Function length as a tool for malware classification

3rd International Conference on Malicious and Unwanted Software, MALWARE 2008

Volumn , Issue , 2008, Pages 69-76

  Tian, R ^a   Batten, L M ^a   Versteeg, S C ^b  

^a DEAKIN UNIVERSITY   (Australia)

^b CA Labs   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

FUNCTIONS; PROBABILITY DENSITY FUNCTION; SECURITY OF DATA;

MALWARE; MALWARE CLASSIFICATIONS; SCALABLE METHODS; SPEED-UP; TROJANS;

COMPUTER CRIME;

EID: 58149093760     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MALWARE.2008.4690860     Document Type: Conference Paper

References (17)

1. E. Carrera. 4×5: Reverse engineering automation with python, 2007. https://www.blackhat.corn/presentations/bh-usa-07/Carrera/Presentation/ bh-usa-07-carrera.pdf. slides 26-32, Accessed June 12, 2008.
2. M. Christodorescu and S. Jha. Static analysis of executables to detect malicious patterns. In 12th USENIX Security Symposium, pages 169-186,2003.
3. M. Christodorescu, S. Jha, and C. Kruegel. Mining specifications of malicious behavior. In Foundations of Software Engineering, pages 1-10, 2007.
4. M. Qheorghescu. An automated virus classification system. In Virus Bulletin Conference October 2005, pages 294-300, 2005.
5. A. Kapoor and J. Spurlock. Binary feature extraction and comparison. In Presentation at AVAR 2006, Auckland, December 3-5, 2006.
6. R. Kohavi. A study of cross-validation and bootstrap for accuracy estimation and model selection. In IJCAI, pages 1137-1145, 1995.
7. Boris Lau. Dealing with virtualization packers, 2008. 2nd CARO Workshop.
8. J. Newsome, B. Karp, and D. Song. Polygraph: Automatically generating signatures for polymorphic worms. In IEEE Symposium on Security & Privacy. IEEE Computer Society, pages 226-241,2005.
9. S. Peisert, M. Bishop, S. Karin, and K. Marzullo. Analysis of computer intrusions using sequences of function calls. In IEEE Transactions on dependable and secure computing, volume 4, pages 3-15, 2007.
10. S. Sathyanarayan, P. Kohli, and B. Bruhadeshwar. Signature generation and detection of malware families. In ACISP 2008. Springer LNCS, 2008.
11. A. Sotirov. Reverse engineering Microsoft binaries. In Recon 2006,2006.
12. Chris Spatz. Basic statistics : tales of distributions. Belmont, CA: Thomson/Wadsworth, 2005.
13. Li Sun, Tim Ebringer, and Serdar Boztaş. Hump and dump: Efficient generic unpacking using an ordered address execution histogram. In 2nd CARO Workshop, 2008.
14. http://www.datasecurity-event.com/uploads/hump-dump.pdf.
15. M. Venable, A. Walenstein, M. Hayes, C. Thompson, and A. Lakhotia. Vilo: a shield in the malware variation battle. In Virus Bulletin, pages 5-9, 2007.
16. N. A. Weiss. Introductory statistics, 6'th edition. Addison-Wesley, USA, 2002.
17. J. Xu, A.H. Sung, S. Mukkamata, and Q. Liu. Obfuscated malicious executable scanner. Research and Practice in Information Technology, 39:181-197, 2007.