A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
QEMU, a fast and portable dynamic translator
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Detours: binary interception of Win32 functions
WINSYM'99 Proceedings of the 3rd conference on USENIX Windows NT Symposium - Volume 3
Intrusion detection using sequences of system calls
Journal of Computer Security
The nepenthes platform: an efficient approach to collect malware
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Proceedings of the 2008 ACM symposium on Applied computing
Detecting energy-greedy anomalies and mobile malware variants
Proceedings of the 6th international conference on Mobile systems, applications, and services
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Ghost turns zombie: exploring the life cycle of web-based malware
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Measurement and Analysis of Autonomous Spreading Malware in a University Environment
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
A Study of Malcode-Bearing Documents
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Learning and Classification of Malware Behavior
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Ether: malware analysis via hardware virtualization extensions
Proceedings of the 15th ACM conference on Computer and communications security
Studying spamming botnets using Botlab
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
How Good Are Malware Detectors at Remediating Infected Systems?
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Towards Proactive Spam Filtering (Extended Abstract)
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
A Framework for Behavior-Based Malware Analysis in the Cloud
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Service unaware handover using API hooking in all-IP networks
ICOIN'09 Proceedings of the 23rd international conference on Information Networking
Detecting metamorphic malwares using code graphs
Proceedings of the 2010 ACM Symposium on Applied Computing
Cooperation enablement for centralistic early warning systems
Proceedings of the 2010 ACM Symposium on Applied Computing
Learning more about the underground economy: a case-study of keyloggers and dropzones
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Extending applications using an advanced approach to DLL injection and API hooking
Software—Practice & Experience
SecureMyDroid: enforcing security in the mobile devices lifecycle
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
peHash: a novel approach to fast malware clustering
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Effective and efficient malware detection at the end host
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
A fistful of red-pills: how to automatically generate procedures to detect CPU emulators
WOOT'09 Proceedings of the 3rd USENIX conference on Offensive technologies
Towards early warning systems: challenges, technologies and architecture
CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
dAnubis: dynamic device driver analysis based on virtual machine introspection
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
Automatic discovery of parasitic malware
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
On challenges in evaluating malware clustering
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Attribution of malicious behavior
ICISS'10 Proceedings of the 6th international conference on Information systems security
Deriving common malware behavior through graph clustering
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Combining static and dynamic analysis for the detection of malicious documents
Proceedings of the Fourth European Workshop on System Security
Attack surface reduction for commodity OS kernels: trimmed garden plants may attract less bugs
Proceedings of the Fourth European Workshop on System Security
Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security
Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security
Sandnet: network traffic analysis of malicious software
Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security
Efficient, sensitivity resistant binary instrumentation
Proceedings of the 2011 International Symposium on Software Testing and Analysis
JACKSTRAWS: picking command and control connections from bot traffic
SEC'11 Proceedings of the 20th USENIX conference on Security
DepSim: a dependency-based malware similarity comparison system
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Evaluation of a spyware detection system using thin client computing
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Proceedings of the 4th ACM workshop on Security and artificial intelligence
TRUMANBOX: improving dynamic malware analysis by emulating the internet
SSS'11 Proceedings of the 13th international conference on Stabilization, safety, and security of distributed systems
GQ: practical containment for measuring modern malware systems
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Run-time malware detection based on positive selection
Journal in Computer Virology
Malware classification based on call graph clustering
Journal in Computer Virology
Nitro: hardware-based system call tracing for virtual machines
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
Detecting malware's failover C&C strategies with squeeze
Proceedings of the 27th Annual Computer Security Applications Conference
deRop: removing return-oriented programming from malware
Proceedings of the 27th Annual Computer Security Applications Conference
Static detection of malicious JavaScript-bearing PDF documents
Proceedings of the 27th Annual Computer Security Applications Conference
A survey on automated dynamic malware-analysis techniques and tools
ACM Computing Surveys (CSUR)
Idea: opcode-sequence-based malware detection
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
IceShield: detection and mitigation of malicious websites with a frozen DOM
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Detecting environment-sensitive malware
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Challenges for dynamic analysis of iOS applications
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
LISA'11 Proceedings of the 25th international conference on Large Installation System Administration
Malware characteristics and threats on the internet ecosystem
Journal of Systems and Software
Capture - A behavioral analysis tool for applications and documents
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Shadow attacks: automatically evading system-call-behavior based malware detection
Journal in Computer Virology
Holography: a behavior-based profiler for malware analysis
Software—Practice & Experience
Pinpointing malicious activities through network and system-level malware execution behavior
ICCSA'12 Proceedings of the 12th international conference on Computational Science and Its Applications - Volume Part IV
A pattern recognition system for malicious PDF files detection
MLDM'12 Proceedings of the 8th international conference on Machine Learning and Data Mining in Pattern Recognition
DIONE: a flexible disk monitoring and analysis framework
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
BotFinder: finding bots in network traffic without deep packet inspection
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Down to the bare metal: using processor features for binary analysis
Proceedings of the 28th Annual Computer Security Applications Conference
Kernel mode API spectroscopy for incident response and digital forensics
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
AppsPlayground: automatic security analysis of smartphone applications
Proceedings of the third ACM conference on Data and application security and privacy
Information Sciences: an International Journal
Mobile-sandbox: having a deeper look into android applications
Proceedings of the 28th Annual ACM Symposium on Applied Computing
An empirical analysis of malicious internet banking software behavior
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Tracking memory writes for malware classification and code reuse identification
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Binary-code obfuscations in prevalent packer tools
ACM Computing Surveys (CSUR)
Extraction of statistically significant malware behaviors
Proceedings of the 29th Annual Computer Security Applications Conference
Evolutionary Malware: Mobile Malware, Botnets, and Malware Toolkits
International Journal of Wireless Networks and Broadband Technologies
A malicious behavior analysis based Cyber-I birth
Journal of Intelligent Manufacturing
| Hi-index | 0.00 |
The authors describe the design and implementation of CWSandbox, a malware analysis tool that fulfills their three design criteria of automation, effectiveness, and correctness for the Win32 family of operating systems.