"The software protection against analysis has become an important issue in the field of computer engineering. The symbolic execution method, as an approach to explore execution paths and conditions of the program, is recently considered. Therefore, developers try to protect their Code to prevent against symbolic execution. A successful symbolic execution has extracted the provisions of all paths in the form of a symbolic tree. Therefore, we can prevent the symbolic execution of a program to protect the Code in several different ways and hide paths from the view of analysts. This paper focused on obfuscating the condition for behavior so that in the case of symbolic execution analyst can not find the right conditions of a behavior. For this purpose, a new agenda is presented to add some new variables to the execution path that they are related to the program variables to confuse constraint solvers and build many new fake paths in the form of the symbolic tree. Results showed that symbolic analysis tools are unable to obtain all paths after Obfuscation.

In recent years, due to the high availability of documents through the Internet, plagiarism is becoming a serious issue in many fields of research. Moreover, the availability of machine translation systems facilitates the re-use of textual content across languages. So, the detection of plagiarism in cross-lingual cases is now of great importance especially when the source and target language are different. Various methods for automatic detection of text reuse have been developed whose objective is to help human experts investigate suspicious documents for plagiarism cases. For evaluating the performance of theses plagiarism detection systems and algorithms, we need to construct plagiarism detection corpora. In this paper, we propose an English-Persian plagiarism detection corpus comprised of different types of paraphrasing. The goal is to simulate what would be done by humans to conceal plagiarized passages after translating the text into the target language. The proposed corpus includes seven types of paraphrasing methods that cover (but not limited to) all of the Obfuscation types in the previous works into one integrated CLPD corpus. To evaluate the corpus, an extrinsic evaluation approach has been applied by executing a wide variety of plagiarism detection algorithms as downstream tasks on the proposed corpus. The results show that the performance of the algorithms decreases by increasing the Obfuscation complexity.

There are many different ways of securing FPGAs to prevent successful reverse engineering. One of the common forms is Obfuscation methods. In this paper, we proposed an approach based on Obfuscation to prevent FPGAs from successful reverse engineering and, as a result, hardware trojan horses (HTHs) insertion. Our Obfuscation method is using configurable look up tables (CFGLUTs). We suggest to insert CFGLUTs randomly or based on some optional parameters in the design. In this way, some parts of the design are on a secure memory, which contains the bitstream of the CFGLUTs so that the attacker does not have any access to it. We program the CFGLUTs in run-time to complete the bitstream of the FPGA and functionality of the design. If an attacker can reverse engineer the bitstream of the FPGA, he cannot detect the design because some part of it is composed of CFGLUTs, which their bitstream is on a secure memory. The first article uses CFGLUTs for securing FPGAs against HTHs insertion, which are results of reverse engineering. Our methods do not have any power and hardware overhead but 32 clock cycles time overhead.

Obfuscation, as one invasive strategy, is considered to be a defense strategy in the  eld of software and vital information protection against security threats. This paper proposes a new dynamic Obfuscation method, called CSE, based on combining a triplet of control ow, signals and encryption of the management table (MT). This triplet exchanges and hides the control graph program. Then, it produces the MT that includes addresses to guide communication between instructions. A type of the stream cipher symmetric encryption (Spritz) applies to encrypt the MT. Also, a multi-objective function (the ability and the resiliency) based on six implementation metrics and two classic objective functions (the cost and the Mishra) are considered to evaluate the proposed Obfuscation method. Therefore, the proposed triplet Obfuscation method and the multi-objective functions are performed on a small program and a benchmark dataset. The results of our evaluations show that CSE has competitive advantages in comparison with other methods.

With the increasing rate of cyber-attacks, creating security for cyberspace has become more important and crucial. Therefore computers, computer networks and all current systems connected to the Internet are always at risk of cyber-attacks. In this paper, a novel technique based on alteration technique of attack is proposed by providing a new classification in the methods of Obfuscation. In this method, by replacing the attacks that have similar characteristics in the attack strategies the attacker causes an increase in wrong classification and thus reduces the dependence between attack steps. Therefore, by increasing the length of the attack, network security managers cannot easily distinguish cyber-attacks. The proposed model was assessed based on the Bayesian algorithm. The results of the research and implementation of the model indicate that the accuracy of classification (in terms of log) by intrusion detection systems for the best case of clean attacks in the sequel of attack, is-0. 02 and for Obfuscation attacks at the action level is-0. 19. For obfuscate attacks with the alternative technique it becomes-3 and for the insertion technique it decreases to-6. 74. In the proposed model, as in the Obfuscation-based insertion technique, the corresponding attack method has been used. Due to the difference in the type of ambiguity model, different results are obtained, and the combination of these two obfuscating techniques in cyber-attacks can bring better results to the attacker in deceiving the intrusion detection systems and creating uncertainties in the sequence of observed attacks.

Malwares have grown drastically in recent years. Furthermore, the behavior of the newly produced malwares are getting more complex and shrewd. This paper present malware detection methods and especially focus on Code and DLL injection attacks. Novel malwares try to obfuscate and hide their behavior through the injection of malicious Code in allocated memory and binary file of trusted applications. By data mining on massive volume of malwares, the proposed method of the paper derive chain of API calls through installing logger hook at the kernel space of the operating system in order to model the malicious behavior of Code/DLL injection based on linear regression function. The proposed method use association rules machine learning based on Apriori algorithm for early detection of attacks and is able to prevent completion of the attack by blocking remote thread creation. Finnaly, the accuracy of the proposed method is evaluated using dataset from valid references and the results are compared with available Antivirus tools under the same conditions. Results of the evaluation indicate that the proposed method can recognize Code/DLL injection attacks by the accuracy of about 94%. Moreover, success coefficient of the proposed self-defense system is evaluated of 88. 88% against real Code/DLL injection attacks.