Evaluation methodology and theoretical model for antiviral behavioural detection strategies
作者: Eric Filiol , Grégoire Jacob , Mickaël Le Liard
DOI: 10.1007/S11416-006-0026-9
关键词:
摘要: Behavioural analysis for detection of malware has recently emerged as a new promising set antiviral techniques: function-based is now considered along with sequence-based detection. Most the antivirus publishers claim to use behavioral marketing argument. But real impact these “new” techniques seems be mitigated since no progress in general fight been noticed nowadays. This paper presents an evaluation methodology capabilities software respect analysis. It shown that contrary claims some publishers, behavioural still very marginally used and implemented. These are quite always either validated by or dependant on classical form-based methods (detection pattern example). In this context, we propose generalised, theoretical model which considers at same time both give essential properties should exibhit achieve behavioural-based
springer.com
vxheaven.org参考文章(10)
Eric Filiol⋆, Designs, Intersecting Families, and Weight of Boolean Functions Lecture Notes in Computer Science. pp. 70- 80 ,(1999) , 10.1007/3-540-46665-7_7
Fred Cohen, Computer viruses Computers & Security. ,vol. 6, pp. 22- 35 ,(1987) , 10.1016/0167-4048(87)90122-2
Alfred J Menezes, Paul C van Oorschot, Scott A Vanstone, Handbook of Applied Cryptography ,(1996)
G.-Z. Xiao, J.L. Massey, A spectral characterization of correlation-immune combining functions IEEE Transactions on Information Theory. ,vol. 34, pp. 569- 571 ,(1988) , 10.1109/18.6037
B. Sankur, Applications of Walsh and related functions Signal Processing. ,vol. 10, pp. 99- ,(1986) , 10.1016/0165-1684(86)90068-X
Eric Filiol, Malware Pattern Scanning Schemes Secure Against Black-box Analysis Journal in Computer Virology. ,vol. 2, pp. 35- 50 ,(2006) , 10.1007/S11416-006-0009-X
K. Chakrabarty, J.P. Hayes, Balanced Boolean functions IEE Proceedings - Computers and Digital Techniques. ,vol. 145, pp. 52- 62 ,(1998) , 10.1049/IP-CDT:19981769
Emanuel Sperner, Ein Satz über Untermengen einer endlichen Menge Mathematische Zeitschrift. ,vol. 27, pp. 544- 548 ,(1928) , 10.1007/BF01171114
O.S Rothaus, On “bent” functions Journal of Combinatorial Theory, Series A. ,vol. 20, pp. 300- 305 ,(1976) , 10.1016/0097-3165(76)90024-8
Sébastien Josse, How to Assess the Effectiveness of your Anti-virus? Journal in Computer Virology. ,vol. 2, pp. 51- 65 ,(2006) , 10.1007/S11416-006-0016-Y