Jian Sun, Youmin Zhang, Hong CHEN, Mou CHEN, Qinglei Hu
An unmanned system is defined as an electro-mechanical system capable of exerting its power to perform designated missions with no human operator aboard. Thanks to the development of digital design (artifi-cial intelligence, control, etc .) and robotics in recent years, unmanned systems are making a revolution as an emerging technology with many different applications in the military, civilian
{"title":"Preface: Security and Safety in Unmanned Systems","authors":"Jian Sun, Youmin Zhang, Hong CHEN, Mou CHEN, Qinglei Hu","doi":"10.1051/sands/2023032","DOIUrl":"https://doi.org/10.1051/sands/2023032","url":null,"abstract":"An unmanned system is defined as an electro-mechanical system capable of exerting its power to perform designated missions with no human operator aboard. Thanks to the development of digital design (artifi-cial intelligence, control, etc .) and robotics in recent years, unmanned systems are making a revolution as an emerging technology with many different applications in the military, civilian","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134946946","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper, we study an unmanned aerial vehicle (UAV)-assisted communication system, where the UAV is dispatched to implement simultaneous transmission and reception (STR) in the existence of multiple malicious jammers. Two schemes are investigated, namely frequency band-division-duplex (FDD) and time-fraction (TF). Based on FDD scheme, the UAV can transmit information by using the portion of the bandwidth and receive information within the remaining portion of the bandwidth simultaneously. To perform the STR within the whole bandwidth, the TF-based scheme is considered by using a fraction of a time slot for the downlink, while the remaining fraction of the time slot is allocated for the uplink. We aim to maximize the worst-case throughput by optimizing the UAV three dimensional (3D) trajectory and resource allocation for each scheme. The optimization problem is non-convex and thus computationally intractable. To handle the nonlinear problem, we use the block coordinate decomposition method to disaggregate the optimization problem into four subproblems and adopt the successive convex approximation technique to tackle non-convex problems. The simulation results demonstrate the performance of TF-based scheme over the benchmark schemes.
{"title":"Optimization for UAV-Assisted Simultaneous Transmission and Reception Communications in the Existence of Malicious Jammers","authors":"Zhiyu Huang, Shuzhen Liu, Zhichao Sheng, Hongwen Yu, Antonino Masaracchia","doi":"10.1051/sands/2023031","DOIUrl":"https://doi.org/10.1051/sands/2023031","url":null,"abstract":"In this paper, we study an unmanned aerial vehicle (UAV)-assisted communication system, where the UAV is dispatched to implement simultaneous transmission and reception (STR) in the existence of multiple malicious jammers. Two schemes are investigated, namely frequency band-division-duplex (FDD) and time-fraction (TF). Based on FDD scheme, the UAV can transmit information by using the portion of the bandwidth and receive information within the remaining portion of the bandwidth simultaneously. To perform the STR within the whole bandwidth, the TF-based scheme is considered by using a fraction of a time slot for the downlink, while the remaining fraction of the time slot is allocated for the uplink. We aim to maximize the worst-case throughput by optimizing the UAV three dimensional (3D) trajectory and resource allocation for each scheme. The optimization problem is non-convex and thus computationally intractable. To handle the nonlinear problem, we use the block coordinate decomposition method to disaggregate the optimization problem into four subproblems and adopt the successive convex approximation technique to tackle non-convex problems. The simulation results demonstrate the performance of TF-based scheme over the benchmark schemes.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135477060","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
One of the goals of the sixth generation mobile networks (6G) is to achieve a larger network coverage area. Satellite networks enable global coverage, and aerial nodes such as Unmanned Aerial Vehicle (UAV) can serve as a supplement to ground networks in remote environments. Therefore, 6G networks are gradually evolving towards a Space-Air-Ground integrated networks. The combination of UAV networks and satellite networks is a research hotspot in the field of Space-Air integrated networks. However, the combination of UAV networks and satellite networks currently faces many challenges in terms of security. The characteristics of large propagation delay and unstable communication links in satellite networks make them vulnerable to various attacks, including eavesdropping, tampering, and impersonation. Meanwhile, existing research on UAV networks mainly focuses on UAV-Ground networking authentication mechanisms, which are not suitable for resource-constrained nodes in the Space-Air integration scenario. Therefore, based on elliptic curve public key cryptography and Chebyshev polynomial, we propose a secure networking authentication scheme for satellite nodes and UAV nodes in the Space-Air integration scenario. The security analysis indicates that our scheme possesses the security attributes such as mutual authentication, key agreement, identity anonymity, unlinkability, perfect forward-backward security and resistance against various protocol attacks, among other security properties. Performance analysis also indicates certain advantages of our scheme over existing schemes in terms of signaling, bandwidth, and computational overhead.
