Add to ORKGInternet worms pose a serious threat to computer security. Traditional approaches using signatures to detect worms pose little danger to the zero day attacks. The focus of malware research is shifting from using signature patterns to identifying the malicious behavior displayed by the malwares. This paper presents a novel idea of extracting variable length instruction sequences that can identify worms from clean programs using data mining techniques. The analysis is facilitated by the program control flow information contained in the instruction sequences. Based upon general statistics gathered from these instruction sequences we formulated the problem as a binary classification problem and built tree based classifiers including decision tr...
In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequenc...
In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequenc...
<p>Network intrusion detection systems typically detect worms by examining packet or flow logs...
Internet worms pose a serious threat to computer security. Traditional approaches using signatures t...
A trojan horse is a program that surreptitiously performs its operation under the guise of a legitim...
A trojan horse is a program that surreptitiously performs its operation under the guise of a legitim...
A trojan horse is a program that surreptitiously performs its operation under the guise of a legitim...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Machine learning techniques are widely used in many fields. One of the applications of machine learn...
Scareware is a recent type of malicious software that may pose financial and privacy-related threa...
In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequenc...
In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequenc...
<p>Network intrusion detection systems typically detect worms by examining packet or flow logs...
Internet worms pose a serious threat to computer security. Traditional approaches using signatures t...
A trojan horse is a program that surreptitiously performs its operation under the guise of a legitim...
A trojan horse is a program that surreptitiously performs its operation under the guise of a legitim...
A trojan horse is a program that surreptitiously performs its operation under the guise of a legitim...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Malicious programs pose a serious threat to computer security. Traditional approaches using signatur...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Machine learning techniques are widely used in many fields. One of the applications of machine learn...
Scareware is a recent type of malicious software that may pose financial and privacy-related threa...
In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequenc...
In this paper, we present a novel approach to detect unknown virus using dynamic instruction sequenc...
<p>Network intrusion detection systems typically detect worms by examining packet or flow logs...