS-native, it requires only sub-linear search time w.r.t. the volume of indexed items and is ... In this paper, an easier option is made available when a unified SE scheme named uFETCH is proposed to accommodate both. ... But one thing in common with them is: when talking about SE, schemes are dedicated to matching for word(s). ...

doi:10.1109/access.2020.2994598 fatcat:hsn4mkgikrcf5axnxroygiitaa

DOAJ

the Ring Learning with Errors (Ring LWE) assumption. ... Whereas prior work of Brakerski and Rothblum (CRYPTO 2013) showed how to achieve this using a non-standard object called cryptographic multilinear maps, our scheme is based on an "entropic" variant of ... In particular, if there is a ppt adversary Adv that distinguishes Hybrid 3.j and Hybrid' 3.j with advantage ε then we construct a ppt adversary Adv with advantage ε in the GXDH problem. ...

doi:10.1145/2840728.2840764 dblp:conf/innovations/BrakerskiVWW16 fatcat:4oz3o7okenc63nyyg26h3vbxcy

As a result, software obfuscation for the purpose of intellectual property protection remains highly challenging. ... On the one hand, many forms of lightweight static analysis have difficulties with even basic obfuscation schemes, which explains the unbroken popularity of obfuscation among malware writers. ... Locating code through pattern matching. Particular code fragments are detected by pattern matching, e.g., on instruction sequences with or without wildcards. ...

doi:10.1145/2886012 fatcat:6ze4t4rrzjfr3lhmgp2kvmqblq

The article surveys the state-of-the-art literature on network function outsourcing, with a special focus on privacy and security issues. ... Example of the wildcard matching scheme [38] that applies PHE to bit-level representation for the rules and packets with respect to wildcards. ... If there is a match, IDS will further perform signature detection, which includes the metadata pattern match (e.g., IP range), string pattern, or binary pattern match in the payload. 3) Firewall: The ...

doi:10.1109/jproc.2021.3127277 fatcat:getxjhn3s5eyllg6nxnpzsgrmq

Open Access

Combined with rapid developments in high-speed wireless networks, these resource-constrained devices are paving the road for the Internet-of-Things paradigm, a computing model aiming to bring together ... In this paper, we study the design of a privacy-enhanced communication protocol for lightweight IoT devices. ... Updates a given topic matching Updates a given topic matching with S j+1 t ← str(F(num(S j t ) * P(j))). with S j+1 t ← str(F(num(S j t ) * P(j))). Updates j ← j + 1. Updates j ← j + 1. ...

doi:10.3390/electronics11010070 fatcat:to3hrcndofb6hjh2lj5nnsvrwa

DOAJ

Study investigates detection of metamorphic malware attacks using the Boyer Moore algorithm for string-based signature detection scheme. ... Adversaries to any system restlessly continues to sought effective, non-detectable means to aid them successful penetrate secure systems, either for fun or commercial gains. ... Ibhadode who has made research a way of life in the Federal University of Petroleum Resources, Effurun. Thank you for the vision. ...

doi:10.5815/ijmsc.2019.03.05 fatcat:ow7h232j2jh3jdmuasnvfxoq44

Szczepanski

Citation

A. Ojugo, Department of Mathematics/Computer Science, Federal University of Petroleum Resources Effurun, A. O. Eboka, Department of Computer Education, Federal College of Education (Technical). "Signature-Based Malware Detection Using Approximate Boyer Moore String Matching Algorithm." International Journal of Mathematical Sciences and Computing 5.3 (2019) 49-62

It describes how multipattern search can handle the different text encodings encountered in digital forensics and a number of issues pertaining to proper handling of Unicode in search patterns. ... This paper discusses problems arising in digital forensics with regard to Unicode, character encodings, and search. ... Encoding chains are a declarative mechanism for confronting a number of the stateless obfuscation schemes commonly encountered in forensics. ...