{"title":"Enabling Space-Air Integration: A Satellite-UAV Networking Authentication Scheme","authors":"Sheng Li, Jin Cao, Xiaoping Shi, Hui Li","doi":"10.1051/sands/2023030","DOIUrl":"https://doi.org/10.1051/sands/2023030","url":null,"abstract":"One of the goals of the sixth generation mobile networks (6G) is to achieve a larger network coverage area. Satellite networks enable global coverage, and aerial nodes such as Unmanned Aerial Vehicle (UAV) can serve as a supplement to ground networks in remote environments. Therefore, 6G networks are gradually evolving towards a Space-Air-Ground integrated networks. The combination of UAV networks and satellite networks is a research hotspot in the field of Space-Air integrated networks. However, the combination of UAV networks and satellite networks currently faces many challenges in terms of security. The characteristics of large propagation delay and unstable communication links in satellite networks make them vulnerable to various attacks, including eavesdropping, tampering, and impersonation. Meanwhile, existing research on UAV networks mainly focuses on UAV-Ground networking authentication mechanisms, which are not suitable for resource-constrained nodes in the Space-Air integration scenario. Therefore, based on elliptic curve public key cryptography and Chebyshev polynomial, we propose a secure networking authentication scheme for satellite nodes and UAV nodes in the Space-Air integration scenario. The security analysis indicates that our scheme possesses the security attributes such as mutual authentication, key agreement, identity anonymity, unlinkability, perfect forward-backward security and resistance against various protocol attacks, among other security properties. Performance analysis also indicates certain advantages of our scheme over existing schemes in terms of signaling, bandwidth, and computational overhead.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135769636","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the expanding applications of multiple unmanned systems in various fields, more and more research attention has been paid to their security. The aim is to enhance the anti-interference ability, ensure their reliability and stability, and better serve human society. This article conducts adaptive cooperative secure tracking consensus of networked multiple unmanned systems subjected to false data injection attacks. From a practical perspective, each unmanned system is modeled using high-order unknown nonlinear discrete-time systems. To reduce the communication bandwidth between agents, a quantizer-based codec mechanism is constructed. This quantizer uses a uniform logarithmic quantizer, combining the advantages of both quantizers. Because the transmission information attached with the false data can affect the accuracy of the decoder, a new adaptive law is added to the decoder to overcome this difficulty. A distributed controller is devised in the backstepping framework. Rigorous mathematical analysis shows that our proposed control algorithms ensure that all signals of the resultant systems remain bounded. Finally, simulation examples reveal the practical utility of the theoretical analysis.
