Zhenhui Li¹, Shuangping Xing¹, Lin Yu¹, Huiping Li¹, Fan Zhou¹, Guangqiang Yin¹, Xikai Tang², Zhiguo Wang^1,*

CMC-Computers, Materials & Continua, Vol.78, No.2, pp. 1861-1879, 2024, DOI:10.32604/cmc.2023.046595

Abstract Software security analysts typically only have access to the executable program and cannot directly access the source code of the program. This poses significant challenges to security analysis. While it is crucial to identify vulnerabilities in such non-source code programs, there exists a limited set of generalized tools due to the low versatility of current vulnerability mining methods. However, these tools suffer from some shortcomings. In terms of targeted fuzzing, the path searching for target points is not streamlined enough, and the completely random testing leads to an excessively large search space. Additionally, when it comes to code similarity analysis,… More >

Lei Yu¹, Yucong Duan^2,*

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3949-3965, 2023, DOI:10.32604/cmc.2023.038970

Abstract Cloud computing and edge computing brought more software, which also brought a new danger of malicious software attacks. Data synchronization mechanisms of software can further help reverse data modifications. Based on the mechanisms, attackers can cover themselves behind the network and modify data undetected. Related knowledge of software reverse engineering can be organized as rules to accelerate the attacks, when attackers intrude cloud server to access the source or binary codes. Therefore, we proposed a novel method to resist this kind of reverse engineering by breaking these rules. Our method is based on software obfuscations and encryptions to enhance the… More >

Yangjae Lee¹, Sung Hoon Baek², Jung Taek Seo³, Ki-Woong Park^1,*

CMC-Computers, Materials & Continua, Vol.72, No.3, pp. 4911-4929, 2022, DOI:10.32604/cmc.2022.026657

Abstract One of the latest technologies enabling remote control, operational efficiency upgrades, and real-time big-data monitoring in an industrial control system (ICS) is the IIoT-Cloud ICS, which integrates the Industrial Internet of Things (IIoT) and the cloud into the ICS. Although an ICS benefits from the application of IIoT and the cloud in terms of cost reduction, efficiency improvement, and real-time monitoring, the application of this technology to an ICS poses an unprecedented security risk by exposing its terminal devices to the outside world. An adversary can collect information regarding senders, recipients, and prime-time slots through traffic analysis and use it… More >

Dongho Lee, Geochang Jeon, Sunjun Lee, Haehyun Cho^*

CMC-Computers, Materials & Continua, Vol.72, No.3, pp. 5909-5923, 2022, DOI:10.32604/cmc.2022.026395

Abstract The smart phone market is continuously increasing and there are more than 6 billion of smart phone users worldwide with the aid of the 5G technology. Among them Android occupies 87% of the market share. Naturally, the widespread Android smartphones has drawn the attention of the attackers who implement and spread malware. Consequently, currently the number of malware targeting Android mobile phones is ever increasing. Therefore, it is a critical task to find and detect malicious behaviors of malware in a timely manner. However, unfortunately, attackers use a variety of obfuscation techniques for malware to evade or delay detection. When… More >

Pagnchakneat C. Ouk¹, Wooguil Pak^2,*

CMC-Computers, Materials & Continua, Vol.72, No.1, pp. 381-398, 2022, DOI:10.32604/cmc.2022.024540

Abstract Although Android becomes a leading operating system in market, Android users suffer from security threats due to malwares. To protect users from the threats, the solutions to detect and identify the malware variant are essential. However, modern malware evades existing solutions by applying code obfuscation and native code. To resolve this problem, we introduce an ensemble-based malware classification algorithm using malware family grouping. The proposed family grouping algorithm finds the optimal combination of families belonging to the same group while the total number of families is fixed to the optimal total number. It also adopts unified feature extraction technique for… More >

Pagnchakneat C. Ouk¹, Wooguil Pak^2,*

CMC-Computers, Materials & Continua, Vol.70, No.2, pp. 3099-3116, 2022, DOI:10.32604/cmc.2022.020202

Abstract The Android operating system has become a leading smartphone platform for mobile and other smart devices, which in turn has led to a diversity of malware applications. The amount of research on Android malware detection has increased significantly in recent years and many detection systems have been proposed. Despite these efforts, however, most systems can be thwarted by sophisticated Android malware adopting obfuscation or native code to avoid discovery by anti-virus tools. In this paper, we propose a new static analysis technique to address the problems of obfuscating and native malware applications. The proposed system provides a unified technique for… More >

Shuyu Li¹, Guozheng Zhang^{1, *}

CMC-Computers, Materials & Continua, Vol.63, No.1, pp. 223-241, 2020, DOI:10.32604/cmc.2020.07499

Abstract With the popularity of sensor-rich mobile devices, mobile crowdsensing (MCS) has emerged as an effective method for data collection and processing. However, MCS platform usually need workers’ precise locations for optimal task execution and collect sensing data from workers, which raises severe concerns of privacy leakage. Trying to preserve workers’ location and sensing data from the untrusted MCS platform, a differentially private data aggregation method based on worker partition and location obfuscation (DP-DAWL method) is proposed in the paper. DP-DAWL method firstly use an improved K-means algorithm to divide workers into groups and assign different privacy budget to the group… More >