On authenticated computing and RSA-based authentication
Proceedings of the 12th ACM conference on Computer and communications security
On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits
Proceedings of the 12th ACM conference on Computer and communications security
A retrovirus inspired algorithm for virus detection & optimization
Proceedings of the 8th annual conference on Genetic and evolutionary computation
Cyberattacks: a lab-based introduction to computer security
Proceedings of the 7th conference on Information technology education
Temporal search: detecting hidden malware timebombs with virtual machines
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
Finding diversity in remote code injection exploits
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Cryptographic hashing for virus localization
Proceedings of the 4th ACM workshop on Recurring malcode
Using engine signature to detect metamorphic malware
Proceedings of the 4th ACM workshop on Recurring malcode
A semantics-based approach to malware detection
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An efficient signature representation and matching method for mobile devices
WICON '06 Proceedings of the 2nd annual international workshop on Wireless internet
Code Normalization for Self-Mutating Malware
IEEE Security and Privacy
Cent, five cent, ten cent, dollar: hitting botnets where it really hurts
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Probabilistic suffix models for API sequence analysis of Windows XP applications
Pattern Recognition
Proceedings of the second ACM workshop on Challenged networks
Statistical signatures for fast filtering of instruction-substituting metamorphic malware
Proceedings of the 2007 ACM workshop on Recurring malcode
Parallelizing security checks on commodity hardware
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
The Best Damn Cybercrime and Digital Forensics Book Period
The Best Damn Cybercrime and Digital Forensics Book Period
Hash-AV: fast virus signature scanning by cache-resident filters
International Journal of Security and Networks
Opcodes as predictor for malware
International Journal of Electronic Security and Digital Forensics
Callgraph properties of executables
AI Communications - Network Analysis in Natural Sciences and Engineering
Proceedings of the 5th conference on Computing frontiers
Prevention of information attacks by run-time detection of self-replication in computer codes
Journal of Computer Security
Efficient signature based malware detection on mobile devices
Mobile Information Systems
A semantics-based approach to malware detection
ACM Transactions on Programming Languages and Systems (TOPLAS)
Regards about optimization of antivirus software
TELE-INFO'08 Proceedings of the 7th WSEAS International Conference on Telecommunications and Informatics
Simplified core war for introducing low-level concepts
Journal of Computing Sciences in Colleges
Dynamic Binary Instrumentation-Based Framework for Malware Defense
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Learning and Classification of Malware Behavior
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
On the Limits of Information Flow Techniques for Malware Analysis and Containment
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
FluXOR: Detecting and Monitoring Fast-Flux Service Networks
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Towards Automatically Generating Double-Free Vulnerability Signatures Using Petri Nets
ISC '08 Proceedings of the 11th international conference on Information Security
Computer Virus Evolution Model Inspired by Biological DNA
ICIC '08 Proceedings of the 4th international conference on Intelligent Computing: Advanced Intelligent Computing Theories and Applications - with Aspects of Artificial Intelligence
Ether: malware analysis via hardware virtualization extensions
Proceedings of the 15th ACM conference on Computer and communications security
Eureka: A Framework for Enabling Static Malware Analysis
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Antivirus software optimization
WSEAS Transactions on Information Science and Applications
Epidemic Spreading of Computer Worms in Fixed Wireless Networks
Bio-Inspired Computing and Communication
Intelligent virus detection on mobile devices
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
An architecture of unknown attack detection system against zero-day worm
ACS'08 Proceedings of the 8th conference on Applied computer scince
Encounter-based worms: Analysis and defense
Ad Hoc Networks
Making sense of anti-malware comparative testing
Information Security Tech. Report
Feature set selection in data mining techniques for unknown virus detection: a comparison study
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Counteracting Phishing Page Polymorphism: An Image Layout Analysis Approach
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
How Good Are Malware Detectors at Remediating Infected Systems?
