Your search keyword '"Analysis"' showing total 3 results

1. A Survey on Empirical Security Analysis of Access-control Systems: A Real-world Perspective.

Author

PARKINSON, SIMON and KHAN, SAAD

Subjects

*ACCESS control, *TASK analysis, *POLICY analysis, *LITERATURE reviews, *THEFT

Abstract

There any many different access-control systems, yet a commonality is that they provide flexible mechanisms to enforce different access levels. Their importance in organisations to adequately restrict resources, coupled with their use in a dynamic environment, mandates the need to routinely perform policy analysis. The aim of performing analysis is often to identify potential problematic permissions, which have the potential to be exploited and could result in data theft and unintended modification. There is a vast body of published literature on analysing access-control systems, yet as performing analysis has a strong end-user motivation and is grounded in security challenges faced in real-world systems, it is important to understand how research is developing, what are the common themes of interest, and to identify key challenges that should be addressed in future work. To the best of the authors’ knowledge, no survey has been performed to gain an understanding of empirical access-control analysis, focussing on how techniques are evaluated and how they align to the needs of real-world analysis tasks. This article provides a systematic literature review, identifying and summarising key works. Key findings are identified and discussed as areas of future work. [ABSTRACT FROM AUTHOR]

Published

2023

2. File Packing from the Malware Perspective: Techniques, Analysis Approaches, and Directions for Enhancements.

Author

MURALIDHARAN, TRIVIKRAM, COHEN, AVIAD, GERSON, NOA, and NISSIM, NIR

Subjects

*MACHINE learning, *MALWARE, *TIME management

Abstract

With the growing sophistication of malware, the need to devise improved malware detection schemes is crucial. The packing of executable files, which is one of the most common techniques for code protection, has been repurposed for code obfuscation by malware authors as a means of evading malware detectors (mainly static analysis-based detectors). This paper provides statistics on the use of packers based on an extensive analysis of 24,000 PE files (both malicious and benign files) for the past 10 years, which allowed us to observe trends in packing use during that time and showed that packing is still widely used in malware. This paper then surveys 23 methods proposed in academic research for the detection and classification of packed portable executable (PE) files and highlights various trends in malware packing. The paper highlights the differences between the methods and their abilities to detect and identify various aspects of packing. A taxonomy is presented, classifying the methods as static, dynamic, and hybrid analysis-based methods. The paper also sheds light on the increasing role of machine learning methods in the development of modern packing detection methods. We analyzed and mapped the different packing methods and identified which of them can be countered by the detection methods surveyed in this paper. [ABSTRACT FROM AUTHOR]

Published

2023

3. Network Traffic Generation: A Survey and Methodology.

Author

ADELEKE, OLUWAMAYOWA ADE, BASTIN, NICHOLAS, and GURKAN, DENIZ

Subjects

*TRAFFIC surveys, *CITY traffic

Abstract

Network traffic workloads are widely utilized in applied research to verify correctness and to measure the impact of novel algorithms, protocols, and network functions. We provide a comprehensive survey of traffic generators referenced by researchers over the last 13 years, providing in-depth classification of the functional behaviors of the most frequently cited generators. These classifications are then used as a critical component of a methodology presented to aid in the selection of generators derived from the workload requirements of future research. [ABSTRACT FROM AUTHOR]

Published

2023