scholarly journals Input-Output Example-Guided Data Deobfuscation on Binary

2021 ◽  
Vol 2021 ◽  
pp. 1-16
Author(s):  
Yujie Zhao ◽  
Zhanyong Tang ◽  
Guixin Ye ◽  
Xiaoqing Gong ◽  
Dingyi Fang
Keyword(s):  
Search Algorithm ◽  
Program Synthesis ◽  
Input Output ◽  
Fine Grained ◽  
Heuristic Search Algorithm ◽  
Target Program ◽  
Data Obfuscation ◽  
Monte Carlo Search ◽  
Low Efficiency ◽  
Output Behavior

Data obfuscation is usually used by malicious software to avoid detection and reverse analysis. When analyzing the malware, such obfuscations have to be removed to restore the program into an easier understandable form (deobfuscation). The deobfuscation based on program synthesis provides a good solution for treating the target program as a black box. Thus, deobfuscation becomes a problem of finding the shortest instruction sequence to synthesize a program with the same input-output behavior as the target program. Existing work has two limitations: assuming that obfuscated code snippets in the target program are known and using a stochastic search algorithm resulting in low efficiency. In this paper, we propose fine-grained obfuscation detection for locating obfuscated code snippets by machine learning. Besides, we also combine the program synthesis and a heuristic search algorithm of Nested Monte Carlo Search. We have applied a prototype implementation of our ideas to data obfuscation in different tools, including OLLVM and Tigress. Our experimental results suggest that this approach is highly effective in locating and deobfuscating the binaries with data obfuscation, with an accuracy of at least 90.34%. Compared with the state-of-the-art deobfuscation technique, our approach’s efficiency has increased by 75%, with the success rate increasing by 5%.

Policy adaptation for vehicle routing

2020 ◽  
pp. 1-15
Author(s):  
Tristan Cazenave ◽  
Jean-Yves Lucas ◽  
Thomas Triboulet ◽  
Hyoseok Kim
Keyword(s):  
Vehicle Routing ◽  
Search Algorithm ◽  
Daily Basis ◽  
Electric Utility ◽  
Routing Problem ◽  
Utility Company ◽  
Standard Problem ◽  
Policy Adaptation ◽  
Monte Carlo Search ◽  
Player Game

Nested Rollout Policy Adaptation (NRPA) is a Monte Carlo search algorithm that learns a playout policy in order to solve a single player game. In this paper we apply NRPA to the vehicle routing problem. This problem is important for large companies that have to manage a fleet of vehicles on a daily basis. Real problems are often too large to be solved exactly. The algorithm is applied to standard problem of the literature and to the specific problems of EDF (Electricité De France, the main French electric utility company). These specific problems have peculiar constraints. NRPA gives better result than the algorithm previously used by EDF.

scholarly journals Comparing global input-output behavior of frozen-equivalent LPV state-space models

2017 ◽  
Vol 50 (1) ◽  
pp. 9766-9771 ◽  
Author(s):  
Ziad Alkhoury ◽  
Mihály Petreczky ◽  
Guillaume Mercère
Keyword(s):  
State Space ◽  
State Space Models ◽  
Input Output ◽  
Output Behavior

scholarly journals Exact and Heuristic Methods for Observing Task-Oriented Satellite Cluster Agent Team Formation

2018 ◽  
Vol 2018 ◽  
pp. 1-23 ◽  
Author(s):  
Hao Chen ◽  
Shu Yang ◽  
Jun Li ◽  
Ning Jing
Keyword(s):  
Large Scale ◽  
Search Algorithm ◽  
Low Cost ◽  
Team Formation ◽  
Satellite Systems ◽  
Heuristic Search Algorithm ◽  
Earth Observation Satellite ◽  
Novel Algorithms ◽  
Swarm Intelligence Optimization ◽  
Task Oriented

With the development of aerospace science and technology, Earth Observation Satellite cluster which consists of heterogeneous satellites with many kinds of payloads appears gradually. Compared with the traditional satellite systems, satellite cluster has some particular characteristics, such as large-scale, heterogeneous satellite platforms, various payloads, and the capacity of performing all the observation tasks. How to select a subset from satellite cluster to perform all observation tasks effectively with low cost is a new challenge arousing in the field of aerospace resource scheduling. This is the agent team formation problem for observation task-oriented satellite cluster. A mathematical scheduling model is built. Three novel algorithms, i.e., complete search algorithm, heuristic search algorithm, and swarm intelligence optimization algorithm, are proposed to solve the problem in different scales. Finally, some experiments are conducted to validate the effectiveness and practicability of our algorithms.

scholarly journals Reconciling optimization with secure compilation

2021 ◽  
Vol 5 (OOPSLA) ◽  
pp. 1-30
Author(s):  
Son Tuan Vu ◽  
Albert Cohen ◽  
Arnaud De Grandmaison ◽  
Christophe Guillon ◽  
Karine Heydemann
Keyword(s):  
Side Effects ◽  
Control Flow ◽  
Partial Ordering ◽  
Input Output ◽  
Machine Code ◽  
Fine Grained ◽  
Control Flow Integrity ◽  
Correct Execution ◽  
Source Level ◽  
And Performance

Software protections against side-channel and physical attacks are essential to the development of secure applications. Such protections are meaningful at machine code or micro-architectural level, but they typically do not carry observable semantics at source level. This renders them susceptible to miscompilation, and security engineers embed input/output side-effects to prevent optimizing compilers from altering them. Yet these side-effects are error-prone and compiler-dependent. The current practice involves analyzing the generated machine code to make sure security or privacy properties are still enforced. These side-effects may also be too expensive in fine-grained protections such as control-flow integrity. We introduce observations of the program state that are intrinsic to the correct execution of security protections, along with means to specify and preserve observations across the compilation flow. Such observations complement the input/output semantics-preservation contract of compilers. We introduce an opacification mechanism to preserve and enforce a partial ordering of observations. This approach is compatible with a production compiler and does not incur any modification to its optimization passes. We validate the effectiveness and performance of our approach on a range of benchmarks, expressing the secure compilation of these applications in terms of observations to be made at specific program points.

Sign in / Sign up

Export Citation Format

Share Document