Abstract: Detection of a malware when a new binary is downloaded, to distinguish it from ‘benign-ware’ is an important part of computer security. There exist various techniques proposed by researchers using both static and dynamic analyses to detect malware. But day by day, malware authors have improved its evasion capability using non-persistence, obfuscation techniques, and use of volatile payloads that operate only in memory. With obfuscation techniques, malware authors make the reverse engineering of binary tougher. So now malware analysis is not limited to static and dynamic analysis. By memory forensics techniques we can get a comprehensive view of the actions of an executable. We have used an interval-based approach to take the memory dumps and then selected one memory dump for further analysis. In this work we have extracted various features from memory dump such registry bindings, suspicious DLLs, hidden processes, orphan threads, code injection, injected DLLs, file system etc., and automated the classification of malware vs. benign-ware. For evaluation purposes we used 1730 malware and 1571 benign files. We achieved 99.09% accuracy with 0.43% false positive rate using XG-Boost
Abstract: Functional Encryption and Obfuscation are two of the most exciting primitives in modern cryptography. Functional Encryption generalizes public key encryption and allows fine grained access on encrypted data. Obfuscation asks to garble a program such that its input output behaviour is preserved but all its internal workings are hidden. These two primitives are deeply connected, and finding efficient constructions for them, provably secure from well understood hardness assumptions is one of the key themes of modern crypto research.
In this talk, I will summarize the state of art in this space as well as discuss some new results.
Copyright © 2019. All rights reserved
This site is under Maintenance