Measuring Software Obfuscation Quality–A Systematic Literature Review

Ebad, Shouki A.; Darem, A. Basit; Abawajy, Jemal

doi:10.1109/access.2021.3094517

Cited by 21 publications

(20 citation statements)

References 85 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a representative of software source code, C programs are used; they are collected from the GitHub repository 2 . C is still one of the most common PLs in the market [10]. A controlled experiment is conducted where the subjects of the experiment are 12 open source software (OSS) programs written in C; the subjects are arbitrarily selected.…”

Section: B Subjects and Variablesmentioning

confidence: 99%

Investigating the Input Validation Vulnerabilities in C Programs

Ebad¹

2023

IJACSA

View full text Add to dashboard Cite

Input validation is a fairly universal programming practice that helps reduce the chances of producing protectionrelated vulnerabilities in software. In this paper, an experiment is conducted to specifically determine the input validation issues found in programs and the problematic functions that lead to such issues. The experiment evaluated 12 arbitrarily selected open source C projects written by different programmers. The top two most common input validation problems are buffer overflow/XSS and potential memory mismanagement. In addition, the functions that caused the first problem are: (a) strings/text functions (e.g., strcpy and strcmp), and (b) functions that read from standard input, STDIN (e.g., scanf and gets). In contrast, the functions that caused the second problem are (a) memory allocation/deallocation functions (e.g., memmove and malloc), and (b) file manipulation functions (e.g., fopen and fseek). Furthermore, the goto construct-to a small extent-plays a role. The recommendations are that (a) developers are encouraged to use memory-safe programming languages, otherwise, they should perform different types of checks for the validity of inputs as soon as they are entered, and (b) they should have the required knowledge of secure source code and use tools/suites to manage malformed strings.

show abstract

Section: B Subjects and Variablesmentioning

confidence: 99%

Investigating the Input Validation Vulnerabilities in C Programs

Ebad¹

2023

IJACSA

View full text Add to dashboard Cite

show abstract

“…Multiclass performance metrics are commonly used for measuring and evaluating the quality of malware detection [37]. The same metrics have also been used to validate the proposed model in this study.…”

Section: Performance Measuresmentioning

confidence: 99%

Deep-Ensemble and Multifaceted Behavioral Malware Variant Detection Model

et al. 2022

Self Cite

View full text Add to dashboard Cite

Every day, hundreds of thousands of new malware programs are developed and spread worldwide in cyberspace. Most of these malware programs are malware variants such as polymorphic and metamorphic malware, which are created from older versions of malware and able to change their structures and function flows to circumvent security solutions. The accuracy of malware variant detection is a crucial challenge. Many existing malware variant detections use static features extracted from the physical structure of malware file, such as opcodes and function flows. Unfortunately, the static features are subject to obfuscation and code shelling using simple obfuscation techniques. Although a malware variant can change its structure and function flows, it is widely believed that the malware variant cannot hide its malicious behavioral patterns during the runtime. Accordingly, dynamic, or behavioral analysisbased features were suggested by many studies to detect malware variants accurately. However, most of these studies are solely dependent on application-programmable interface calls (or API calls), which is not enough to accurately distinguish between malware and benign due to API-based obfuscation techniques. Therefore, a malware variant detection model that combines different behavioral activities can improve detection accuracy while reducing the false-negative rate. To this end, this study proposed a Deep-Ensemble and Multifaceted Behavioral Malware Variant Detection Model using Sequential Deep Learning and Extreme Gradient Boosting Techniques. Different behavioral features were extracted from the dynamic analysis environment. Then, a feature extraction algorithm that can automatically extract effective representative patterns has been designed and developed to extract the hidden representative features of the malware variants using a sequential deep learning model. These features have been fed into a developed extreme gradient boosting-based classifier for decision making. Extensive experiments have been carried out to validate the proposed scheme. The results were compared to the other related techniques in the field. The results show that the proposed model is reliable, as it improves the detection rate while reducing the false-negative rate.INDEX TERMS Malware detection, malware variants, multifaceted behavioral features, deep ensemble learning, sequential deep learning.

show abstract

“…or Ph.D. students. Several graduate programs in international universities provide seminar-based courses, including the University of Virginia, 10 Portland State University, 11 and the National University of Singapore. 12 Another observation relevant to this program at Majmaah University is the textbooks used in the three courses.…”

Section: About Ms In Cybersecurity and Digital Forensics At Universit...mentioning

confidence: 99%

“…However, this would be insufficient for students unless they learn how to impede these attacks. While these types of attacks are taught in the courses, the recommendation is to cover software obfuscation techniques (countermeasures) because these attacks and others have been mitigated with the help of such obfuscation techniques [10]. Finally, Secure Source Code essential relates to the programming languages (PLs) used by students.…”

Section: Observations and Recommendations (Rq3)mentioning

confidence: 99%

What topics should or should not be included in software security education—Qualitative content analysis

Ebad

2022

Comp Applic In Engineering

Self Cite

View full text Add to dashboard Cite

Software security education is still not preparing students for the types of high‐skilled technical roles that represent the most severe workforce shortage. Recognizing this, academia has begun redefining the knowledge area concepts of software security curricula to meet the current workforce shortage. This article studies the software security courses in Arab Gulf academic programs and benchmarks their descriptions with the corresponding knowledge area from cybersecurity Curricula (CSEC). 2017, the first set of global cybersecurity curricular guidelines. Using content analysis, six concepts or essentials are investigated: security requirements, secure design principles, secure source code, analysis and testing, patch, and ethics. It was found that no course follows all the CSEC. 2017 essentials. The analysis and testing essential were considered by all courses, and security after deployment, including the patch essential, needs more attention because it was not included in any course. Similarly, the security requirements and ethics essentials were also considered by a few courses. However, software success depends on requirements, and ethics has become critical in the cybersecurity and information assurance fields that depend on law and forensics. The secure source code essential was covered by most courses. The well‐known types of code attacks were covered, and over half of the courses discussed secure design principles essential. However, security by design is an emerging development philosophy. The article discussed observations and recommendations that will assist program managers and their staff in making effective decisions about the essentials and concepts that should be included when they are developing the software security curriculum.

show abstract

Measuring Software Obfuscation Quality–A Systematic Literature Review

Cited by 21 publications

References 85 publications

Investigating the Input Validation Vulnerabilities in C Programs

Investigating the Input Validation Vulnerabilities in C Programs

Deep-Ensemble and Multifaceted Behavioral Malware Variant Detection Model

What topics should or should not be included in software security education—Qualitative content analysis

Contact Info

Product

Resources

About