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Threat of renovated .NET viruses to mobile devices
Proceedings of the 46th Annual Southeast Regional Conference on XX
Proceedings of the 2008 workshop on New security paradigms
Exploiting an antivirus interface
Computer Standards & Interfaces
Secure in-VM monitoring using hardware virtualization
Proceedings of the 16th ACM conference on Computer and communications security
A formal model for virtual machine introspection
Proceedings of the 1st ACM workshop on Virtual machine security
Future Generation Computer Systems
A case study of unknown attack detection against zero-day worm in the honeynet environment
ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 3
An empirical study of malware evolution
COMSNETS'09 Proceedings of the First international conference on COMmunication Systems And NETworks
A heuristic approach for detection of obfuscated malware
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Data mining methods for malware detection using instruction sequences
AIA '08 Proceedings of the 26th IASTED International Conference on Artificial Intelligence and Applications
An improved clustering validity index for determining the number of malware clusters
ASID'09 Proceedings of the 3rd international conference on Anti-Counterfeiting, security, and identification in communication
Information security underlying transparent computing: Impacts, visions and challenges
Web Intelligence and Agent Systems
Assessment of advanced cryptographic antiviral techniques
International Journal of Electronic Security and Digital Forensics
A model for self-modifying code
IH'06 Proceedings of the 8th international conference on Information hiding
An approach for classifying internet worms based on temporal behaviors and packet flows
ICIC'07 Proceedings of the intelligent computing 3rd international conference on Advanced intelligent computing theories and applications
Using verification technology to specify and detect malware
EUROCAST'07 Proceedings of the 11th international conference on Computer aided systems theory
Botnets for scalable management
DSOM'07 Proceedings of the Distributed systems: operations and management 18th IFIP/IEEE international conference on Managing virtualization of networks and services
A multi-agent mechanism in machine learning approach to anti-virus system
KES-AMSTA'08 Proceedings of the 2nd KES International conference on Agent and multi-agent systems: technologies and applications
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
An empirical study of real-world polymorphic code injection attacks
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Effective and efficient malware detection at the end host
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
AccessMiner: using system-centric models for malware protection
Proceedings of the 17th ACM conference on Computer and communications security
Mimimorphism: a new approach to binary code obfuscation
Proceedings of the 17th ACM conference on Computer and communications security
Modelling metamorphism by abstract interpretation
SAS'10 Proceedings of the 17th international conference on Static analysis
Symptoms-based detection of bot processes
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Social network-based botnet command-and-control: emerging threats and countermeasures
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Ethical proactive threat research
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Proceedings of the 2010 workshop on New security paradigms
Comprehensive shellcode detection using runtime heuristics
Proceedings of the 26th Annual Computer Security Applications Conference
ACRI'10 Proceedings of the 9th international conference on Cellular automata for research and industry
Misleading malware similarities analysis by automatic data structure obfuscation
ISC'10 Proceedings of the 13th international conference on Information security
Application-level reconnaissance: timing channel attacks against antivirus software
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
Metamorphic virus variants classification using opcode frequency histogram
ICCOMP'10 Proceedings of the 14th WSEAS international conference on Computers: part of the 14th WSEAS CSCC multiconference - Volume I
Inoculation against malware infection using kernel-level software sensors
Proceedings of the 8th ACM international conference on Autonomic computing
A method for detecting machine-generated malware
Proceedings of the 49th Annual Southeast Regional Conference
JACKSTRAWS: picking command and control connections from bot traffic
SEC'11 Proceedings of the 20th USENIX conference on Security
Collective classification for packed executable identification
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Malware classification based on call graph clustering
Journal in Computer Virology
A survey on automated dynamic malware-analysis techniques and tools
ACM Computing Surveys (CSUR)
Replacement attacks against VM-protected applications
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Toward an abstract computer virology
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Host-Based security sensor integrity in multiprocessing environments
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
New malicious code detection using variable length n-grams
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Statistical detection of malicious PE-Executables for fast offline analysis
CMS'10 Proceedings of the 11th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Simulation-Based graph similarity
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Packed, printable, and polymorphic return-oriented programming
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
LISA'11 Proceedings of the 25th international conference on Large Installation System Administration
Android permissions: a perspective combining risks and benefits
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Shadow attacks: automatically evading system-call-behavior based malware detection
Journal in Computer Virology
Babel: a secure computer is a polyglot
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
SABOT: specification-based payload generation for programmable logic controllers
Proceedings of the 2012 ACM conference on Computer and communications security
Cooperative component testing architecture in collaborating network environment
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Security add-ons for mobile platforms
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Information Sciences: an International Journal
Opcode sequences as representation of executables for data-mining-based unknown malware detection
Information Sciences: an International Journal
Chi-squared distance and metamorphic virus detection
Journal in Computer Virology
A similarity metric method of obfuscated malware using function-call graph
Journal in Computer Virology
Applying POMDP to moving target optimization
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
HDM-Analyser: a hybrid analysis approach based on data mining techniques for malware detection
Journal in Computer Virology
Understanding and overcoming cyber security anti-patterns
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detecting machine-morphed malware variants via engine attribution
Journal in Computer Virology
Proceedings of the 6th International Conference on Security of Information and Networks
Binary program statistical features hiding through huffman obfuscated coding
ICIC'13 Proceedings of the 9th international conference on Intelligent Computing Theories
Analyzing program dependencies for malware detection
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
The impact of the antivirus on the digital evidence
International Journal of Electronic Security and Digital Forensics
Hi-index | 0.00 |
"Of all the computer-related books I've read recently, this one influenced my thoughts about security the most. There is very little trustworthy information about computer viruses. Peter Szor is one of the best virus analysts in the world and has the perfect credentials to write this book."-Halvar Flake, Reverse Engineer, SABRE Security GmbHSymantec's chief antivirus researcher has written the definitive guide to contemporary virus threats, defense techniques, and analysis tools. Unlike most books on computer viruses, The Art of Computer Virus Research and Defense is a reference written strictly for white hats: IT and security professionals responsible for protecting their organizations against malware. Peter Szor systematically covers everything you need to know, including virus behavior and classification, protection strategies, antivirus and worm-blocking techniques, and much more.Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks. Along the way, he provides extensive information on code metamorphism and other emerging techniques, so you can anticipate and prepare for future threats.Szor also offers the most thorough and practical primer on virus analysis ever published-addressing everything from creating your own personal laboratory to automating the analysis process. This book's coverage includes Discovering how malicious code attacks on a variety of platforms Classifying malware strategies for infection, in-memory operation, self-protection, payload delivery, exploitation, and more Identifying and responding to code obfuscation threats: encrypted, polymorphic, and metamorphic Mastering empirical methods for analyzing malicious code-and what to do with what you learn Reverse-engineering malicious code with disassemblers, debuggers, emulators, and virtual machines Implementing technical defenses: scanning, code emulation, disinfection, inoculation, integrity checking, sandboxing, honeypots, behavior blocking, and much more Using worm blocking, host-based intrusion prevention, and network-level defense strategies © Copyright Pearson Education. All rights reserved.