Computer viruses: theory and experiments
Computers and Security
Polymorphic worm detection using structural information of executables
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
A graph mining approach for detecting unknown malwares
Journal of Visual Languages and Computing
| Hi-index | 0.00 |
Malware detection and prevention methods are increasingly becoming important particularly for all computer systems connected to Internet. The term 'Malware' is collectively used for viruses, worms, Trojan's etc. Malicious activities of malware is to steal, modify, leak the data to external server or consuming system resources thereby degrading the performance of system. To avoid detection, malicious code(s) generates multiple variants while they propagate. In past, researchers have addressed malware detection using Control Flow Graph (CFG). These detection methods were based on comparison of shapes of CFG's of original sample with that of variants. The proposed approach compares instructions at basic block of original malware with that of the variants using longest common subsequence (LCS). Some viruses and benign programs have been used in the test set. Preliminary results are promising to prove the effectiveness of our proposed methodology.