DocumentCode :
653821
Title :
Babble: Identifying malware by its dialects
Author :
Mohaisen, Aziz ; Alrawi, Omar ; West, Andrew G. ; Mankin, Allison
Author_Institution :
Verisign Labs., Reston, VA, USA
fYear :
2013
fDate :
14-16 Oct. 2013
Firstpage :
407
Lastpage :
408
Abstract :
Using runtime execution artifacts to identify whether code is malware, and to which malware family it belongs, is an established technique in the security domain. Traditionally, literature has relied on explicit features derived from network, file system, or registry interaction [1]. While effective, the collection and analysis of these fine-granularity data points makes the technique quite computationally expensive. Moreover, the signatures/heuristics this analysis produces are often easily circumvented by subsequent malware authors.
Keywords :
invasive software; Babble system; fine-granularity data points; malware dialects; malware identification; runtime execution artifacts; security domain; Accuracy; Conferences; Decision trees; Malware; Measurement; Support vector machines;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Communications and Network Security (CNS), 2013 IEEE Conference on
Conference_Location :
National Harbor, MD
Type :
conf
DOI :
10.1109/CNS.2013.6682751
Filename :
6682751
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=653821
بازگشت