Simone Aonzo
YOU?
Author Swipe
Family ties: A close look at the influence of static features on the precision of malware family clustering Open
International audience
The Dark Side of Native Code on Android Open
From a little research experiment to an essential component of military arsenals, malicious software has constantly been growing and evolving for more than three decades. On the other hand, from a negligible market share, the Android opera…
Mnemocrypt: A Machine Learning Approach for Cryptographic Function Detection in x86 Executables Open
International audience
View article: How to Train your Antivirus: RL-based Hardening through the Problem Space
How to Train your Antivirus: RL-based Hardening through the Problem Space Open
sponsorship: This research is partially funded and supported by: the Research Fund KU Leuven; the Cybersecurity Research Program Flanders; the EU funded project KINAITICS (Grant Agreement Number 101070176); a Google ASPIRE research award; …
View article: How to Train your Antivirus: RL-based Hardening through the Problem-Space
How to Train your Antivirus: RL-based Hardening through the Problem-Space Open
ML-based malware detection on dynamic analysis reports is vulnerable to both evasion and spurious correlations. In this work, we investigate a specific ML architecture employed in the pipeline of a widely-known commercial antivirus company…
Decoding the Secrets of Machine Learning in Malware Classification: A Deep Dive into Datasets, Feature Extraction, and Model Performance Open
International audience
Humans vs. Machines in Malware Classification Open
International audience
Decoding the Secrets of Machine Learning in Malware Classification: A Deep Dive into Datasets, Feature Extraction, and Model Performance Open
Many studies have proposed machine-learning (ML) models for malware detection and classification, reporting an almost-perfect performance. However, they assemble ground-truth in different ways, use diverse static- and dynamic-analysis tech…
The Dark Side of Native Code on Android Open
From a little research experiment to an essential component of military arsenals, malicious software has constantly been growing and evolving for more than three decades. On the other hand, from a negligible market share, the Android opera…
The Dark Side of Native Code on Android Open
From a little research experiment to an essential component of military arsenals, malicious software has constantly been growing and evolving for more than three decades. On the other hand, from a negligible market share, the Android opera…
Longitudinal Study of the Prevalence of Malware Evasive Techniques Open
By their very nature, malware samples employ a variety of techniques to conceal their malicious behavior and hide it from analysis tools. To mitigate the problem, a large number of different evasion techniques have been documented over the…
Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customization Open
Nowadays, more than two billions of mobile devices run Android OS. At the core of this success are the open source nature of the Android Open Source Project and vendors' ability to customize the code base and ship it on their own devices. …
Novel Attacks and Defenses in the Userland of Android Open
In the last decade, mobile devices have spread rapidly, becoming more and more part of our everyday lives; this is due to their feature-richness, mobility, and affordable price. At the time of writing, Android is the leader of the market a…
Obfuscapk: An open-source black-box obfuscation tool for Android apps Open
Obfuscapk is an open-source automatic obfuscation tool for Android apps that works in a black-box fashion (i.e., it does not need the app source code). Obfuscapk supports advanced obfuscation features and has a modular architecture that co…
Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem Open
An open research problem on malware analysis is how to statically distinguish between packed and non-packed executables. This has an impact on antivirus software and malware analysis systems, which may need to apply different heuristics or…
Low-Resource Footprint, Data-Driven Malware Detection on Android Open
Resource-constrained systems are becoming more and more common as users migrate from PCs to mobile devices and as IoT systems enter the mainstream. At the same time, it is not acceptable to reduce the level of security hence it is necessar…