Machine learning techniques are widely used in addition to signatures and heuristics to increase the detection rate of anti-malware software, as they automate the creation of detection models, making it possible to handle an ever-increasing number of new malware samples. In order to foil the analysis of anti-malware systems and evade detection, malware uses packing and other forms of obfuscation. However, few realize that benign applications use packing and obfuscation as well, to protect intellectual property and prevent license abuse.
Social networks are the fastest growing Internet applications. They offer the possibility to get in touch with current friends, discover where the old ones are, and make new ones. While these applications are a great enabler for our social life, they are also well known to fall short on privacy. The lack of adequate privacy enhancing technology is particularly important in these applications due to the nature of information they deal with, and the fact that many users are underage. This paper provides a contribution in this direction by presenting a protocol, tailored for social network applications, that allows users to ask and/or submit personal opinions while preserving their anonymity.
Software keyloggers are a fast growing class of malware often used to harvest confidential information. One of the main reasons for this rapid growth is the possibility for unprivileged programs running in user space to eavesdrop and record all the keystrokes of the users of the system. Such an ability to run in unprivileged mode facilitates their implementation and distribution, but, at the same time, allows to understand and model their behavior in detail. Leveraging this property, we propose a new detection technique that simulates carefully crafted keystroke sequences (the bait) in input and observes the behavior of the keylogger in output to univocally identify it among all the running processes. We have prototyped and evaluated this technique with some of the most common free keyloggers. Experimental results are encouraging and confirm the viability of our approach in practical scenarios.
A novel issue resource constrained Wireless Sensor Networks (WSNs) are affected by is context privacy. Indeed, while a few solutions do exist to provide data privacy to WSNs (i.e. to protect message confidentiality), providing context privacy (e.g. preventing an adversary to locate the source of a message) is still an open research problem. This paper attacks the issue providing several contributions. First, a formal model to reason about event privacy in WSNs is introduced. This model also captures dynamic events. Second, we introduce a new realistic class of mobile events a WSN can experience. These events become the target of our privacy preserving efforts. Third, we propose a privacy enforcing solution for the above class of events: the Unobservable Handoff Trajectory (UHT) Protocol. UHT is scalable and distributed. The analysis shows that it is both effective and efficient in terms of the induced overhead. It also minimizes the delay to notify the event sources location to the base station, while preserving the intended degree of privacy. Finally, extensive simulations confirm our findings.
Abstract. Privacy-breaching malware is an ever-growing class of malicious applications that attempt to steal confidential data and leak them to third parties. One of the most prominent activities to acquire private user information is to eavesdrop and harvest user-issued keystrokes. Despite the serious threat involved, keylogging activities are challenging to detect in the general case. From an operating system perspective, their general behavior is no different than that of legitimate applications used to implement common end-user features like custom shortcut handling and keyboard remapping. As a result, existing detection techniques that attempt to model malware behavior based on system or library calls are largely ineffective. To address these concerns, we introduce a novel detection technique based on fine-grained profiling of memory write patterns. The intuition behind our model lies in data harvesting being a good predictor for sensitive information leakage. To demonstrate the viability of our approach, we have designed and implemented KLIMAX: a KernelLevel Infrastructure for Memory and eXecution profiling. Our system supports proactive and reactive detection and can be transparently deployed online on a running Windows platform. Experimental results with real-world malware confirm the effectiveness of our approach.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.