104 Hits in 5.7 sec

Exploiting Dynamic Scheduling for VM-Based Code Obfuscation

Kaiyuan Kuang, Zhanyong Tang, Xiaoqing Gong, Dingyi Fang, Xiaojiang Chen, Tianzhang Xing, Guixin Ye, Jie Zhang, Zheng Wang
2016 2016 IEEE Trustcom/BigDataSE/ISPA  
Code virtualization built upon virtual machine (VM) technologies is emerging as a viable method for implementing code obfuscation to protect programs against unauthorized analysis.  ...  This paper presents DSVMP, a novel VM-based code obfuscation approach for software protection. DSVMP brings together two techniques to provide stronger code protection than prior VM-based schemes.  ...  Code virtualization based on a virtual machine (VM) is emerging as a promising way for implementing code obfuscation [1] , [2] , [3] , [4] , [5] , [6] , [7] .  ... 
doi:10.1109/trustcom.2016.0101 dblp:conf/trustcom/KuangTGFCXYZW16 fatcat:72p63pjghjfofo3szi6isayete

Exploit dynamic data flows to protect software against semantic attacks

Kaiyuan Kuang, Zhanyong Tang, Xiaoqing Gong, Dingyi Fang, Xiaojiang Chen, Heng Zhang, Jie Liu, Zheng Wang
2017 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI)  
Virtual machine based code obfuscation is emerging as a powerful technique for software protection.  ...  This paper presents DSA-VMP, a novel VM-based code obfuscation technique, to address the issue of semantic attacks.  ...  Existing VM-based code obfuscation cannot effectively protect software against semantic attacks, because traditional virtual machine protection methods pay their attention to improve the security of virtual  ... 
doi:10.1109/uic-atc.2017.8397540 dblp:conf/uic/KuangTGFCZLW17 fatcat:bkom6c6g7nbunb7nhm3yzfmywy

Leveraging WebAssembly for Numerical JavaScript Code Virtualization

Shuai Wang, Dingyi Fang, Zheng Wang, Guixin Ye, Meng Li, Lu Yuan, Zhanyong Tang, Huanting Wang, Wei Wang, Fuwei Wang, Jie Ren
2019 IEEE Access  
Code obfuscation built upon code virtualization technology is one of the viable means for protecting sensitive algorithms and data against code reverse engineering attacks.  ...  This paper presents JSPro, a novel code virtualization system for JavaScript. JSPro is the first JavaScript code obfuscation tool that builds upon the emerging WebAssembly language standard.  ...  For the traditional binary code virtualization protection, there is a semantic-based anti obfuscation method, which extracts program execution sequence through a dynamic tracking the program, and further  ... 
doi:10.1109/access.2019.2953511 fatcat:x43duxnnr5ectfp2baefvaiie4

Exploiting Binary-level Code Virtualization to Protect Android Applications Against App Repackaging

Zhongkai He, Guixin Ye, Lu Yuan, Zhanyong Tang, Xiaofeng Wang, Jie Ren, Wei Wang, Jianfeng Yang, Dingyi Fang, Zheng Wang
2019 IEEE Access  
At the native machine code level, it uses a newly designed stack-based virtualization structure to obfuscate and protect critical algorithm implementations that have been compiled into native instructions  ...  Most of the existing anti-repackaging schemes only work at the Android DEX bytecode level, but not for the shared object files consisting of native ARM-based machine instructions.  ...  To enhance the security strength, we adopt multiple virtual protection schemes, where a scheme is dynamically chosen at runtime.  ... 
doi:10.1109/access.2019.2921417 fatcat:l25ctqyx3fdq7l7itluhchhov4

VMGuards: A Novel Virtual Machine Based Code Protection System with VM Security as the First Class Design Concern

Zhanyong Tang, Meng Li, Guixin Ye, Shuai Cao, Meiling Chen, Xiaoqing Gong, Dingyi Fang, Zheng Wang
2018 Applied Sciences  
Process-level virtual machine (PVM) based code obfuscation is a viable means for protecting software against runtime code tampering and unauthorized code reverse engineering.  ...  PVM-based approaches rely on a VM to determine how instructions of the protected code region are scheduled and executed.  ...  These bytecodes will then be translated into machine code by a virtual machine (VM) interpreter during runtime.  ... 
doi:10.3390/app8050771 fatcat:v4j4rzjdnrdo7glpwsbeepvv5y

The Evolution of Android Malware and Android Analysis Techniques

Kimberly Tam, Ali Feizollah, Nor Badrul Anuar, Rosli Salleh, Lorenzo Cavallaro
2017 ACM Computing Surveys  
VM-based analyses, like traditional methods, utilize emulators and virtual environments to provide increased security through isolation.  ...  Alternatively, code reordering also obfuscates an application's flow. Programming languages are also often compiled into more expres-sive language, such as virtual machine code.  ... 
doi:10.1145/3017427 fatcat:f2vdpgntincgvd4xv52l2ovray

JAVM: Internet-based Parallel Computing Using Java [chapter]

2000 Annual Review of Scalable Computing  
The JAVM (Java Astra Virtual Machine) project is about harnessing the immense computational resource available in the Internet for parallel processing.  ...  Its infrastructure and features, namely ease of use, heterogeneity, portability, security, fault tolerance, load balancing, scalability and accountability, are discussed.  ...  However, there are still several areas whereby JAVM could be further improved and enhanced. 1. Code Obfuscation. Much of the information of Java source code remains in the bytecode.  ... 
doi:10.1142/9789812792228_0003 fatcat:odsotljbx5gpzmmynm6lom3yau

BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking

Jiang Ming, Dongpeng Xu, Yufei Jiang, Dinghao Wu
2017 USENIX Security Symposium  
We perform enhanced dynamic slicing and symbolic execution to compare the logic of instructions that impact on the observable behaviors.  ...  Especially when analyzing malware variants, pervasive code obfuscation techniques have driven recent work towards determining semantic similarity in spite of ostensible difference in syntax.  ...  We thank the Usenix Security anonymous reviewers and Michael Bailey for their valuable feedback.  ... 
dblp:conf/uss/MingXJW17 fatcat:5ixykyxrnjbpnempcgjymijkdi

Layered obfuscation: a taxonomy of software obfuscation techniques for layered security

Hui Xu, Yangfan Zhou, Jiang Ming, Michael Lyu
2020 Cybersecurity  
Inspired by the classic idea of layered security for risk management, we propose layered obfuscation as a promising way to realize reliable software obfuscation.  ...  Software obfuscation has been developed for over 30 years. A problem always confusing the communities is what security strength the technique can achieve.  ...  As shown in Fig. 7 , such techniques include code translation, VM(virtual machine)-based obfuscation, decompilation prevention, and diversification.  ... 
doi:10.1186/s42400-020-00049-3 fatcat:jrymozivkvbkbd3aeg3redj4ne

Exploiting Model Checking for Mobile Botnet Detection

Cinzia Bernardeschi, Francesco Mercaldo, Vittoria Nardone, Antonella Santone
2019 Procedia Computer Science  
We experiment real-world botnet based Android malware, obtaining encouraging results.  ...  In this paper a method able to identify botnet in Android environment through model checking is proposed.  ...  Basically through static and dynamic analysis, they extract and visualize all embedded URLs, including the obfuscated URLs. Researchers in 10 propose a cloud-based Android botnet Detection System.  ... 
doi:10.1016/j.procs.2019.09.263 fatcat:27egx2mq2rgvpnj2jgi3jse3ue

Self-protection of Android systems from inter-component communication attacks

Mahmoud Hammad, Joshua Garcia, Sam Malek
2018 Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering - ASE 2018  
CopperDroid [206] is an automatic virtual machine introspection or VMI-based dynamic tool for reconstruction of Android malware behavior. It provides behavioral profiling of malicious Android apps.  ...  An app's code is compiled into Dalvik EXecutable (DEX ) format, which can be executed on a customized Java Virtual Machine (JVM).  ...  by 20% and up to 90% due to the use of code obfuscation.  ... 
doi:10.1145/3238147.3238207 dblp:conf/kbse/HammadGM18 fatcat:qht4e54ehjfltlht6wjuwzsata

The Tale of Java Performance

Osvaldo Pinali Doederlein
2003 Journal of Object Technology  
THE TALE OF JAVA PERFORMANCE 18 J OURNAL OF OBJECT TECHNOLOGY V OL. 2, NO. 5 VM performance, By-the-Book Portable code and Virtual Machines exist since the sixties, so by 1996 the field was already mature  ...  The Java platform introduced Virtual Machines, JIT Compilers and Garbage Collectors to the masses and to mainstream software development.  ...  Virtual Machines have a big advantage for software evolution: a newer platform can emulate its older versions just like it emulates a processor when running portable code.  ... 
doi:10.5381/jot.2003.2.5.c3 fatcat:nwgd4zsa2feinepz622opcfq4e

Runtime Support for Type-Safe Dynamic Java Classes [chapter]

Scott Malabarba, Raju Pandey, Jeff Gragg, Earl Barr, J. Fritz Barnes
2000 Lecture Notes in Computer Science  
Experimental analyses of our implementation indicate that the implementation imposes a moderate performance penalty relative to the unmodified virtual machine.  ...  The approach promotes compatibility with existing Java applications, and maintains the security and type safety controls imposed by Java's dynamic linking mechanism.  ...  Dynamic classes can be implemented in several ways: by changing the language, through library-based support, or by modifying the virtual machine.  ... 
doi:10.1007/3-540-45102-1_17 fatcat:v5xl4nwny5azvjnj2nzpeggnvi

Toward Engineering a Secure Android Ecosystem

Meng Xu, Chenxiong Qian, Sangho Lee, Taesoo Kim, Chengyu Song, Yang Ji, Ming-Wei Shih, Kangjie Lu, Cong Zheng, Ruian Duan, Yeongjin Jang, Byoungyoung Lee
2016 ACM Computing Surveys  
Based on our collection of knowledge, we envision a blueprint for engineering a secure, next-generation Android ecosystem.  ...  CCS Concepts: r Security and privacy → Mobile platform security; Malware and its mitigation; Social aspects of security and privacy Additional  ...  For example, DIVILAR [Zhou et al. 2014b] obfuscates Dalvik bytecode with a randomized virtual instruction set, and translates its obfuscated code with a customized interpreter at runtime.  ... 
doi:10.1145/2963145 fatcat:d5vhxpdywrevvbh4as6vvt576q

Profiling user-trigger dependence for Android malware detection

Karim O. Elish, Xiaokui Shu, Danfeng (Daphne) Yao, Barbara G. Ryder, Xuxian Jiang
2015 Computers & security  
Obfuscation, Java reflection, and dynamic code loading cannot be analyzed statically.  ...  Static features can be extracted from intermediate code representations obtained through decompiling Android Dalvik bytecode.  ... 
doi:10.1016/j.cose.2014.11.001 fatcat:jtxvvqca2jgqvhuou4cjnseolq
« Previous Showing results 1 — 15 out of 104 results