The article of record as published may be located at http://dx.doi.org/10.1214/13-AOAS703A novel approach to malware classification is introduced based on analysis of instruction traces that are collected dynamically from the program in question. The method has been implemented online in a sandbox environment (i.e., a security mechanism for separating running programs) at Los Alamos National Laboratory, and is in- tended for eventual host-based use, provided the issue of sampling the instructions executed by a given process without disruption to the user can be satisfactorily addressed. The procedure represents an instruction trace with a Markov chain structure in which the transi- tion matrix, P, has rows modeled as Dirichlet vect...
Recently, malicious software are gaining exponential growth due to the innumerable obfuscations of e...
Scareware is a recent type of malicious software that may pose financial and privacy-related threa...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
A trojan horse is a program that surreptitiously performs its operation under the guise of a legitim...
With the rapid development of Internet, malware has become increasingly serious in the field of comp...
This version is a long version of the paper presented to SECRYPTInternational audienceIn this paper,...
In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequenc...
Traditional way to detect malicious software is based on signature matching. However, signature matc...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Malware are become increasingly aware of their execution environment. In order to avoid detection by...
Researchers employ behavior based malware detection models that depend on API tracking and analyzing...
Traditionally, analysis of malicious software is only a semi-automated process, often requiring a sk...
Cavazos, JohnThe malware threat landscape is constantly evolving, with upwards of one million new va...
Malware became more and more sophisticated and increasingly difficult to detect, thanks to the use o...
Recently, malicious software are gaining exponential growth due to the innumerable obfuscations of e...
Scareware is a recent type of malicious software that may pose financial and privacy-related threa...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
A trojan horse is a program that surreptitiously performs its operation under the guise of a legitim...
With the rapid development of Internet, malware has become increasingly serious in the field of comp...
This version is a long version of the paper presented to SECRYPTInternational audienceIn this paper,...
In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequenc...
Traditional way to detect malicious software is based on signature matching. However, signature matc...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Malware are become increasingly aware of their execution environment. In order to avoid detection by...
Researchers employ behavior based malware detection models that depend on API tracking and analyzing...
Traditionally, analysis of malicious software is only a semi-automated process, often requiring a sk...
Cavazos, JohnThe malware threat landscape is constantly evolving, with upwards of one million new va...
Malware became more and more sophisticated and increasingly difficult to detect, thanks to the use o...
Recently, malicious software are gaining exponential growth due to the innumerable obfuscations of e...
Scareware is a recent type of malicious software that may pose financial and privacy-related threa...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...