Multiparties in image secret sharing (ISS) need to verify (detect and recognize) each other, which is seldom considered realized traditional methods. In this paper, we introduce the definition of multiparty verification. It includes two stages, i.e., a detection stage recognition stage, with evaluation methods that are also discussed. A verification scheme without pixel expansion developed, suitable for both dealer attendance nonattendance. The classic hash function, public key cryptography...

Emerging feathers of mobile devices have given new threats to the phone security, which makes malware detection technology becoming more and necessary. Android is one newer operating systems based on Linux kernel in this way it vulnerable attacks. In paper, we proposed a method. It can monitor various features obtained from device then applies machine learning classify applications as benign or malicious. Also make improvements Naïve Bayesian Classification method combined with Chi-Square...

User authentication plays a critical role in access control of man-machine system, where the knowledge factor, such as personal identification number, constitutes most widely used element. However, factors are usually vulnerable to spoofing attack. Recently, inheritance fingerprints, emerges an efficient alternative resilient malicious users, but it normally requires special equipment. To this end, article, we propose WiPass, device-free system only leveraging pervasive Wi-Fi infrastructure...

With the popularity of network technology and expansion scale, security risks are increasingly serious. Network vulnerability assessment methods, a active defense, have attracted many researchers. Most existing methods store different types data in ways, which makes querying analyzing inefficient, especially complex large-scale environment. In order to solve this problem, paper proposes method based on graph database. The host information, association relationship between hosts information...

A webshell is a malicious backdoor that allows remote access and control to web server by executing arbitrary commands. The wide use of obfuscation encryption technologies has greatly increased the difficulty detection. To this end, we propose novel detection model leveraging grammatical features extracted from PHP code. key idea combine executable data characteristics code with static text for classification. verify proposed model, construct cleaned set consisting 2,917 samples 17...

gVisor is a Google-published application-level kernel for containers. As lightweight and has sound isolation, it been widely used in many IT enterprises [1],[2],[3]. When new vulnerability of the upstream found, important downstream developers to test corresponding code maintain security. To achieve this aim, directed fuzzing promising. Nevertheless, there are challenges applying existing methods gVisor. The core reason that fuzzers mainly general C/C++ applications, while an OS written Go...

The technique of binary code similarity detection (BCSD) has been applied in many fields, such as malware detection, plagiarism and vulnerability search, etc. Existing solutions for the BCSD problem usually compare specific features between binaries based on control flow graphs functions from or compute embedding vector solve deep learning algorithms. In this paper, another research perspective, we propose a new lightweight method to <italic xmlns:mml="http://www.w3.org/1998/Math/MathML"...

Unrestricted file upload (UFU) vulnerabilities, especially unrestricted executable (UEFU) pose severe security risks to web servers. For instance, attackers can leverage such vulnerabilities execute arbitrary code gain the control of a whole server. Therefore, it is significant develop effective and efficient methods detect UFU UEFU vulnerabilities. Towards this, most state-of-the-art are designed based on dynamic testing. Nevertheless, they still entail two critical limitations. 1) They...

With the rapid development of Internet, malware variants have increased exponentially, which poses a key threat to cyber security. Persistent efforts been made classify variants, but there are still many challenges, including incapacity deal with various belonging similar families, problem time and resource consuming, etc. This paper proposes novel method, called Malware Entropy Sequences Reflect Family (MESRF), improve classification based on entropy sequences features. In prior research,...

By analyzing the binary executable files comparing technique, this paper presents a method to detect vulnerabilities in Windows system based on security patch comparison. The technology is mostly used for detecting which are patched by Microsoft but there no clear location and detailed information of vulnerabilities. Finally, result MS15-034 vulnerability experiment demonstrates effectiveness technique.

Web applications widely use the logging functionality, but improper handling can bring serious security threats. An attacker trigger execution of malicious data by writing to web application logs and then accessing view–logs interface, resulting in a vulnerability log injection. However, detecting this type requires automatic discovery log-injectable interfaces interfaces, which is difficult. In addition, bypasssing application-specific input-filtering checks write an effective payload also...

Current automatic exploit generation solutions generally adopt an 1-step philosophy and neglect the potential difference between analysis-time environment runtime environment. Therefore, they usually fail in evaluating exploitability for vulnerable programs running ASLR We propose ExpGen, a 2-step vulnerability-exploitability evaluation solution binary environment, with three novel techniques introduced, separately partial-exploit sensitive-POC generation, exploitation context sensitive...

Stateful network protocol fuzzing is one of the essential means for ensuring communication security. However, existing methods have problems, including frequent auxiliary message interaction, no in-depth state-space exploration, and high shares invalid interaction time. To this end, we propose SATFuzz, a stateful framework. SATFuzz first prioritizes states identified by status codes in response messages, then randomly selects state to test among high-priority states, determines its...

Cross-architecture binary code similarity detection technology has been widely used in vulnerability discovery, reverse engineering and patch detection. The identification of file compilation information is conducive to the improvement accuracy files includes architecture, compiler, optimization option obfuscation strategy. For we build a compiling architecture feature library based on ELF header for identification; use Linux system commands identify; strategy, extract 70 static features...

Modern operating systems set exploit mitigations to thwart the exploit, which has also become a barrier automated generation (AEG). Many current AEG solutions do not fully account for mitigations, and as result, they are unable accurately assess exploitability of vulnerabilities in such settings.This paper proposes AEMB, an solution bypassing generating useable exploits (EXPs). Initially, AEMB identifies system based on characteristics program execution environment. Then, implements payload...

Modern web applications offer various APIs for data interaction. However, as the number of these increases, so does potential security threats. Essentially, more in an application can lead to detectable vulnerabilities. Thus, it is crucial identify comprehensively possible applications. this task faces challenges due increasing complexity development techniques and abundance similar pages. In paper, we propose APIMiner, a framework identifying by dynamically traversing pages based on page...

Modern web services widely provide RESTful APIs for clients to access their functionality programmatically. Fuzzing is an emerging technique ensuring the reliability of APIs. However, existing API fuzzers repeatedly generate invalid requests due unawareness errors in tested and lack effective strategy legal value incorrect parameters. Such limitations severely hinder fuzzing performance. In this paper, we propose DynER, a new test case generation method guided by dynamic error responses...

Directed grey-box fuzzing (DGF) aims to discover vulnerabilities in specific code areas efficiently. Distance metric, which is used measure the quality of seed DGF, a crucial factor affecting performance. Despite distance metrics being widely applied existing DGF frameworks, it remains opaque about how different guide process and affect result practice. In this paper, we conduct first empirical study explore perform guiding DGFs. Specifically, systematically discuss aspect calculation method...