IMDS: intelligent malware detection system
Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining
A static API birthmark for Windows binary executables
Journal of Systems and Software
Intelligent file scoring system for malware detection from the gray list
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
A survey of data mining techniques for malware detection using file features
Proceedings of the 46th Annual Southeast Regional Conference on XX
Dynamic Malicious Code Detection Based on Binary Translator
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
A heuristic approach for detection of obfuscated malware
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Data mining methods for malware detection using instruction sequences
AIA '08 Proceedings of the 26th IASTED International Conference on Artificial Intelligence and Applications
binOb+: a framework for potent and stealthy binary obfuscation
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Malware detection based on mining API calls
Proceedings of the 2010 ACM Symposium on Applied Computing
Malware obfuscation detection via maximal patterns
IITA'09 Proceedings of the 3rd international conference on Intelligent information technology application
CIMDS: adapting postprocessing techniques of associative classification for malware detection
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Journal of Intelligent Information Systems
Malware detection using assembly code and control flow graph optimization
Proceedings of the 1st Amrita ACM-W Celebration on Women in Computing in India
AccessMiner: using system-centric models for malware protection
Proceedings of the 17th ACM conference on Computer and communications security
Malware detection using assembly and API call sequences
Journal in Computer Virology
Combining file content and file relations for cloud based malware detection
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
Comparing files using structural entropy
Journal in Computer Virology
The feature selection and intrusion detection problems
ASIAN'04 Proceedings of the 9th Asian Computing Science conference on Advances in Computer Science: dedicated to Jean-Louis Lassez on the Occasion of His 5th Cycle Birthday
A quantitative study of accuracy in system call-based malware detection
Proceedings of the 2012 International Symposium on Software Testing and Analysis
A comparative study of malware family classification
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Opcode sequences as representation of executables for data-mining-based unknown malware detection
Information Sciences: an International Journal
Review: Classification of malware based on integrated static and dynamic features
Journal of Network and Computer Applications
Automated Anomaly Detector Adaptation using Adaptive Threshold Tuning
ACM Transactions on Information and System Security (TISSEC)
HDM-Analyser: a hybrid analysis approach based on data mining techniques for malware detection
Journal in Computer Virology
Using file relationships in malware classification
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Zero-day malware detection based on supervised learning algorithms of API call signatures
AusDM '11 Proceedings of the Ninth Australasian Data Mining Conference - Volume 121
Detecting malicious behaviour using supervised learning algorithms of the function calls
International Journal of Electronic Security and Digital Forensics
Malware analysis method using visualization of binary files
Proceedings of the 2013 Research in Adaptive and Convergent Systems
| Hi-index | 0.00 |
Software security assurance and malware (trojans, worms, and viruses, etc.) detection are important topics of information security. Software obfuscation, a general technique that is useful for protecting software from reverse engineering, can also be used by hackers to circumvent the malware detection tools. Current static malware detection techniques have serious limitations, and sandbox testing also fails to provide a complete solution due to time constraints. In this paper, we present a robust signature-based malware detection technique, with emphasis on detecting obfuscated (or polymorphic) malware and mutated (or metamorphic) malware. The hypothesis is that all versions of the same malware share a common core signature that is a combination of several features of the code. After a particular malware has been first identified, it can be analyzed to extract the signature, which provides a basis for detecting variants and mutants of the same malware in the future. Encouraging experimental results on a large set of recent malware are presented.