COMPUTER SECURITY PROFILING
作者: Andrew Mayo
DOI:
关键词:
摘要: Certain examples described herein relate to security profiling files on a computer system, including determining similarity between two executable program files. Byte samples are obtained from each file, respective distributions of byte values determined, and difference metric said is for example by sampler. Responsive the indicating similarity, file import sections processed determine set application programming interface references file. A determined as function number matching entries in sets references, responsive an indication made utility that similar.
lens.org 参考文章(28)
Seok-Chul Kwon, Won-Hyok Choi, Method for removing viruses infecting memory, computer-readable storage medium recorded with virus-removing program, and virus-removing apparatus ,(2003)
Oleg V. Nevstruev, Victor V. Yablokov, System and method for adaptive modification of antivirus databases ,(2013)
Karthik Raman, Kevin A. Beets, Tad M. Heppner, Abhishek Ajay Karnik, David Neill Beveridge, System and method for statistical analysis of comparative entropy ,(2011)
Aditya Kapoor, Jonathan L. Edwards, Realtime Kernel Object Table and Type Protection ,(2012)
Ahmed Said Sallam, Systems and methods for identifying hidden processes ,(2011)
Bjorn Markus Jakobsson, Pattern-based application classification ,(2009)
Anand Bodke, Systems and methods for detecting malware on mobile platforms ,(2011)
Yuval Ben-Itzhak, Byte-distribution analysis of file security ,(2007)
Dennis Pollutro, Srinivas Kumar, Systems and methods for using reputation scores in network services and transactions to calculate security risks to computer systems and platforms ,(2012)
Nicholas Neil Kralevich, Randall Sarafa, Robert J. Greenwalt, Jake Hamby, Alexander Faaborg, Adrian Ludwig, Winthrop Lyon Saville, Premium messaging challenges ,(2013)