20 posts found

Number, bases. How to convert decimal, hexadecimal and binary ?

Bases

A base is a set of symbols (digits) that can be used to represent a value (number).

• Decimal base = 0 1 2 3 4 5 6 7 8 9
• Hexadecimal base = 0 1 2 3 4 5 6 7 8 9 A B C D E F (a = 10, b = 11, ...)

The significance of each digit depends on its position (power of N, where N is the number of digits in the base).

System Architecture: Core, Scheduling, Memory

Memory architecture

Processor architecture

The computer has a processor, which contains cores. Each core contains FPU (Floating Point Unit), ALU (Arithmetic and Logic Unit), registers (very quick memory 1-3 cycles to access), caches (L1, L2, L3 for each core or shared in the whole CPU). The computer also has RAM (80 cycles) and mass-storage memory (milliseconds).

System security 22 2/2 + 23 1/2

• OCR recognition
• text: segmentation of characters
• sound, image, text, understanding, logic, unfakable human ability

System security 22 1/2

ENT test

Find false randomness (not a proof to true randomness)

• entropy
• compression
• chi-square
• arithmetic mean
• montecarlo estimation for PI
• serial correlation coefficient)

https://www.fourmilab.ch/random/

Example: Entropy = 7.980627 bits per character.

Optimum compression would reduce the size
of this 51768 character file by 0 percent.

Chi square distribution for 51768 samples is 1542.26, and randomly
would exceed this value less than 0.01 percent of the times.

Arithmetic mean value of data bytes is 125.93 (127.5 = random).
Monte Carlo value for Pi is 3.169834647 (error 0.90 percent).
Serial correlation coefficient is 0.004249 (totally uncorrelated = 0.0).

Steganography

Over other media

Executables

• requires redundancy in different instruction sets
• equivalent instructions to encode some bits
• used also as watermarking (weak stealth so bad steganography - average robustness)

Decryptor

Viruses Decryptors

aims to cloak the malicious code

Xor

xor [si], si

It xors the address si with its value and write the result in place of the old value. Cryptographically weak

System Security 14 1/1

Steganography

Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video.

Classification

Errors

• false positive (under-approximation)
• false negative (over-approximation)

AV software aims != triaging files aims So it might be better to have false positive / false negative