Introduction to Modern Information Retrieval
Introduction to Modern Information Retrieval
Using Programmer-Written Compiler Extensions to Catch Security Holes
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Data Mining Methods for Detection of New Malicious Executables
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Learning to detect malicious executables in the wild
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
IEEE Transactions on Pattern Analysis and Machine Intelligence
SubVirt: Implementing malware with virtual machines
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Toward Automated Dynamic Malware Analysis Using CWSandbox
IEEE Security and Privacy
Opcodes as predictor for malware
International Journal of Electronic Security and Digital Forensics
Estimating the selectivity of tf-idf based cosine similarity predicates
ACM SIGMOD Record
On the Limits of Information Flow Techniques for Malware Analysis and Containment
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Towards revealing JavaScript program intents using abstract interpretation
Proceedings of the Sixth Asian Internet Engineering Conference
Opcode-sequence-based semi-supervised unknown malware detection
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
Collective classification for packed executable identification
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Malware classification method via binary content comparison
Proceedings of the 2012 ACM Research in Applied Computation Symposium
Opcode sequences as representation of executables for data-mining-based unknown malware detection
Information Sciences: an International Journal
Malware analysis method using visualization of binary files
Proceedings of the 2013 Research in Adaptive and Convergent Systems
Android malware classification method: Dalvik bytecode frequency analysis
Proceedings of the 2013 Research in Adaptive and Convergent Systems
| Hi-index | 0.00 |
Malware is every malicious code that has the potential to harm any computer or network. The amount of malware is increasing faster every year and poses a serious security threat. Hence, malware detection has become a critical topic in computer security. Currently, signature-based detection is the most extended method within commercial antivirus. Although this method is still used on most popular commercial computer antivirus software, it can only achieve detection once the virus has already caused damage and it is registered. Therefore, it fails to detect new variations of known malware. In this paper, we propose a new method to detect variants of known malware families. This method is based on the frequency of appearance of opcode sequences. Furthermore, we describe a method to mine the relevance of each opcode and, thereby, weigh each opcode sequence frequency. We show that this method provides an effective way to detect variants of known malware families.