Data Mining Methods for Detection of New Malicious Executables
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
K-gram based software birthmarks
Proceedings of the 2005 ACM symposium on Applied computing
Normalizing Metamorphic Malware Using Term Rewriting
SCAM '06 Proceedings of the Sixth IEEE International Workshop on Source Code Analysis and Manipulation
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
A Combined Static and Dynamic Software Birthmark Based on Component Dependence Graph
IIH-MSP '08 Proceedings of the 2008 International Conference on Intelligent Information Hiding and Multimedia Signal Processing
Malware detection based on dependency graph using hybrid genetic algorithm
Proceedings of the 12th annual conference on Genetic and evolutionary computation
Identification of Steganography Software Based on Core Instructions Template Matching
MINES '11 Proceedings of the 2011 Third International Conference on Multimedia Information Networking and Security
Steganalysis of LSB replacement using parity-aware features
IH'12 Proceedings of the 14th international conference on Information Hiding
Hi-index | 0.00 |
Steganography software detection is one of effective approaches for steganography forensics using software analysis. In this paper a method of LSB replacement steganography software detection is proposed. Firstly three typical implementations of LSB replacement algorithms are analyzed and Finite Automatons description of them are presented. Secondly the control flow automatons are constructed for softwares to be detected. Finally, the model checking method for identifying LSB replacement steganography software is adopted. Experimental results show that the proposed method can reliably detect LSB replacement steganography softwares of different versions and those that are reimplemented relatively.