Systems and methods for library function identification in automatic malware signature generation
作者: Tzi-cker Chiueh , Kent Griffin , Scott Schneider , Xin Hu
DOI:
关键词: Byte 、 Identification (information) 、 Library function 、 Computer security 、 Computer science 、 Signature (logic) 、 Malware
摘要: A computer-implemented method for facilitating automatic malware signature generation may comprise disassembling a program, identifying one or more byte sequences within the disassembled program that have likelihood of being representative library functions contained and preventing from included signatures. Corresponding systems computer-readable storage media are also disclosed.
lens.org 参考文章(20)
Prem Gopalan, Panayiotis Mavrommatis, Kyle Jamieson, Worm propagation mitigation 8,578,479. (2006). ,(2006)
Yuval Elovici, Asaf Shabtai, Gil Tahan, Automatic extraction of signatures for malware ,(2008)
Robert J Kushlis, Inter-procedure global register allocation method ,(2002)
Jesse Rabek, Robert Cunningham, Scott Lewandowski, Roger Khazan, Technique for detecting executable malicious code using a combination of static and dynamic analyses ,(2003)
Jason Geffner, Chengyun Chu, Tony Lee, Ning Sun, Jigar Mody, Patrick Winkler, Frank Swiderski, Hong Jia, Automated malware signature generation ,(2006)
L. Martignoni, D. Bruschi, M. Monga, Using code normalization for fighting self-mutating malware ISSSE International Symposium on Secure Software Engineering. pp. 37- 44 ,(2006)
Dmitry Bodrov, System and method of verifying the authenticity of dynamically connectable executable images ,(2004)
Peter Szor, Heuristic detection of malicious computer code by page tracking ,(2002)
Nan Li, Chunhe Xia, Yi Yang, Haiquan Wang, An Algorithm for Generation of Attack Signatures Based on Sequences Alignment computer science and software engineering. ,vol. 3, pp. 964- 969 ,(2008) , 10.1109/CSSE.2008.555