CRII

Malware, with harmful intent to compromise computer systems, has been one of the significant challenges to the Internet. Driven by the rich profit, relentless malware developers apply various obfuscation schemes to circumvent malware detection. Binary packing is the most common obfuscation adopted by malware authors to camouflage malicious code and defeat popular signature-based malware detection. Binary packing first encrypts or compresses malware code as data, making it immune to static analysis.

On mobile devices, the advancement and sophistication in application development and the great reliance on their functionality daily by many users makes them a critical piece of evidence for digital investigations. This project focuses on the reconstruction of app execution to recover user and fingerprint malware activities on mobile devices. The research will provide a methodology for investigators to easily outline user actions and strategies, and possible malware attack blueprint without the need for prior knowledge of the target application logic.

Many organizations and companies have recently chosen to use so-called bug-bounty programs, which allow outside security experts to evaluate the security of an organization's products and services and to report security vulnerabilities in exchange for rewards. Bug-bounty programs provide unique benefits by allowing organizations to publicly signal their commitment to security and to harness the diverse expertise of thousands of security experts in an affordable way. Despite their rapidly growing popularity, bug-bounty programs are not well understood and can be mismanaged.

The Border Gateway Protocol (BGP) is responsible for managing how packets are routed across the Internet by exchanging routing related messages (path announcements) between routers. While the Border Gateway Protocol plays a critical role in the Internet communications, it remains highly vulnerable to many attacks. This is because the protocol was originally designed for each BGP router to trust all protocol related messages, especially path announcements, sent by its neighboring routers.

Current information technology (IT) systems are relatively static from a configuration perspective and give adversaries the valuable advantage of time for breaching them. A new concept, called Moving Target Defense or MTD, dynamically reconfigures systems to increase uncertainty and complexity for attackers, reduce their window of opportunity, and raise the costs of their reconnaissance and attack endeavors. All of these contribute towards increased security.