"The software protection against analysis has become an important issue in the field of computer engineering. The symbolic execution method, as an approach to explore execution paths and conditions of the program, is recently considered. Therefore, developers try to protect their code to prevent against symbolic execution. A successful symbolic execution has extracted the provisions of all paths in the form of a symbolic tree. Therefore, we can prevent the symbolic execution of a program to protect the code in several different ways and hide paths from the view of analysts. This paper focused on obfuscating the condition for behavior so that in the case of symbolic execution analyst can not find the right conditions of a behavior. For this purpose, a new agenda is presented to add some new variables to the execution path that they are related to the program variables to confuse constraint solvers and build many new fake paths in the form of the symbolic tree. Results showed that symbolic analysis tools are unable to obtain all paths after Obfuscation.

In recent years, due to the high availability of documents through the Internet, plagiarism is becoming a serious issue in many fields of research. Moreover, the availability of machine translation systems facilitates the re-use of textual content across languages. So, the detection of plagiarism in cross-lingual cases is now of great importance especially when the source and target language are different. Various methods for automatic detection of text reuse have been developed whose objective is to help human experts investigate suspicious documents for plagiarism cases. For evaluating the performance of theses plagiarism detection systems and algorithms, we need to construct plagiarism detection corpora. In this paper, we propose an English-Persian plagiarism detection corpus comprised of different types of paraphrasing. The goal is to simulate what would be done by humans to conceal plagiarized passages after translating the text into the target language. The proposed corpus includes seven types of paraphrasing methods that cover (but not limited to) all of the Obfuscation types in the previous works into one integrated CLPD corpus. To evaluate the corpus, an extrinsic evaluation approach has been applied by executing a wide variety of plagiarism detection algorithms as downstream tasks on the proposed corpus. The results show that the performance of the algorithms decreases by increasing the Obfuscation complexity.

There are many different ways of securing FPGAs to prevent successful reverse engineering. One of the common forms is Obfuscation methods. In this paper, we proposed an approach based on Obfuscation to prevent FPGAs from successful reverse engineering and, as a result, hardware trojan horses (HTHs) insertion. Our Obfuscation method is using configurable look up tables (CFGLUTs). We suggest to insert CFGLUTs randomly or based on some optional parameters in the design. In this way, some parts of the design are on a secure memory, which contains the bitstream of the CFGLUTs so that the attacker does not have any access to it. We program the CFGLUTs in run-time to complete the bitstream of the FPGA and functionality of the design. If an attacker can reverse engineer the bitstream of the FPGA, he cannot detect the design because some part of it is composed of CFGLUTs, which their bitstream is on a secure memory. The first article uses CFGLUTs for securing FPGAs against HTHs insertion, which are results of reverse engineering. Our methods do not have any power and hardware overhead but 32 clock cycles time overhead.

Obfuscation, as one invasive strategy, is considered to be a defense strategy in the  eld of software and vital information protection against security threats. This paper proposes a new dynamic Obfuscation method, called CSE, based on combining a triplet of control ow, signals and encryption of the management table (MT). This triplet exchanges and hides the control graph program. Then, it produces the MT that includes addresses to guide communication between instructions. A type of the stream cipher symmetric encryption (Spritz) applies to encrypt the MT. Also, a multi-objective function (the ability and the resiliency) based on six implementation metrics and two classic objective functions (the cost and the Mishra) are considered to evaluate the proposed Obfuscation method. Therefore, the proposed triplet Obfuscation method and the multi-objective functions are performed on a small program and a benchmark dataset. The results of our evaluations show that CSE has competitive advantages in comparison with other methods.

With the increasing rate of cyber-attacks, creating security for cyberspace has become more important and crucial. Therefore computers, computer networks and all current systems connected to the Internet are always at risk of cyber-attacks. In this paper, a novel technique based on alteration technique of attack is proposed by providing a new classification in the methods of Obfuscation. In this method, by replacing the attacks that have similar characteristics in the attack strategies the attacker causes an increase in wrong classification and thus reduces the dependence between attack steps. Therefore, by increasing the length of the attack, network security managers cannot easily distinguish cyber-attacks. The proposed model was assessed based on the Bayesian algorithm. The results of the research and implementation of the model indicate that the accuracy of classification (in terms of log) by intrusion detection systems for the best case of clean attacks in the sequel of attack, is-0. 02 and for Obfuscation attacks at the action level is-0. 19. For obfuscate attacks with the alternative technique it becomes-3 and for the insertion technique it decreases to-6. 74. In the proposed model, as in the Obfuscation-based insertion technique, the corresponding attack method has been used. Due to the difference in the type of ambiguity model, different results are obtained, and the combination of these two obfuscating techniques in cyber-attacks can bring better results to the attacker in deceiving the intrusion detection systems and creating uncertainties in the sequence of observed attacks.