{"title":"Adaptive Cooperative Secure Control of Networked Multiple Unmanned Systems under FDI Attacks","authors":"Yanhui Zhang, Di Mei, Yong Xu, Lihua Dou","doi":"10.1051/sands/2023029","DOIUrl":"https://doi.org/10.1051/sands/2023029","url":null,"abstract":"With the expanding applications of multiple unmanned systems in various fields, more and more research attention has been paid to their security. The aim is to enhance the anti-interference ability, ensure their reliability and stability, and better serve human society. This article conducts adaptive cooperative secure tracking consensus of networked multiple unmanned systems subjected to false data injection attacks. From a practical perspective, each unmanned system is modeled using high-order unknown nonlinear discrete-time systems. To reduce the communication bandwidth between agents, a quantizer-based codec mechanism is constructed. This quantizer uses a uniform logarithmic quantizer, combining the advantages of both quantizers. Because the transmission information attached with the false data can affect the accuracy of the decoder, a new adaptive law is added to the decoder to overcome this difficulty. A distributed controller is devised in the backstepping framework. Rigorous mathematical analysis shows that our proposed control algorithms ensure that all signals of the resultant systems remain bounded. Finally, simulation examples reveal the practical utility of the theoretical analysis.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"212 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135489864","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
H. Zhang, Haoyu Shen, Zhuping Wang, Sheng Gao, Huaicheng Yan
In this commentary, optimal denial-of-service (DoS) attack strategies on multi-channel cyber-physical systems (CPSs) are considered, which focus on energy allocation on communication channels. For simplicity, a Stackelberg game between one defender and one attacker is constructed. Compared with the existing literature, which mainly pay attention to static equilibrium, the dynamic process of the game is also exhibited in this paper, which fills the gap in the demonstration of dynamic decision-making between both players of the game. In the solution of Stackelberg equilibrium, a self-adaptive particle swarm optimization (PSO) algorithm with Sigmoid-like update function is applied to cope with the nonlinearity of the reward function with faster convergence and wider adaptability. Besides, to acquire better performance of both sides to allocate energy, an online computation algorithm is proposed for dynamic Stackelberg game. Finally, numerical examples are provided to illustrate similarities between theoretic static equilibrium and optimal strategies obtained by Monte Carlo simulations.
{"title":"Optimal DoS Attack on Multi-Channel Cyber-Physical Systems: A Stackelberg Game Analysis","authors":"H. Zhang, Haoyu Shen, Zhuping Wang, Sheng Gao, Huaicheng Yan","doi":"10.1051/sands/2023028","DOIUrl":"https://doi.org/10.1051/sands/2023028","url":null,"abstract":"In this commentary, optimal denial-of-service (DoS) attack strategies on multi-channel cyber-physical systems (CPSs) are considered, which focus on energy allocation on communication channels. For simplicity, a Stackelberg game between one defender and one attacker is constructed. Compared with the existing literature, which mainly pay attention to static equilibrium, the dynamic process of the game is also exhibited in this paper, which fills the gap in the demonstration of dynamic decision-making between both players of the game. In the solution of Stackelberg equilibrium, a self-adaptive particle swarm optimization (PSO) algorithm with Sigmoid-like update function is applied to cope with the nonlinearity of the reward function with faster convergence and wider adaptability. Besides, to acquire better performance of both sides to allocate energy, an online computation algorithm is proposed for dynamic Stackelberg game. Finally, numerical examples are provided to illustrate similarities between theoretic static equilibrium and optimal strategies obtained by Monte Carlo simulations.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"23 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91371254","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yulei Wang, An Huang, Fan Yang, Ning Bian, Jiazhi Zhang, Lulu Guo
In this article, a systematic assessment of cyber-physical security is proposed for the lane keeping control (LKC) system of autonomous vehicles, which, to our knowledge, has not been attempted before. The generalized methodology of impact analysis of typical cyber-attacks is developed, including novel evaluation metrics from the perspectives of safety and performance of the LKC system and innovative index-based resilience and security criteria. Specifically, we propose a security criterion in terms of tracking performance, comfort and vehicle stability, which are the most critical metrics to evaluate the safety and security of an LKC system. Hardware-in-the-Loop (HiL) experimental results show that the proposed evaluation metrics is effective to analyze the impact of the cyber-attacks on commercial LKC system of Dongfeng Motor comprehensively. The conclusions can serve as guidelines for attack detection, diagnosis, and countermeasures.
