Risperidone-associated Transient Diabetic Ketoacidosis and Diabetes Mellitus Type 1 in a Patient Treated with Valproate and Lithium

Machine learning and deep learning algorithms are increasingly considered as potential candidates to perform black box side-channel security evaluations. Inspired by the literature on machine learning security, we put forward that it is easy to conceive implementations for which such black box security evaluations will incorrectly conclude that recovering the key is difficult, while an informed evaluator / adversary will reach the opposite conclusion (i.e., that the device is insecure given the amount of measurements available).

show abstract

Symbolic analysis meets federated learning to enhance malware identifier

Ouytsel

Dam

Legay

2022

View full text Add to dashboard Cite

Malware Analysis with Symbolic Execution and Graph Kernel

Ouytsel

Legay

2022

View full text Add to dashboard Cite

Experimental Toolkit for Manipulating Executable Packing

D'Hondt¹,

Ouytsel²,

Legay³

2023

Preprint

View full text Add to dashboard Cite

Be it for a malicious or legitimate purpose, packing, a transformation that consists in applying various operations like compression or encryption to a binary file, i.e. for making reverse engineering harder or obfuscating code, is widely employed since decades already. Particularly in the field of malware analysis where a stumbling block is evasion, it has proven effective and still gives a hard time to scientists who want to efficiently detect it. While already extensively covered in the scientific literature, it remains an open issue especially when considering its detection time and accuracy trade-off. Many approaches, including machine learning, have been proposed but most studies often restrict their scope (i.e. malware and PE files), rely on uncertain datasets (i.e. built based on a super-detector or using labels from an questionable source) and do no provide any open implementation, which makes comparing state-ofthe-art solutions tedious. Considering the many challenges that packing implies, there exists room for improvement in the way it is addressed, especially when dealing with static detection techniques. In order to tackle with these challenges, we propose an experimental toolkit, aptly called the Packing Box, leveraging automation and containerization in an open source platform that brings a unified solution to the research community and we showcase it with some experiments including unbiased ground truth generation, data visualization, machine learning pipeline automation and performance of open source packing static detectors.

show abstract

Symbolic analysis meets federated learning to enhance malware identifier

Dam¹,

Ouytsel²,

Legay³

2022

Preprint

View full text Add to dashboard Cite

Tool Paper - SEMA: Symbolic Execution Toolchain for Malware Analysis

Ouytsel

Crochet

Dam

et al. 2023

View full text Add to dashboard Cite

Analysis of Machine Learning Approaches to Packing Detection

Ouytsel¹,

Given-Wilson²,

Jeremy³

et al. 2021

Preprint

View full text Add to dashboard Cite

Packing is an obfuscation technique widely used by malware to hide the content and behavior of a program. Much prior research has explored how to detect whether a program is packed. This research includes a broad variety of approaches such as entropy analysis, syntactic signatures and more recently machine learning classifiers using various features. However, no robust results have indicated which algorithms perform best, or which features are most significant. This is complicated by considering how to evaluate the results since accuracy, cost, generalization capabilities, and other measures are all reasonable. This work explores eleven different machine learning approaches using 119 features to understand: which features are most significant for packing detection; which algorithms offer the best performance; and which algorithms are most economical.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Charles-Henry Bertrand Van Ouytsel

How to fool a black box machine learning based side-channel security evaluation

Symbolic analysis meets federated learning to enhance malware identifier

Malware Analysis with Symbolic Execution and Graph Kernel

Experimental Toolkit for Manipulating Executable Packing

Symbolic analysis meets federated learning to enhance malware identifier

Tool Paper - SEMA: Symbolic Execution Toolchain for Malware Analysis

Analysis of Machine Learning Approaches to Packing Detection

Contact Info

Product

Resources

About