Malware concealment is the predominant strategy for malware propagation. Black hats create variants of malware based on polymorphism and metamorphism. Malware variants, by definition, share some information. Although the concealment strategy alters this information, there are still patterns on the software. Given a zoo of labelled malware and benign-ware, we ask whether a suspect program is more similar to our malware or to our benign-ware. Normalized Compression Distance (NCD) is a generic metric that measures the shared information content of two strings. This measure opens a new front in the malware arms race, one where the countermeasures promise to be more costly for malware writers, who must now obfuscate patterns as strings qua strin...
Numerous open-source and commercial malware detectors are available. However, their efficacy is thre...
Abstract. This paper extends a series of experiments performed by Schonlau et al. [1], Maxion [2] an...
The quality of anti-virus software relies on simple patterns extracted from binary files. Although ...
Malware concealment is the predominant strategy for malware propagation. Black hats create variants ...
This paper extends a series of experiments performed by Schonlau et al. [1] on the detection of comp...
Malware creators have been getting their way for too long now. String-based similarity measures can ...
Malware creators have been getting their way for too long now. String-based similarity measures can ...
Malware has been posing a major threat for computer systems. The huge amount and diversity of its va...
Malware is code designed for a malicious purpose, such as obtaining root privilege on a host. A mal...
Recent work has presented a technique based on structural entropy measurement as an effective way to...
Static detection of malware variants plays an important role in system security and control flow has...
AbstractThe metamorphic malware variants with the same malicious behavior (family), can obfuscate th...
Malware is a serious threat in a world where IoT devices are becoming more and more pervasive; indee...
Static detection of polymorphic malware variants plays an important role to improve system security....
Recent work has presented a technique based on structural entropy measurement as an effective way to...
Numerous open-source and commercial malware detectors are available. However, their efficacy is thre...
Abstract. This paper extends a series of experiments performed by Schonlau et al. [1], Maxion [2] an...
The quality of anti-virus software relies on simple patterns extracted from binary files. Although ...
Malware concealment is the predominant strategy for malware propagation. Black hats create variants ...
This paper extends a series of experiments performed by Schonlau et al. [1] on the detection of comp...
Malware creators have been getting their way for too long now. String-based similarity measures can ...
Malware creators have been getting their way for too long now. String-based similarity measures can ...
Malware has been posing a major threat for computer systems. The huge amount and diversity of its va...
Malware is code designed for a malicious purpose, such as obtaining root privilege on a host. A mal...
Recent work has presented a technique based on structural entropy measurement as an effective way to...
Static detection of malware variants plays an important role in system security and control flow has...
AbstractThe metamorphic malware variants with the same malicious behavior (family), can obfuscate th...
Malware is a serious threat in a world where IoT devices are becoming more and more pervasive; indee...
Static detection of polymorphic malware variants plays an important role to improve system security....
Recent work has presented a technique based on structural entropy measurement as an effective way to...
Numerous open-source and commercial malware detectors are available. However, their efficacy is thre...
Abstract. This paper extends a series of experiments performed by Schonlau et al. [1], Maxion [2] an...
The quality of anti-virus software relies on simple patterns extracted from binary files. Although ...