{"title":"Systematic Assessment of Cyber-Physical Security of Lane Keeping Control System for Autonomous Vehicles","authors":"Yulei Wang, An Huang, Fan Yang, Ning Bian, Jiazhi Zhang, Lulu Guo","doi":"10.1051/sands/2023027","DOIUrl":"https://doi.org/10.1051/sands/2023027","url":null,"abstract":"In this article, a systematic assessment of cyber-physical security is proposed for the lane keeping control (LKC) system of autonomous vehicles, which, to our knowledge, has not been attempted before. The generalized methodology of impact analysis of typical cyber-attacks is developed, including novel evaluation metrics from the perspectives of safety and performance of the LKC system and innovative index-based resilience and security criteria. Specifically, we propose a security criterion in terms of tracking performance, comfort and vehicle stability, which are the most critical metrics to evaluate the safety and security of an LKC system. Hardware-in-the-Loop (HiL) experimental results show that the proposed evaluation metrics is effective to analyze the impact of the cyber-attacks on commercial LKC system of Dongfeng Motor comprehensively. The conclusions can serve as guidelines for attack detection, diagnosis, and countermeasures.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"13 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74798010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
User Equipment (UE) authentication holds paramount importance in upholding the security of wireless networks. A nascent technology, Radio Frequency Fingerprint Identification (RFFI), is gaining prominence as a means to bolster network security authentication. To expedite the integration of RFFI within fifth generation (5G) networks, this research undertakes the creation of a comprehensive link-level simulation platform tailored for 5G scenarios. The devised platform emulates various device impairments, including oscillator, IQ modulator, and power amplifier (PA) nonlinearities, alongside simulating channel distortions. Consequent to this, a plausibility analysis is executed, intertwining transmitter device impairments with 3rd Generation Partnership Project (3GPP) new radio (NR) protocols. Subsequently, an exhaustive exploration is conducted to assess the impact of transmitter impairments, deep neural networks (DNNs), and channel effects on RF fingerprinting performance. Notably, under a signal-to-noise ratio (SNR) of 15dB, the deep learning approach demonstrates the capability to accurately classify 100 UEs with a commendable 91% accuracy rate. Through a multifaceted evaluation, it is ascertained that the Attention-based network architecture emerges as the optimal choice for the RFFI task, serving as the new benchmark model for RFFI applications.
{"title":"The technology of radio frequency fingerprint identification based on deep learning for 5G application","authors":"Hanhong Wang, Yun Lin, Haoran Zha","doi":"10.1051/sands/2023026","DOIUrl":"https://doi.org/10.1051/sands/2023026","url":null,"abstract":"User Equipment (UE) authentication holds paramount importance in upholding the security of wireless networks. A nascent technology, Radio Frequency Fingerprint Identification (RFFI), is gaining prominence as a means to bolster network security authentication. To expedite the integration of RFFI within fifth generation (5G) networks, this research undertakes the creation of a comprehensive link-level simulation platform tailored for 5G scenarios. The devised platform emulates various device impairments, including oscillator, IQ modulator, and power amplifier (PA) nonlinearities, alongside simulating channel distortions. Consequent to this, a plausibility analysis is executed, intertwining transmitter device impairments with 3rd Generation Partnership Project (3GPP) new radio (NR) protocols. Subsequently, an exhaustive exploration is conducted to assess the impact of transmitter impairments, deep neural networks (DNNs), and channel effects on RF fingerprinting performance. Notably, under a signal-to-noise ratio (SNR) of 15dB, the deep learning approach demonstrates the capability to accurately classify 100 UEs with a commendable 91% accuracy rate. Through a multifaceted evaluation, it is ascertained that the Attention-based network architecture emerges as the optimal choice for the RFFI task, serving as the new benchmark model for RFFI applications.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"47 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77588839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hongbo Liu, Yingying Chen, Wenyuan Xu, Zhenhua Liu, Yuchen Su
Jamming attacks and unintentional radio interference are one of the most urgent threats harming the dependability of wireless communication and endangering the successful deployment of pervasive applications built on top of wireless networks. Unlike the traditional approaches focusing on developing jamming defense techniques without considering the location of jammers, we take a different viewpoint that the jammers' position should be identified and exploited for building a wide range of defense strategies to alleviate jamming. In this paper, we address the problem of localizing multiple jamming attackers coexisting in wireless networks by leveraging the network topology changes caused by jamming. We systematically analyze the jamming effects and develop a framework that can partition network topology into clusters and can successfully estimate the positions of multiple jammers even when their jamming areas are overlapping. Our experiments on a multi-hop network setup using MicaZ sensor nodes validate the feasibility of real-time collection of network topology changes under jamming and our extensive simulation results demonstrate that our approach is highly effective in localizing multiple attackers with or without the prior knowledge of the order that the jammers are turned on.
