Idea: Opcode-sequence-based malware detection

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5965 LNCS, Issue , 2010, Pages 35-43

  Santos, Igor ^a   Brezo, Felix ^a   Nieves, Javier ^a   Penya, Yoseba K ^a   Sanz, Borja ^a   Laorden, Carlos ^a   Bringas, Pablo G ^a  

^a UNIVERSITY OF DEUSTO   (Spain)

Author keywords

Computer security; Machine learning; Malware detection

Indexed keywords

ANTI VIRUS; ANTIVIRUS SOFTWARES; COMPUTER SECURITY; FREQUENCY OF APPEARANCE; MACHINE-LEARNING; MALICIOUS CODES; MALWARE DETECTION; MALWARES; OP-CODE SEQUENCE; OR-NETWORKS; SECURITY THREATS;

COMPUTATIONAL METHODS; COMPUTER SOFTWARE; DAMAGE DETECTION; LEARNING SYSTEMS; MINING; SECURITY OF DATA; SECURITY SYSTEMS; VIRUSES;

COMPUTER VIRUSES;

EID: 77949503891     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-11747-3_3     Document Type: Conference Paper

References (19)

1. Karsperky-Labs: Kaspersky Security Bulletin: Statistics 2008 (2009)
2. Christodorescu, M., Jha, S.: Static analysis of executables to detect malicious patterns. In: Proceedings of the 12th USENIX Security Symposium, February 2003, pp. 169-186 (2003)
3. Morley, P.: Processing virus collections. In: Proceedings of the 2001 Virus Bulletin Conference (VB 2001), Virus Bulletin, pp. 129-134 (2001)
4. Bilar, D.: Opcodes as predictor for malware. International Journal of Electronic Security and Digital Forensics 1(2), 156-168 (2007)
5. VX heavens (2009), http://vx.netlux.org/ (Last accessed: September 29, 2009)
6. NewBasic - An x86 Assembler/Disassembler for DOS, http://www.frontiernet. net/~fys/newbasic.htm (Last accessed: September 29, 2009)
7. Peng, H., Long, F., Ding, C.: Feature selection based on mutual information: criteria of max-dependency, max-relevance, and min-redundancy. IEEE Transactions on Pattern Analysis and Machine Intelligence, 1226-1238 (2005)
8. McGill, M., Salton, G.: Introduction to modern information retrieval. McGraw-Hill, New York (1983)
9. Tata, S., Patel, J.: Estimating the Selectivity of tf-idf based Cosine Similarity Predicates. SIGMOD Record 36(2), 75-80 (2007)
10. Carrera, E., Erdélyi, G.: Digital genome mapping-advanced binary malware analysis. In: Virus Bulletin Conference, pp. 187-197 (2004)
11. Ashcraft, K., Engler, D.: Using programmer-written compiler extensions to catch security holes. In: Proceedings of the 23rd IEEE Symposium on Security and Privacy, pp. 143-159 (2002)
12. nd IEEE Symposium on Security and Privacy, pp. 38-49 (2001)
13. Kolter, J.Z., Maloof, M.A.: Learning to detect malicious executables in the wild. In: Proceedings of the 10th ACM SIGKDD international conference on Knowledge discovery and data mining (KDD), pp. 470-478. ACM, New York (2004)
14. Santos, I., Penya, Y., Devesa, J., Bringas, P.: N-Grams-based file signatures for malware detection. In: Proceedings of the 11th International Conference on Enterprise Information Systems (ICEIS), Volume AIDSS, pp. 317-320 (2009)
15. Christodorescu, M., Jha, S., Seshia, S., Song, D., Bryant, R.: Semantics-aware malware detection. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 32-46 (2005)
16. Cavallaro, L., Saxena, P., Sekar, R.: On the limits of information flow techniques for malware analysis and containment. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 143-163. Springer, Heidelberg (2008)
17. Bayer, U., Moser, A., Kruegel, C., Kirda, E.: Dynamic analysis of malicious code. Journal in Computer Virology 2(1), 67-77 (2006)
18. King, S., Chen, P.: SubVirt: Implementing malware with virtual machines. In: 2006 IEEE Symposium on Security and Privacy, pp. 314-327 (2006)
19. Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox. IEEE Security & Privacy 5(2), 32-39 (2007)