Add to ORKGTraditionally, analysis of malicious software is only a semi-automated process, often requiring a skilled human analyst. As new malware appears at an increasingly alarming rate — now over 100 thousand new variants each day — there is a need for automated techniques for identifying suspicious be-havior in programs. In this paper, we propose a method for extracting statistically significant malicious behaviors from a system call dependency graph (obtained by running a bi-nary executable in a sandbox). Our approach is based on a new method for measuring the statistical significance of sub-graphs. Given a training set of graphs from two classes (e.g., goodware and malware system call dependency graphs), our method can assign p-values to subgrap...
Nowadays software development greatly relies upon using third-party source code. A logical consequen...
We propose a novel behavioral malware detection approach based on a generic system-wide quantitative...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Traditionally, analysis of malicious software is only a semi-automated process, often requiring a sk...
International audienceDistinguishing legitimate software from malicious software is a problem that r...
Recently, some graph-based methods have been proposed for malware detection. However, current malwar...
Malware detectors require a specification of malicious behav-ior. Typically, these specifications ar...
The current fight between security experts and malware authors is an arms race. In this race, malwar...
International audienceIn recent years, the damage cost caused by malwares is huge. Thus, malware det...
Over the years malware has increased in number and became increasingly harmful. Traditionally, anti-...
Anti-malware companies receive thousands of malware samples every day. To process this large quantit...
Malware stands for malicious software. It is software that is designed with a harmful intent. A malw...
The manual methods to create detection rules are no longer prac- tical in the anti-malware product s...
We introduce a new representation for monitored behavior of malicious software called Malware Instru...
Each day, anti-virus companies receive large quantities of potentially harmful executables. Many of ...
Nowadays software development greatly relies upon using third-party source code. A logical consequen...
We propose a novel behavioral malware detection approach based on a generic system-wide quantitative...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Traditionally, analysis of malicious software is only a semi-automated process, often requiring a sk...
International audienceDistinguishing legitimate software from malicious software is a problem that r...
Recently, some graph-based methods have been proposed for malware detection. However, current malwar...
Malware detectors require a specification of malicious behav-ior. Typically, these specifications ar...
The current fight between security experts and malware authors is an arms race. In this race, malwar...
International audienceIn recent years, the damage cost caused by malwares is huge. Thus, malware det...
Over the years malware has increased in number and became increasingly harmful. Traditionally, anti-...
Anti-malware companies receive thousands of malware samples every day. To process this large quantit...
Malware stands for malicious software. It is software that is designed with a harmful intent. A malw...
The manual methods to create detection rules are no longer prac- tical in the anti-malware product s...
We introduce a new representation for monitored behavior of malicious software called Malware Instru...
Each day, anti-virus companies receive large quantities of potentially harmful executables. Many of ...
Nowadays software development greatly relies upon using third-party source code. A logical consequen...
We propose a novel behavioral malware detection approach based on a generic system-wide quantitative...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...