Research Article
Bahram Rashidi
Abstract
In this paper, we present four low-cost substitution boxes (S-boxes) including two 4-bit S-boxes called $S_1$ and $S_2$ and two 8-bit S-boxes called $SB_1$ and $SB_2$, which are suitable for the development of lightweight block ciphers. The 8-bit $SB_1$ S-box is constructed based on four 4-bit S-boxes, ...
Read More
In this paper, we present four low-cost substitution boxes (S-boxes) including two 4-bit S-boxes called $S_1$ and $S_2$ and two 8-bit S-boxes called $SB_1$ and $SB_2$, which are suitable for the development of lightweight block ciphers. The 8-bit $SB_1$ S-box is constructed based on four 4-bit S-boxes, multiplication by constant 0x2 in the finite field $\F_{2^4}$, and field addition operations. Also, the proposed 8-bit S-box $SB_2$ is composed of five permutation blocks, two 4-bit S-boxes $S_1$ and one 4-bit S-box $S_2$, multiplication by constant 0x2, and addition operations in sequence. The proposed structures of the S-box are simple and low-cost. These structures have low area and low critical path delay. The cryptographic strength of the proposed S-boxes is analyzed by studying the properties of S-box such as Nonlinearity, Differential uniformity (DU), Strict avalanche criterion (SAC), Algebraic degree (AD), Differential approximation probability (DAP), and Linear approximation probability (LAP) in SAGE. The hardware results, in 180 nm CMOS technology, show the proposed S-boxes are comparable in terms of security properties, area, delay, and area$\times$delay with most of the famous S-boxes.
Research Article
Hayyan Hasan; Hasan Deeb; Behrouz Tork Ladani
Abstract
Sensitive methods are those that are commonly used by Android malware to perform malicious behavior. These methods may be either evasion or malicious payload methods. Although there are several approaches to handle these methods for performing effective dynamic malware analysis, but generally most of ...
Read More
Sensitive methods are those that are commonly used by Android malware to perform malicious behavior. These methods may be either evasion or malicious payload methods. Although there are several approaches to handle these methods for performing effective dynamic malware analysis, but generally most of them are based on a manually created list. However, the performance shown by the selected approaches is dependent on completeness of the manually created list that is not almost a complete and up-to-date one. Missing some sensitive methods causes to degrade the overall performance and affects the effectiveness of analyzing Android malware.In this paper, we propose a machine learning approach to predict new sensitive methods that might be used in Android malware. We use a manually collected training dataset to train two classifiers: a classifier for detecting the sensitivity nature of the Android methods, and another classifier to categorize the detected sensitive methods into predefined categories. We applied the proposed approach to a large number of methods extracted from Android API 27. The proposed approach is able to predict hundreds of sensitive methods with accuracy of 90.5% for the first classifier and 87.4% for the second classifier. To evaluate the proposed approach, we built a new list of the detected sensitive methods and used it in a number of tools to perform dynamic malware analysis. The proposed model found various sensitive methods that were not considered before by any other tools. Hence, the effectiveness of these tools in performing dynamic analysis are increased.