{"title":"Topology-based Multi-jammer Localization in Wireless Networks","authors":"Hongbo Liu, Yingying Chen, Wenyuan Xu, Zhenhua Liu, Yuchen Su","doi":"10.1051/sands/2023025","DOIUrl":"https://doi.org/10.1051/sands/2023025","url":null,"abstract":"Jamming attacks and unintentional radio interference are one of the most urgent threats harming the dependability of wireless communication and endangering the successful deployment of pervasive applications built on top of wireless networks. Unlike the traditional approaches focusing on developing jamming defense techniques without considering the location of jammers, we take a different viewpoint that the jammers' position should be identified and exploited for building a wide range of defense strategies to alleviate jamming. In this paper, we address the problem of localizing multiple jamming attackers coexisting in wireless networks by leveraging the network topology changes caused by jamming. We systematically analyze the jamming effects and develop a framework that can partition network topology into clusters and can successfully estimate the positions of multiple jammers even when their jamming areas are overlapping. Our experiments on a multi-hop network setup using MicaZ sensor nodes validate the feasibility of real-time collection of network topology changes under jamming and our extensive simulation results demonstrate that our approach is highly effective in localizing multiple attackers with or without the prior knowledge of the order that the jammers are turned on.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89747124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yonghua Peng, Guohuai Lin, Guangdeng Chen, Hongyi Li
The dynamic event-triggered (DET) formation control problem of a class of stochastic nonlinear multi-agent systems (MASs) with full state constraints is investigated in this article. Supposing that the human operator sends commands to the leader as control input signals, all followers keep formation through network topology communication. Under the command-filter-based backstepping technique, the radial basis function neural networks (RBF NNs) and the barrier Lyapunov function (BLF) are utilized to resolve the problems of unknown nonlinear terms and full state constraints, respectively. Furthermore, a DET control mechanism is proposed to reduce the occupation of communication bandwidth. The presented distributed formation control strategy guarantees that all signals of the MASs are semi-globally uniformly ultimately bounded (SGUUB) in probability. Finally, the feasibility of the theoretical research result is demonstrated by a simulation example.
