Hwang

Hwang

MalPRE Analyst

Publications

Published:

1. Malware2ATT&CK: A sophisticated model for mapping malware to ATT&CK techniques

  • Publication Date: 2024 - 05
  • Journal: Computers & Security
  • DOI: 10.1016/j.cose.2024.103772

This paper presents a model designed to map malware to ATT&CK techniques. It likely delves into the details of how malware behaviors can be effectively translated and categorized within the ATT&CK framework. The research might involve in-depth analysis of malware characteristics and the development of algorithms to accurately map them, thus providing valuable insights for cybersecurity professionals and researchers in understanding and combating malware threats.

2. A Comprehensive Review of Tunnel Detection on Multilayer Protocols: From Traditional to Machine Learning Approaches

  • Publication Date: 2023 - 02 - 03
  • Journal: Applied Sciences
  • DOI: 10.3390/app13031974

This publication offers a thorough and all-encompassing review of tunnel detection techniques on multilayer protocols. It systematically examines the evolution from traditional detection methods to the more advanced machine learning-based approaches. The review may cover aspects such as the performance, limitations, and practical applications of different techniques. It also likely provides a roadmap for future research in this area, guiding the development of more efficient and accurate tunnel detection strategies in network security.

3. A Novel Virus Capable of Intelligent Program Infection through Software Framework Function Recognition

  • Publication Date: 2023 - 01 - 16
  • Journal: Electronics
  • DOI: 10.3390/electronics12020460

The article focuses on a unique virus that has the ability to infect programs intelligently by recognizing software framework functions. It may explore the inner workings of this virus, including how it identifies and exploits software frameworks. Additionally, it could discuss the potential implications of such intelligent viruses on software security and propose possible countermeasures to mitigate the risks they pose.

4. DeMal: Module decomposition of malware based on community discovery

  • Publication Date: 2022 - 06
  • Journal: Computers & Security
  • DOI: 10.1016/j.cose.2022.102680

This research centers around the DeMal method, which is used for decomposing malware modules based on community discovery. It aims to provide a novel way to analyze the internal structure of malware. By breaking down malware into its constituent modules, it may offer a better understanding of how malware functions and potentially lead to the development of more targeted detection and prevention techniques in the field of cybersecurity.

5. Protocol Reverse - Engineering Methods and Tools: A Survey

  • Publication Date: 2022 - 01
  • Journal: Computer Communications
  • DOI: 10.1016/j.comcom.2021.11.009

This is a comprehensive survey that explores the methods and tools used in protocol reverse - engineering. It likely provides an overview of the diverse techniques available, categorizes them based on different criteria, and evaluates their effectiveness. The survey may also discuss the challenges faced in protocol reverse - engineering and suggest areas for future research and improvement. It serves as a valuable resource for those interested in understanding and advancing the field of protocol analysis and reverse - engineering.