Adversarial exemples: A survey and experimental evaluation of practical attacks on machine learning for windows malware detection
Recent work has shown that adversarial Windows malware samples—referred to as
adversarial EXE mples in this article—can bypass machine learning-based detection relying …
adversarial EXE mples in this article—can bypass machine learning-based detection relying …
Functionality-preserving black-box optimization of adversarial windows malware
Windows malware detectors based on machine learning are vulnerable to adversarial
examples, even if the attacker is only given black-box query access to the model. The main …
examples, even if the attacker is only given black-box query access to the model. The main …
Sok: All you ever wanted to know about x86/x64 binary disassembly but were afraid to ask
Disassembly of binary code is hard, but necessary for improving the security of binary
software. Over the past few decades, research in binary disassembly has produced many …
software. Over the past few decades, research in binary disassembly has produced many …
Binary rewriting without control flow recovery
Static binary rewriting has many important applications in software security and systems,
such as hardening, repair, patching, instrumentation, and debugging. While many different …
such as hardening, repair, patching, instrumentation, and debugging. While many different …
Improving performance and energy consumption in embedded systems via binary acceleration: A survey
The breakdown of Dennard scaling has resulted in a decade-long stall of the maximum
operating clock frequencies of processors. To mitigate this issue, computing shifted to multi …
operating clock frequencies of processors. To mitigate this issue, computing shifted to multi …
Same coverage, less bloat: Accelerating binary-only fuzzing with coverage-preserving coverage-guided tracing
Coverage-guided fuzzing's aggressive, high-volume testing has helped reveal tens of
thousands of software security flaws. While executing billions of test cases mandates fast …
thousands of software security flaws. While executing billions of test cases mandates fast …
Fuzzing sgx enclaves via host program mutations
Intel Software Guard eXtension (SGX) is the cornerstone of Confidential Computing,
enabling runtime code and data integrity and confidentiality via enclaves. Unfortunately …
enabling runtime code and data integrity and confidentiality via enclaves. Unfortunately …
Air-gap electromagnetic covert channel
M Guri - IEEE Transactions on Dependable and Secure …, 2023 - ieeexplore.ieee.org
Air-gapped systems are isolated from the Internet due to the sensitive information they
handle. This paper introduces a covert channel attack that leaks sensitive information over …
handle. This paper introduces a covert channel attack that leaks sensitive information over …
Shimware: Toward Practical Security Retrofitting for Monolithic Firmware Images
E Gustafson, P Grosen, N Redini, S Jha… - Proceedings of the 26th …, 2023 - dl.acm.org
In today's era of the Internet of Things, we are surrounded by security-and safety-critical,
network-connected devices. In parallel with the rise in attacks on such devices, we have also …
network-connected devices. In parallel with the rise in attacks on such devices, we have also …
D-arm: Disassembling arm binaries by lightweight superset instruction interpretation and graph modeling
ARM binary analysis has a wide range of applications in ARM system security. A
fundamental challenge is ARM disassembly. ARM, particularly AArch32, has a number of …
fundamental challenge is ARM disassembly. ARM, particularly AArch32, has a number of …