An algorithmic approach to the detection and prevention of plagiarism
ACM SIGCSE Bulletin
Experiment on the Automatic Detection of Function Clones in a Software System Using Metrics
ICSM '96 Proceedings of the 1996 International Conference on Software Maintenance
GPLAG: detection of software plagiarism by program dependence graph analysis
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Computer Viruses and Malware (Advances in Information Security)
Computer Viruses and Malware (Advances in Information Security)
DECKARD: Scalable and Accurate Tree-Based Detection of Code Clones
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
VBScript Programmer's Reference
VBScript Programmer's Reference
Proceedings of the 11th Annual conference on Genetic and evolutionary computation
Using Formal Grammar and Genetic Operators to Evolve Malware
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Detecting metamorphic malwares using code graphs
Proceedings of the 2010 ACM Symposium on Applied Computing
Malware obfuscation detection via maximal patterns
IITA'09 Proceedings of the 3rd international conference on Intelligent information technology application
Malware detection based on dependency graph using hybrid genetic algorithm
Proceedings of the 12th annual conference on Genetic and evolutionary computation
| Hi-index | 0.00 |
Malicious software, or malware for short, is one of the most serious threats to computer systems. There are various disguise techniques that hide malware from being detected, and these techniques are becoming more sophisticated. Traditional signature-based detection systems often can not cope with disguised malware timely. In this paper, we propose a new approach to detect disguised malware scripts. The proposed system consists of a metric-based detection algorithm and a hybrid genetic algorithm. We use the frequencies of token occurrences as a metric, and separate identifiers from other program tokens. The genetic algorithm tries further detection by extracting the main core of a program. Experimental tests showed that the proposed system successfully detected a number of newly generated malware scripts which existing anti-viruses missed more than half of. The system would be suitable for an offline malware detection which requires high quality.