FIRMA: Malware Clustering and Network Signature Generation with Mixed Network Behaviors
作者: M. Zubair Rafique , Juan Caballero
DOI: 10.1007/978-3-642-41284-4_8
关键词: Malware 、 Set (abstract data type) 、 Computer security 、 Data mining 、 Signature (logic) 、 Computer science 、 Cluster analysis
摘要: … , generates a clustering of the malware binaries into families and a set of network signatures … tools, FIRMA produces network signatures for each of the network behaviors of a family, re…
core.ac.uk
springer.com
sci-hub.se 
kuleuven.be 参考文章(37)
Christian Rossow, Christian J. Dietrich, ProVeX: detecting botnets with encrypted command and control channels international conference on detection of intrusions and malware and vulnerability assessment. pp. 21- 40 ,(2013) , 10.1007/978-3-642-39235-1_2
Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, Engin Kirda, Automatically generating models for botnet detection european symposium on research in computer security. pp. 232- 249 ,(2009) , 10.1007/978-3-642-04444-1_15
Jiyong Jang, David Brumley, Shobha Venkataraman, BitShred Proceedings of the 18th ACM conference on Computer and communications security - CCS '11. pp. 309- 320 ,(2011) , 10.1145/2046707.2046742
Christian Kreibich, Jon Crowcroft, Honeycomb: creating intrusion detection signatures using honeypots acm special interest group on data communication. ,vol. 34, pp. 51- 56 ,(2004) , 10.1145/972374.972384
Juan Caballero, Heng Yin, Zhenkai Liang, Dawn Song, Polyglot: automatic extraction of protocol message format using dynamic binary analysis computer and communications security. pp. 317- 329 ,(2007) , 10.1145/1315245.1315286
Roberto Perdisci, ManChon U, VAMO Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC '12. pp. 329- 338 ,(2012) , 10.1145/2420950.2420999
Chris Grier, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, Geoffrey M. Voelker, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Manufacturing compromise Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12. pp. 821- 832 ,(2012) , 10.1145/2382196.2382283
Christian Rossow, Christian J. Dietrich, Herbert Bos, Lorenzo Cavallaro, Maarten van Steen, Felix C. Freiling, Norbert Pohlmann, Sandnet: network traffic analysis of malicious software european conference on computer systems. pp. 78- 88 ,(2011) , 10.1145/1978672.1978682
Michael Vrable, Justin Ma, Jay Chen, David Moore, Erik Vandekieft, Alex C. Snoeren, Geoffrey M. Voelker, Stefan Savage, Scalability, fidelity, and containment in the potemkin virtual honeyfarm symposium on operating systems principles. ,vol. 39, pp. 148- 162 ,(2005) , 10.1145/1095809.1095825
Mariano Graziano, Corrado Leita, Davide Balzarotti, Towards network containment in malware analysis systems Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC '12. pp. 339- 348 ,(2012) , 10.1145/2420950.2421000