Mining specifications of malicious behavior

Christodorescu, Mihai; Jha, Somesh; Kruegel, Christopher

doi:10.1145/1342211.1342215

Cited by 132 publications

(124 citation statements)

References 26 publications

Supporting

Mentioning

122

Contrasting

Order By: Relevance

“…We acquired the malicious files from the VX Heaven website [17]. The files in the benign set, including executable and DLL (Dynamic Linked Library) files, were gathered from machines running Windows XP operating system in our campus.…”

Section: Discussionmentioning

confidence: 99%

NewApproach for Detecting Unknown Malicious Executables

Розенберг¹,

Gudes²,

Elovici³

et al. 2010

J Forensic Res

View full text Add to dashboard Cite

Section: Discussionmentioning

confidence: 99%

NewApproach for Detecting Unknown Malicious Executables

Розенберг¹,

Gudes²,

Elovici³

et al. 2010

J Forensic Res

View full text Add to dashboard Cite

“…The reasons of growing web based malware in web world are to increase cyber crimes. The real world applications mostly effected from malware are banking, electronics communication and online shopping etc [1].…”

Section: Introductionmentioning

confidence: 99%

Web based Malware Detection using Important Supervised Learning Techniques on Online Web Traffic

Yadav¹,

Bhagel²

2015

IJCA

View full text Add to dashboard Cite

Malwares on the websites can be harmful for the host machine. It may result in security breach, data loss, or denial of service at the host end. Many approaches for malware prediction have been applied in the past. Supervised machine learning approaches are popular and efficient in terms of accuracy. These techniques can be very useful for malware prediction using web traffic. Alarm for malware can be generated well before the attack and damage by simply just monitoring the web traffic. In this paper comparative analysis of supervised machine learning approaches which includes Naïve bayes, Support vector machine, PART and J48 is done. These methods are compared in terms of accuracy of prediction, false positive, false negative, true positive and true negative. This analysis is done using Weka tool.

show abstract

“…The reason for not being able to achieve a 100% detection and / or prevention of malware is because malware authors make use of sophisticated hiding techniques in order to prevent malware from being detected by means of signature based techniques. Such techniques are either entirely or partially based on code obfuscation [5][2] [6]. This has resulted in the emergence of malware known as polymorphic and metamorphic malware.…”

Section: Introductionmentioning

confidence: 99%

Implementing rootkits to address operating system vulnerabilities

Corregedor

Solms

2011

2011 Information Security for South Africa

View full text Add to dashboard Cite

Abstract-Statistics show that although malware detection techniques are detecting and preventing malware, they do not guarantee a 100% detection and / or prevention of malware. This is especially the case when it comes to rootkits that can manipulate the operating system such that it can distribute other malware, hide existing malware, steal information, hide itself, disable anti-malware software etc all without the knowledge of the user. This paper will demonstrate the steps required in order to create two rootkits.We will demonstrate that by implementing rootkits or any other type of malware a researcher will be able to better understand the techniques and vulnerabilities used by an attacker. Such information could then be useful when implementing anti-malware techniques.

show abstract

Mining specifications of malicious behavior

Cited by 132 publications

References 26 publications

NewApproach for Detecting Unknown Malicious Executables

NewApproach for Detecting Unknown Malicious Executables

Web based Malware Detection using Important Supervised Learning Techniques on Online Web Traffic

Implementing rootkits to address operating system vulnerabilities

Contact Info

Product

Resources

About