doi:10.1016/j.diin.2013.06.013 fatcat:zi2cjofkyzcplix22qetxjl6q4

Although anti-virus software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. ... In this paper, we present a novel method for automatically deriving signatures from anti-virus software and discuss how the extracted signatures can be used to attack sensible data with the aid of the ... This approach, however, does not allow for wildcard characters or gaps, and therefore provides no means to match largely similar files with a single signature. ...

doi:10.1145/3052973.3053002 dblp:conf/ccs/WressneggerFYR17 fatcat:bctof7aolfbkbd2ifihpandxd4

We describe how to solve the private set intersection problem and a set of pattern matching queries with privacy. ... The sequence of base pairs accounts for approximately 3 billion elements. ... Let as assume that Alice has a pattern P A to match, P A = p 1 , p 2 . . . p i , p m ∈ {A, C, G, T, ?}. For instance P A = AC?C? ...

doi:10.1109/cbms.2015.70 dblp:conf/cbms/PatsakisZS15 fatcat:rkftmmmsunhs5mqiuybvx7qzam

Hence, in this paper, we introduce a new formalism for practical program obfuscation that still allows rigorous security proofs. ... We believe our formalism will make it easier to analyse the security of obfuscation schemes. To show the flexibility and power of our formalism, we give a number of examples. ... In Section 7, we discuss the security of applying different obfuscators iteratively on a program. We discuss limitations of our formalism in Section 8. Finally, we conclude this paper in Section 9. ...

arXiv:2011.02607v1 fatcat:bwitywwbunf2fjggrff3r5iwda

Open Access

Our evaluation shows a 100% detection rate with 0 false positives for all metamorphic samples that do not change their behavior. ... We present a novel approach that allows us to detect metamorphic variants. Based on this detection, it is also possible to classify new samples to a metamorphic family. ... Acknowledgements The authors would like to thank the anonymous reviewers of this paper for discussions and comments. We are also thankful for the people who supported us and gave valuable suggestions. ...

doi:10.1109/malware.2009.5403019 dblp:conf/malware/LederSM09 fatcat:2slzikex3vgo7oznu24qundtde

However, the process of static analysis remains a challenging and tedious process for reverse engineers. The static analysis process requires a great amount of manual work. ... One aspect of reverse engineering that provides reverse engineers with useful information regarding a statically analyzed piece of code is function ngerprinting. ... Acknowledgments Foremost, I thank God for granting me the will power and dedication necessary to complete my studies and compose this thesis. ...

doi:10.1007/978-3-319-58469-0_23 fatcat:5pa75pxs2zau3fuimqn7o5cwi4

A Simple Obfuscation Scheme for Pattern-Matching with Wildcards [chapter]

Preserved Fulltext

Obfuscating Simple Functionalities from Knowledge assumptions

Preserved Fulltext

Implementing Conjunction Obfuscation Under Entropic Ring LWE

Preserved Fulltext

uFETCH: A Unified Searchable Encryption Scheme and Its SaaS-Native to Make DBMS Privacy-Preserving

Preserved Fulltext

Obfuscating Conjunctions under Entropic Ring LWE

Preserved Fulltext

Protecting Software through Obfuscation

Preserved Fulltext

Building In-the-Cloud Network Functions: Security and Privacy Challenges

Preserved Fulltext

Privacy-Enhanced MQTT Protocol for Massive IoT

Preserved Fulltext

Signature-Based Malware Detection Using Approximate Boyer Moore String Matching Algorithm

Preserved Fulltext

Unicode search of dirty data, or: How I learned to stop worrying and love Unicode Technical Standard #18

Preserved Fulltext

Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks

Preserved Fulltext

Privacy-Aware Genome Mining: Server-Assisted Protocols for Private Set Intersection and Pattern Matching

Preserved Fulltext

Towards a Theory of Special-purpose Program Obfuscation [article]

Preserved Fulltext

Classification and detection of metamorphic malware using value set analysis

Preserved Fulltext

BinSign: Fingerprinting Binary Functions to Support Automated Analysis of Code Executables [chapter]

Preserved Fulltext