System and method for computer inspection of information objects for shared malware components
作者: Daniel Wyschogrod , Jonathan Aron Rubin , Steven W. Jilcott , John O. Everett
DOI:
关键词:
摘要: Embodiments of a system and method for computer inspection information objects, example, executable software applications common components that may include elements viruses, items from hacker exploit libraries, or other malware components. Information objects contain identified sequences instructions, each which be hierarchically grouped based on their structural relationship(s). In the context, programming languages multiple functional code; these are often shared between programmers. some embodiments, an hierarchical relationship (e.g., constituent functions) in allow identification programs. authorship by comparisons component samples. is limited to groups having specified size, complexity, eccentricity.
lens.org 参考文章(10)
Jung-Chan Na, Seon-Gyoung Sohn, Beom Hwan Chang, Apparatus and method for detecting malicious code, malicious code visualization device and malicious code determination device ,(2012)
Ero Carrera, Soeren-Meyer Eppler, Sebastian Porst, Thomas Dullien, Automated Attacker Correlation for Malicious Code ,(2010)
Sourabh Satish, Brian Hernacki, Detecting new or modified portions of code ,(2006)
Hira Agrawal, Lisa Bahler, Josephine Micallef, Shane Snyder, Alexandr Virodov, Detection of global, metamorphic malware variants using control and data flow analysis military communications conference. pp. 1- 6 ,(2012) , 10.1109/MILCOM.2012.6415581
Xin Hu, Tzi-cker Chiueh, Kang G. Shin, Large-scale malware indexing using function-call graphs computer and communications security. pp. 611- 620 ,(2009) , 10.1145/1653662.1653736
G. Caldiera, V.R. Basili, Identifying and qualifying reusable software components IEEE Computer. ,vol. 24, pp. 61- 70 ,(1991) , 10.1109/2.67210
Michael Bailey, Jon Oberheide, Jon Andersen, Z Morley Mao, Farnam Jahanian, Jose Nazario, None, Automated classification and analysis of internet malware recent advances in intrusion detection. pp. 178- 197 ,(2007) , 10.1007/978-3-540-74320-0_10
Oleg Sokolsky, Sampath Kannan, Insup Lee, System and method for comparing similarity of computer programs ,(2006)
Dennis C. Episkopos, Deborah Jeanne Hill, J. Jenny Li, Howell S. Yee, David M. Weiss, Handling loops in programs and examining feasible software behavior for detecting malicious code ,(2006)
Tzi-cker Chiueh, Kent E. Griffin, Scott Schneider, Xin Hu, Selecting malware signatures based on malware diversity ,(2009)