{"title":"Dynamic event-triggered-based human-in-the-loop formation control for stochastic nonlinear MASs","authors":"Yonghua Peng, Guohuai Lin, Guangdeng Chen, Hongyi Li","doi":"10.1051/sands/2023024","DOIUrl":"https://doi.org/10.1051/sands/2023024","url":null,"abstract":"The dynamic event-triggered (DET) formation control problem of a class of stochastic nonlinear multi-agent systems (MASs) with full state constraints is investigated in this article. Supposing that the human operator sends commands to the leader as control input signals, all followers keep formation through network topology communication. Under the command-filter-based backstepping technique, the radial basis function neural networks (RBF NNs) and the barrier Lyapunov function (BLF) are utilized to resolve the problems of unknown nonlinear terms and full state constraints, respectively. Furthermore, a DET control mechanism is proposed to reduce the occupation of communication bandwidth. The presented distributed formation control strategy guarantees that all signals of the MASs are semi-globally uniformly ultimately bounded (SGUUB) in probability. Finally, the feasibility of the theoretical research result is demonstrated by a simulation example.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"36 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79434416","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Static analysis is often impeded by malware obfuscation techniques, such as encryption and packing, whereas dynamic analysis tends to be more resistant to obfuscation by leveraging concrete execution information. Unfortunately, malware can employ evasive techniques to detect the analysis environment and alter its behavior accordingly. While known evasive techniques can be explicitly dismantled, the challenge lies in generically dismantling evasions without full knowledge, such as logic bombs that rely on uncertain conditions, let alone unsupported evasive techniques, which contain evasions without corresponding dismantling strategies and those leveraging unknown implementations. �In this paper, we present Antitoxin, a prototype for automatically exploring evasive malware. Antitoxin utilizes multi-path exploration guided by taint analysis and probability calculations to effectively dismantle evasive techniques. The probabilities of branch execution are derived from dynamic coverage, while taint analysis helps identify paths associated with evasive techniques that rely on uncertain conditions. Subsequently, Antitoxin prioritizes branches with lower execution probabilities and those influenced by taint analysis for multi-path exploration. This is achieved through forced execution, which forcefully sets the outcomes of branches on selected paths. Additionally, Antitoxin employs active anti-evasion countermeasures to dismantle known evasive techniques, thereby reducing exploration overhead. Furthermore, Antitoxin provides valuable insights into sensitive behaviors, facilitating deeper manual analysis. �Our experiments on a set of highly evasive samples demonstrate that Antitoxin can effectively dismantle evasive techniques in a generic manner. The probability calculations guide the multi-path exploration of evasions without requiring prior knowledge, enabling the dismantling of unsupported techniques such as C2 and significantly improving efficiency compared to linear exploration when dealing with complex control flows. Additionally, taint analysis can accurately identify branches related to logic bombs, facilitating preferential exploration.
{"title":"Multi-path exploration guided by taint and probability against evasive malware","authors":"Weizhong Qiang, Fangzhou Xu, Wang Zhang, Hai Jin","doi":"10.1051/sands/2023023","DOIUrl":"https://doi.org/10.1051/sands/2023023","url":null,"abstract":"Static analysis is often impeded by malware obfuscation techniques, such as encryption and packing, whereas dynamic analysis tends to be more resistant to obfuscation by leveraging concrete execution information. Unfortunately, malware can employ evasive techniques to detect the analysis environment and alter its behavior accordingly. While known evasive techniques can be explicitly dismantled, the challenge lies in generically dismantling evasions without full knowledge, such as logic bombs that rely on uncertain conditions, let alone unsupported evasive techniques, which contain evasions without corresponding dismantling strategies and those leveraging unknown implementations. \u0000In this paper, we present Antitoxin, a prototype for automatically exploring evasive malware. Antitoxin utilizes multi-path exploration guided by taint analysis and probability calculations to effectively dismantle evasive techniques. The probabilities of branch execution are derived from dynamic coverage, while taint analysis helps identify paths associated with evasive techniques that rely on uncertain conditions. Subsequently, Antitoxin prioritizes branches with lower execution probabilities and those influenced by taint analysis for multi-path exploration. This is achieved through forced execution, which forcefully sets the outcomes of branches on selected paths. Additionally, Antitoxin employs active anti-evasion countermeasures to dismantle known evasive techniques, thereby reducing exploration overhead. Furthermore, Antitoxin provides valuable insights into sensitive behaviors, facilitating deeper manual analysis. \u0000Our experiments on a set of highly evasive samples demonstrate that Antitoxin can effectively dismantle evasive techniques in a generic manner. The probability calculations guide the multi-path exploration of evasions without requiring prior knowledge, enabling the dismantling of unsupported techniques such as C2 and significantly improving efficiency compared to linear exploration when dealing with complex control flows. Additionally, taint analysis can accurately identify branches related to logic bombs, facilitating preferential exploration.","PeriodicalId":79641,"journal":{"name":"Hospital security and safety management","volume":"6 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-08-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77025335","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: