JOURNAL ARTICLE
Babble: Identifying malware by its dialects
Abstract
Using runtime execution artifacts to identify whether code is malware, and to which malware family it belongs, is an established technique in the security domain. Traditionally, literature has relied on explicit features derived from network, file system, or registry interaction [1]. While effective, the collection and analysis of these fine-granularity data points makes the technique quite computationally expensive. Moreover, the signatures/heuristics this analysis produces are often easily circumvented by subsequent malware authors.
Keywords:
Malware Computer science Heuristics Granularity Cryptovirology Malware analysis Code (set theory) Domain (mathematical analysis) Static analysis Data mining Programming language Theoretical computer science Computer security Operating system Set (abstract data type)
Metrics
6
Cited By
1.18
FWCI (Field Weighted Citation Impact)
9
Refs
0.80
Citation Normalized Percentile
Is in top 1%
Is in top 10%
Citation History
Topics
Advanced Malware Detection Techniques
Physical Sciences → Computer Science → Signal Processing
Network Security and Intrusion Detection
Physical Sciences → Computer Science → Computer Networks and Communications
Security and Verification in Computing
Physical Sciences → Computer Science → Artificial Intelligence
Related Documents
JOURNAL ARTICLE
MetaAware: Identifying Metamorphic Malware
Qinghua ZhangDouglas S. Reeves
Year: 2007 Pages: 411-420
JOURNAL ARTICLE
MetaAware: Identifying Metamorphic Malware
Qinghua ZhangDouglas S. Reeves
Journal: Annual Computer Security Applications Conference/Proceedings of the annual Computer Security Applications Conference Year: 2007
JOURNAL ARTICLE
Identifying Android malware instructions
Laura Victoria Morales MedinaSandra Rueda
Year: 2014 Pages: 1-7
BOOK-CHAPTER
Chapter 2: Identifying Wu Dialects
Amsterdam studies in the theory and history of linguistic science. Series 4, Current issues in linguistic theory Year: 1999 Pages: 28-49