Abstract
Encryption, which is essential for the protection of sensitive information can also transform any malicious content to illegible form, which can then reside in any network, undetected. Encryption of malicious payload is used by malware authors to mask their code, however, the objective of hiding the malicious code can be further improved by techniques of re-randomization. The concept of re-randomization using asymmetric cryptography has been emerged as a new area of interest for malware designers. Re-randomizing is a technique which can prevent detection of source path of a malware and makes it indistinguishable. This article extends the idea of using asymmetric cryptography for re-randomization and has proposed a novel scheme using Pailliar’s asymmetric cryptosystem. Moreover, this research work illustrates the limitations of RSA for malware re-randomization. A comprehensive performance analysis of the re-randomization techniques for various malware payloads is also presented, which can be used for the detection of re-randomized malware effectively.
Highlights
T HE rapid evolution of internet has enabled individuals and devices from across the borders to connect and interact with each other
In the pursuit of this sensitive information, adversaries develop sophisticated techniques to exfiltrate the wealth of data from individuals and organizations
This research work proposes and implements the novel scheme for malware encryption and re-randomization based on Paillier cryptosystem
Summary
T HE rapid evolution of internet has enabled individuals and devices from across the borders to connect and interact with each other. Indistinguishability, an important feature of cryptographic protocols ensures that an adversary does not have an added advantage to determine if the same message is encrypted twice. This remarkable feature exists in most of the probabilistic encryption schemes, which includes the classical ElGamal, and Paillier cryptosystems. Application of such schemes for rerandomization results in evading malware with greater accuracy because malware becomes indistinguishable from other data. This research work proposes and implements the novel scheme for malware encryption and re-randomization based on Paillier cryptosystem. The paper contributions includes the comprehensive simulation results on popular malware samples
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
