Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
Parsing techniques: a practical guide
Parsing techniques: a practical guide
An introduction to signal detection and estimation (2nd ed.)
An introduction to signal detection and estimation (2nd ed.)
Windows NT/2000 Native API Reference
Windows NT/2000 Native API Reference
The Giant Black Book of Computer Viruses
The Giant Black Book of Computer Viruses
BASIS: A Biological Approach to System Information Security
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
Immunocomputing: Principles and Applications
Immunocomputing: Principles and Applications
Recent worms: a survey and trends
Proceedings of the 2003 ACM workshop on Rapid malcode
Proceedings of the 2003 ACM workshop on Rapid malcode
Access for sale: a new class of worm
Proceedings of the 2003 ACM workshop on Rapid malcode
Proceedings of the 2003 ACM workshop on Rapid malcode
Microsoft Windows Internals, Fourth Edition: Microsoft Windows Server(TM) 2003, Windows XP, and Windows 2000 (Pro-Developer)
CEEMAS'03 Proceedings of the 3rd Central and Eastern European conference on Multi-agent systems
An FSM-Based Approach for Malicious Code Detection Using the Self-Relocation Gene
ICIC '08 Proceedings of the 4th international conference on Intelligent Computing: Advanced Intelligent Computing Theories and Applications - with Aspects of Theoretical and Methodological Issues
Hi-index | 0.00 |
This paper describes a novel approach for preventative protection from both known and previously unknown malicious executable codes. It does not rely on screening the code for signatures of known viruses, but instead it detects attempts of the executable code in question to self-replicate during run time. Self-replication is the common feather of most malicious codes, allowing them to maximize their impact. This approach is an extension of the earlier developed method for detecting previously unknown viruses in script based computer codes. The paper presents a software tool implementing this technique for behavior-based run-time detection and suspension of self-replicating functionality in executable codes for Microsoft Windows operating systems.