Wavelet decomposition of software entropy to identify malware
作者: Derek A. Soeder , Michael Wojnowicz , Glenn Chisholm , Matthew Wolff , Xuan Zhao
DOI:
关键词:
摘要: A plurality of data files is received. Thereafter, each file represented as an entropy time series that reflects amount across locations in code for such file. wavelet transform applied, file, to the corresponding generate energy spectrum characterizing, entropic at multiple scales resolution. It can then be determined, whether or not likely malicious based on spectrum. Related apparatus, systems, techniques and articles are also described.
lens.org 参考文章(106)
Hajime Inoue, Stephanie Forrest, Anomaly detection in dynamic execution environments University of New Mexico. ,(2005)
Ben Pontius, System and method of parallel pattern matching ,(2003)
Philip K. Chan, Matthew V. Mahoney, PHAD: packet header anomaly detection for identifying hostile network traffic ,(2001)
Morgan C. Wang, Muazzam Siddiqui, Joohan Lee, Data mining methods for malware detection using instruction sequences international conference on artificial intelligence and applications. pp. 358- 363 ,(2008)
Galen Hunt, Shobana Balakrishnan, Robert Fries, Virtual machine snapshotting and analysis ,(2012)
Silvio Cesare, Yang Xiang, Classification of malware using structured control flow AusPDC '10 Proceedings of the Eighth Australasian Symposium on Parallel and Distributed Computing - Volume 107. pp. 61- 70 ,(2010)
Klaus Brandstätter, Stefan Heinrich, Simon Vella, System and method for controlling multiple computer peripheral devices using a generic driver ,(2011)
Walter Bogorad, Vadim Antonov, Carey Nachenberg, Zulfikar Ramzan, Ameet Zaveri, Using confidence about user intent in a reputation system ,(2009)
Sanjeeb K. Sahoo, Detection of non-standard application programming interface usage via analysis of executable code ,(2005)
Dragomir Yankov, Rajesh Parekh, Abraham Bagherjeiran, Nicolas Eddy Mayoraz, Scoring clicks for click fraud prevention ,(2008)