Publications

2023

1. JCVHT

   Use of cryptography in malware obfuscation

   Hassan Jameel Asghar, Benjamin Zi Hao Zhao, Muhammad Ikram, Giang Nguyen, Dali Kaafar, Sean Lamont, and Daniel Coscia

   Journal of Computer Virology and Hacking Techniques, 2023

   Abs arXiv Bib HTML PDF

   Malware authors often use cryptographic tools such as XOR encryption and block ciphers like AES to obfuscate part of the malware to evade detection. Use of cryptography may give the impression that these obfuscation techniques have some provable guarantees of success. In this paper, we take a closer look at the use of cryptographic tools to obfuscate malware. We first find that most techniques are easy to defeat (in principle), since the decryption algorithm and the key is shipped within the program. In order to clearly define an obfuscation technique’s potential to evade detection we propose a principled definition of malware obfuscation, and then categorize instances of malware obfuscation that use cryptographic tools into those which evade detection and those which are detectable. We find that schemes that are hard to de-obfuscate necessarily rely on a construct based on environmental keying. We also show that cryptographic notions of obfuscation, e.g., indistinghuishability and virtual black box obfuscation, may not guarantee evasion detection under our model. However, they can be used in conjunction with environmental keying to produce hard to de-obfuscate version of programs.

   @article{asghar_use_2023,
     title = {Use of cryptography in malware obfuscation},
     issn = {2263-8733},
     url = {https://doi.org/10.1007/s11416-023-00504-y},
     doi = {10.1007/s11416-023-00504-y},
     urldate = {2024-01-23},
     journal = {Journal of Computer Virology and Hacking Techniques},
     author = {Asghar, Hassan Jameel and Zhao, Benjamin Zi Hao and Ikram, Muhammad and Nguyen, Giang and Kaafar, Dali and Lamont, Sean and Coscia, Daniel},
     year = {2023},
     keywords = {Cryptography, Environmental keying, Malware detection, Malware obfuscation},
   }

2019

1. Computer Assisted Composition in Continuous Time

   Chamin Hewa Koneputugodage, Rhys Healy, Sean Lamont, Ian Mallett, Matt Brown, Matt Walters, Ushini Attanayake, Libo Zhang, Roger T. Dean, Alexander Hunter, Charles Gretton, and Christian Walder

   2019

   Abs arXiv Bib PDF

   We address the problem of combining sequence models of symbolic music with user defined constraints. For typical models this is non-trivial as only the conditional distribution of each symbol given the earlier symbols is available, while the constraints correspond to arbitrary times. Previously this has been addressed by assuming a discrete time model of fixed rhythm. We generalise to continuous time and arbitrary rhythm by introducing a simple, novel, and efficient particle filter scheme, applicable to general continuous time point processes. Extensive experimental evaluations demonstrate that in comparison with a more traditional beam search baseline, the particle filter exhibits superior statistical properties and yields more agreeable results in an extensive human listening test experiment.

   @misc{koneputugodage2019computer,
     title = {Computer Assisted Composition in Continuous Time},
     author = {Koneputugodage, Chamin Hewa and Healy, Rhys and Lamont, Sean and Mallett, Ian and Brown, Matt and Walters, Matt and Attanayake, Ushini and Zhang, Libo and Dean, Roger T. and Hunter, Alexander and Gretton, Charles and Walder, Christian},
     year = {2019},
   }

2017

1. AAMAS

   Generalised Discount Functions applied to a Monte-Carlo AImu Implementation

   Sean Lamont, John Aslanides, Jan Leike, and Marcus Hutter

   Autonomous Agents and Multiagent Systems, 2017

   Abs arXiv Bib HTML PDF Poster Website

   In recent years, work has been done to develop the theory of General Reinforcement Learning (GRL). However, there are few examples demonstrating the known results regarding generalised discounting. We have added to the GRL simulation platform AIXIjs the functionality to assign an agent arbitrary discount functions, and an environment which can be used to determine the effect of discounting on an agent’s policy. Using this, we investigate how geometric, hyperbolic and power discounting affect an informed agent in a simple MDP. We experimentally reproduce a number of theoretical results, and discuss some related subtleties. It was found that the agent’s behaviour followed what is expected theoretically, assuming appropriate parameters were chosen for the Monte-Carlo Tree Search (MCTS) planning algorithm.

   @article{lamont2017generalised,
     title = {Generalised Discount Functions applied to a Monte-Carlo AImu Implementation},
     author = {Lamont, Sean and Aslanides, John and Leike, Jan and Hutter, Marcus},
     journal = {Autonomous Agents and Multiagent Systems},
     pages = {1589-1591},
     year = {2017},
     url = {https://www.ifaamas.org/Proceedings/aamas2017/pdfs/p1589.pdf},
     publisher = {International Foundation for Autonomous Agents and Multiagent Systems},
   }