메뉴 건너뛰기
Pattern Recognition Letters
Volumn 29, Issue 14, 2008, Pages 1941-1946
Classification of packed executables for accurate computer virus detection
Author keywords

Computer security; Computer virus detection; Packed executables; Pattern recognition
Indexed keywords

CODES (STANDARDS); CODES (SYMBOLS); COMPUTER CRIME; COMPUTER SOFTWARE; FEATURE EXTRACTION; PATTERN RECOGNITION; VIRUSES;
EID: 50149118846     PISSN: 01678655     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.patrec.2008.06.016     Document Type: Article
Times cited : (119)
References (16)
  • 1
    • 50149090093 scopus 로고    scopus 로고
    • Andersen, S., 2004. Changes to Functionality in Microsoft Windows XP Service Pack 2, Part 3: Memory Protection Technologies. .
    • Andersen, S., 2004. Changes to Functionality in Microsoft Windows XP Service Pack 2, Part 3: Memory Protection Technologies. .
  • 2
    • 50149100601 scopus 로고    scopus 로고
    • CA. Win32.sdbot Family (2005). .
    • CA. Win32.sdbot Family (2005). .
  • 3
    • 50149086044 scopus 로고    scopus 로고
    • CA. Win32.agobot Family (2006). .
    • CA. Win32.agobot Family (2006). .
  • 4
    • 0023294949 scopus 로고
    • Computer viruses: theory and experiments
    • Cohen F. Computer viruses: theory and experiments. Comput. Security 6 1 (1987) 22-35
    • (1987) Comput. Security , vol.6 , Issue.1 , pp. 22-35
    • Cohen, F.1
  • 5
    • 50149096066 scopus 로고    scopus 로고
    • Cortes, C., Mohri, M., 2004. Confidence intervals for the area under the roc curve. In: NIPS 2004: Advances in Neural Information Processing Systems.
    • Cortes, C., Mohri, M., 2004. Confidence intervals for the area under the roc curve. In: NIPS 2004: Advances in Neural Information Processing Systems.
  • 6
    • 70349448915 scopus 로고    scopus 로고
    • Kang, M.G., Poosankam, P., Yin, H., 2007. Renovo: A hidden code extractor for packed executables. In: WORM'07: Proceedings of the 5th ACM Workshop on Recurring Malcode.
    • Kang, M.G., Poosankam, P., Yin, H., 2007. Renovo: A hidden code extractor for packed executables. In: WORM'07: Proceedings of the 5th ACM Workshop on Recurring Malcode.
  • 7
    • 33845768389 scopus 로고    scopus 로고
    • Learning to detect and classify malicious executables in the wild
    • Kolter J.Z., and Maloof M.A. Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7 (2006) 2721-2744
    • (2006) J. Mach. Learn. Res. , vol.7 , pp. 2721-2744
    • Kolter, J.Z.1    Maloof, M.A.2
  • 8
    • 34047129159 scopus 로고    scopus 로고
    • Using entropy analysis to find encrypted and packed malware
    • Lyda R., and Hamrock J. Using entropy analysis to find encrypted and packed malware. IEEE Security Privacy 5 2 (2007) 40-45
    • (2007) IEEE Security Privacy , vol.5 , Issue.2 , pp. 40-45
    • Lyda, R.1    Hamrock, J.2
  • 9
    • 48649084773 scopus 로고    scopus 로고
    • Martignoni, L., Christodorescu, M., Jha, S., 2007. Omniunpack: fast, generic, and safe unpacking of malware. In: ACSAC'07: Proceedings of the 23rd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference.
    • Martignoni, L., Christodorescu, M., Jha, S., 2007. Omniunpack: fast, generic, and safe unpacking of malware. In: ACSAC'07: Proceedings of the 23rd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference.
  • 10
    • 50149122300 scopus 로고    scopus 로고
    • Morgenstern, M., Brosch, T., 2006. Runtime Packers: The Hidden Problem? Presented at Black Hat USA 2006.
    • Morgenstern, M., Brosch, T., 2006. Runtime Packers: The Hidden Problem? Presented at Black Hat USA 2006.
  • 11
    • 60349101742 scopus 로고    scopus 로고
    • Perdisci, R., Gu, G., Lee, W., 2006. Using an ensemble of one-class SVM classifiers to harden payload-based anomaly detection systems. In: ICDM'06: Proceedings of the Sixth International Conference on Data Mining.
    • Perdisci, R., Gu, G., Lee, W., 2006. Using an ensemble of one-class SVM classifiers to harden payload-based anomaly detection systems. In: ICDM'06: Proceedings of the Sixth International Conference on Data Mining.
  • 12
    • 50149090998 scopus 로고    scopus 로고
    • Pietrek, M., 2002a. An In-depth Look into the Win32 Portable Executable File Format. .
    • Pietrek, M., 2002a. An In-depth Look into the Win32 Portable Executable File Format. .
  • 13
    • 50149108044 scopus 로고    scopus 로고
    • Pietrek, M., 2002b. An In-depth Look into the Win32 Portable Executable File Format, part 2. .
    • Pietrek, M., 2002b. An In-depth Look into the Win32 Portable Executable File Format, part 2. .
  • 14
    • 34748820878 scopus 로고    scopus 로고
    • Royal, P., Halpin, M., Dagon, D., Edmonds, R., Lee, W., 2006. Polyunpack: automating the hidden-code extraction of unpack-executing malware. In: ACSAC'06: Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference.
    • Royal, P., Halpin, M., Dagon, D., Edmonds, R., Lee, W., 2006. Polyunpack: automating the hidden-code extraction of unpack-executing malware. In: ACSAC'06: Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference.
  • 15
    • 50149111664 scopus 로고    scopus 로고
    • Stepan, A., 2006 Improving Proactive Detection of Packed Malware. .
    • Stepan, A., 2006 Improving Proactive Detection of Packed Malware. .
  • 16
    • 33845735523 scopus 로고    scopus 로고
    • On inferring application protocol behaviors in encrypted network traffic
    • Wright C.V., Monrose F., and Masson G.M. On inferring application protocol behaviors in encrypted network traffic. J. Mach. Learn. Res. 7 (2006) 2745-2769
    • (2006) J. Mach. Learn. Res. , vol.7 , pp. 2745-2769
    • Wright, C.V.1    Monrose, F.2    Masson, G.M.3

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.