Use Of Obfuscation Research Articles

Malware Detection with Artificial Intelligence: A Systematic Literature Review

In this survey, we review the key developments in the field of malware detection using AI and analyze core challenges. We systematically survey state-of-the-art methods across five critical aspects of building an accurate and robust AI-powered malware-detection model: malware sophistication, analysis techniques, malware repositories, feature selection, and machine learning vs. deep learning. The effectiveness of an AI model is dependent on the quality of the features it is trained with. In turn, the quality and authenticity of these features is dependent on the quality of the dataset and the suitability of the analysis tool. Static analysis is fast but is limited by the widespread use of obfuscation. Dynamic analysis is not impacted by obfuscation but is defeated by ubiquitous anti-analysis techniques and requires more computational power. Sophisticated and evasive malware is challenging to extract authentic discriminatory features from and, combined with poor quality datasets, this can lead to a situation where a model achieves high accuracy with only one specific dataset.

Webshell Detection Based on Executable Data Characteristics of PHP Code

A webshell is a malicious backdoor that allows remote access and control to a web server by executing arbitrary commands. The wide use of obfuscation and encryption technologies has greatly increased the difficulty of webshell detection. To this end, we propose a novel webshell detection model leveraging the grammatical features extracted from the PHP code. The key idea is to combine the executable data characteristics of the PHP code with static text features for webshell classification. To verify the proposed model, we construct a cleaned data set of webshell consisting of 2,917 samples from 17 webshell collection projects and conduct extensive experiments. We have designed three sets of controlled experiments, the results of which show that the accuracy of the three algorithms has reached more than 99.40%, the highest reached 99.66%, the recall rate has been increased by at least 1.8%, the most increased by 6.75%, and the F1 value has increased by 2.02% on average. It not only confirms the efficiency of the grammatical features in webshell detection but also shows that our system significantly outperforms several state‐of‐the‐art rivals in terms of detection accuracy and recall rate.

Life, Law, and New Privacy in a World of Illusions and Manipulations

A major concern about the rapidly progressing erosion of privacy is that it enables manipulation in political, economic, and social realms. While this concern is well grounded, the technologies that magnify these threats also offer promising means for ameliorating the damage to human society they cause. Although greatly increased manipulation by individuals and organizations will surely be a notable feature of society in the future, it is already giving rise to a new kind of privacy. The information opacity necessary for the new forms of privacy is arising and will be magnified through the use of obfuscation, deepfakes, and related methods that are rapidly improving and becoming more widely available.

Hidden cross subsidies, planned obfuscation, and purposeful "overselling": business as usual or issues worthy of debate?

Jonathan gruber's unwise and widely quoted comments about the “stupidity” of the American voter and the deliberate use of obfuscation to secure passage of the Affordable Care Act (ACA) should serve as an important lesson for those who have never been appointed to public policy positions, for the advisers of elected or appointed officials, and for those in elected or appointed positions: No meeting is ever “off the record.” Flippant comments can (and often do) come back to haunt you. But Gruber's comments also raise several issues that are worthy of more serious consideration. The specific portions of the law on which Gruber focused involved the use of tax law complexities to obscure the effects of placing a 40% excise tax on insurance companies rather than limiting how much of an employer's contribution to an employee's insurance premium could be excluded from the employee's taxes (the “Cadillac” tax). The law also used insurance regulations to mask some of the cross subsidies contained in the legislation, such as limiting variations in insurance premiums across different age groups to 3:1 when the actuarial value suggests a difference of 5:1.1 Minimizing fiscal transparency in proposed legislation is not limited to the Obama administration or the ACA. But it is particularly relevant here because of the unusual complexity of the legislation, the highly partisan nature of the legislation's passage, and the forced scramble to recover from portions of the legislation that oversold what would or would not result from its passage—such as the promises that “if you like your plan, you can keep your plan” and “if you like your doctor, you can keep your doctor.” It is Gruber's comment that such obfuscation was critical to the legislation's passage that raises the most troubling issues.2 If he is right—and I think at least some of that is debatable—it raises the question of whether “it's OK” to engage in obfuscation if it produces a “highly desired goal.” It also raises the questions of whether engaging in similar practices is part of the reason that the ACA remains so unpopular and, if so, whether legislation passed in this manner is sustainable.

A Survey of Botnet Detection Techniques by Command and Control Infrastructure

Botnets have evolved to become one of the most serious threats to the Internet and there is substantial research on both botnets and botnet detection techniques. This analysis reviewed the history of botnets and botnet detection techniques. The analysis showed traditional botnet detection techniques rely on passive techniques, primarily honeypots, and that honeypots are not effective at detecting peer-to-peer and other decentralized botnets. Furthermore, the detection techniques aimed at decentralized and peer-to-peer botnets focus on detecting communications between the infected bots. However, the increased use of obfuscation and encryption has significantly impacted the ability to detect botnet communications.