Fab-less business model in semiconductor industry has led to serious concerns about trustworthy hardware. In untrusted foundries and manufacturing companies, submitted layout may be analyzed and reverse engineered to steal the information of a design or insert malicious Trojans. Understanding the netlist topology is the ultimate goal of the reverse engineering process. In this paper, we propose a netlist encryption mechanism to hide the interconnect topology inside an IC. Moreover, new special standard cells (Wire Scrambling cells) are designed to play the role of netlist encryption. Furthermore, a design flow is proposed to insert the WS-cells inside the netlist with the aim of maximum Obfuscation and minimum overhead. It is worth noting that this mechanism is fully automated with no need to detail information of the functionality and structure of the design. Our proposed mechanism is implemented in an academic physical design framework (EduCAD). Experimental results show that reverse engineering can be hindered considerably in cost of negligible overheads by 23% in area, 3.25% in delay and 14.5% in total wire length. Reverse engineering is evaluated by brute-force attack, and the learned information is 0% and the Hamming distance is approximately 50%.

One of the most important threats of recent years in computer systems and cyber space is ambiguous cyber-attack. Obfuscation at the level of attack means change of attack, without change in behavior and change in the type of impact of attack on the victim. In this paper, a new classification method has been proposed for modeling cyber attacks, a method based on the technique of insertion attacks. In this method, by increasing the wrong classification in attack strategies, the dependency between the warnings and precautions is separated; so, by increasing the length of the attack, network security managers cannot easily distinguish cyber-attacks. The proposed model is based on Bayesian algorithm. Tables and the assessment figures show the proper formulation of the mechanisms provided for the sequence of attacks so that the detection of Obfuscation attacks is far less likely than clean attacks. By increasing the sequence of attacks, the correct classification accuracy tends to zero. The proposed method for Obfuscation of the attacks due to the ability to mislead the intrusion detection systems and to create uncertainty in the sequence of the observed attacks, has better performance than the Obfuscation logic at both code and action level.

Islamic philosophy, with its foundations of ontology (ontological), has established the most basic foundations of rational theology. Uncertainty and gradation in these principles inflicts irreparable damage on theology in a special (more peculiar) sense and transforms it into another path with transformative consequences. Principality of existence has a prominent, visible and irreplaceable role among all the central principles of ontology. Transcendent Wisdom has established this principle by recognizing its effective role. Opponents of it have, as a result of some inconsistencies results with their presuppositions, such as the unity of existence, distorted and induced doubt in its proofs. The main doubt is the accusation of circle doubt and circular reasoning by a seemingly heterogeneous spectrum, including anti-philosophers and some separatists (gradationists) in a polemical method. In this opportunity, attention will be paid to four reasons that are in this doubt. These reasons are: the argument of the goodness of existence, the argument based on the difference between the effects of external existence and the mental existence, the argument based on the refusal (impossibility) of doubt in gradation the quiddity and the argument of intensified (intensifying) motion. By presenting the contents of these arguments, the content of the doubt will also be tested against them. The analysis shows that the skepticism is due to insufficient attention to the principles of these arguments.

Malware analysis is essential to understanding the internal logic and intent of malware programs in order to mitigate their threats. As the analysis methods have evolved, malware authors have adopted more techniques such as the virtualization Obfuscation to protect the malware inner workings. This manuscript presents a framework for deobfuscating software which abstracts the input program as much as a mathematical model of its behavior, through monitoring every single operation performed during the malware execution. Also the program is guided to run through its di erent execution paths automatically in order to gather as much knowledge as possible in the shortest time span. This makes it possible to  nd hidden logics and deobfuscate di erent Obfuscation techniques without being dependent on their speci c details. The resulting model is then recoded as a C program without the arti cially added complexities. This code is called a twincode and behaves in the same manner as the obfuscated binary. As a proof of concept, the proposed framework is implemented and its e ectiveness is evaluated on obfuscated binaries. Program control flow graphs are inspected as a measure of successful code recovery. The performance of the proposed framework is evaluated using the set of SPEC test programs.

Recent improvements in web standards and technologies enable the attackers to hide and obfuscate infectious codes with new methods and thus escaping the security filters. In this paper, we study the application of machine learning techniques in detecting malicious web pages. In order to detect malicious web pages, we propose and analyze a novel set of features including HTML, JavaScript (jQuery library) and XSS attacks. The proposed features are evaluated on a data set that is gathered by a crawler from malicious web domains, IP and address black lists. For the purpose of evaluation, we use a number of machine learning algorithms. Experimental results show that using the proposed set of features, the C4.5-Tree algorithm offers the best performance with 97: 61% accuracy, and F1-measure has 96: 75% accuracy. We also rank the quality of the features. Experimental results suggest that nine of the proposed features are among the twenty best discriminative features.