Please use this identifier to cite or link to this item:
http://dspace.cus.ac.in/jspui/handle/1/6409
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Sheneamer, Abdullah | - |
dc.contributor.author | Roy, Swarup | - |
dc.contributor.author | Kalita, Jugal | - |
dc.date.accessioned | 2019-10-18T09:16:51Z | - |
dc.date.available | 2019-10-18T09:16:51Z | - |
dc.date.issued | 2017 | - |
dc.identifier.citation | Expert Systems with Applications, V.97, 2018, 405-420 pp. | en_US |
dc.identifier.issn | 0957-4174 | - |
dc.identifier.uri | https://doi.org/10.1016/j.eswa.2017.12.040 | - |
dc.identifier.uri | http://dspace.cus.ac.in/jspui/handle/1/6409 | - |
dc.description.abstract | Code obfuscation is a staple tool in malware creation where code fragments are altered substantially to make them appear different from the original, while keeping the semantics unaffected. A majority of the obfuscated code detection methods use program structure as a signature for detection of unknown codes. They usually ignore the most important feature, which is the semantics of the code, to match two code fragments or programs for obfuscation. Obfuscated code detection is a special case of the semantic code clone detection task. We propose a detection framework for detecting both code obfuscation and clone using machine learning. We use features extracted from Java bytecode dependency graphs (BDG), program dependency graphs (PDG) and abstract syntax trees (AST). BDGs and PDGs are two representations of the semantics or meaning of a Java program. ASTs capture the structural aspects of a program. We use several publicly available code clone and obfuscated code datasets to validate the effectiveness of our framework. We use different assessment parameters to evaluate the detection quality of our proposed model. Experimental results are excellent when compared with contemporary obfuscated code and code clone detectors. Interestingly, we achieve 100% success in detecting obfuscated code based on recall, precision, and F1-Score. When we compare our method with other methods for all of obfuscations types, viz, contraction, expansion, loop transformation and renaming, our model appears to be the winner. In case of clone detection our model achieve very high detection accuracy in comparison to other similar detectors. | en_US |
dc.language.iso | en | en_US |
dc.publisher | Elsevier | en_US |
dc.relation.ispartofseries | https://doi.org/10.1016/j.eswa.2017.12.040; | - |
dc.subject | Code obfuscation | en_US |
dc.subject | Semantic code clones | en_US |
dc.subject | Machine learning | en_US |
dc.subject | Bytecode dependency graph | en_US |
dc.subject | Program dependency graph | en_US |
dc.title | A detection framework for semantic code clones and obfuscated code | en_US |
dc.type | Article | en_US |
dc.identifier.Volume | 97 | - |
Appears in Collections: | Swarup Roy |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
AbdullahSheneamerExpertSystems2017.pdf | 4.36 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.