Morphological detection of malware

Bonfante, Guillaume; Kaczmarek, Matthieu; Marion, Jean-Yves

doi:10.1109/malware.2008.4690851

Cited by 22 publications

(21 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It can be used in various contexts such as virus detection [4] or libraries identification [3].In the present paper, we describe how morphological analysis can be used to resynchronize addresses in binary codes. We provide here only the main steps of morphological analysis.…”

Section: Morphological Analysismentioning

confidence: 99%

Code synchronization by morphological analysis

Bonfante

Marion

Sabatier

et al. 2012

2012 7th International Conference on Malicious and Unwanted Software

Self Cite

View full text Add to dashboard Cite

Section: Morphological Analysismentioning

confidence: 99%

Code synchronization by morphological analysis

Bonfante

Marion

Sabatier

et al. 2012

2012 7th International Conference on Malicious and Unwanted Software

Self Cite

View full text Add to dashboard Cite

“…CFGs have been often successfully used in static analysis [13,5]. However, given the complexity of certain pages, CFGs can be computationally expensive to generate, and hard to navigate.…”

Section: The Calculatormentioning

confidence: 99%

“…We borrowed the idea of using control flow analysis from some recent interesting work [9,21,5,6]. The Swaddler system [9], for example, focuses on detecting any violations in the workflow of a stateful application or input violations by users.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

XSS-Dec: A Hybrid Solution to Mitigate Cross-Site Scripting Attacks

Sundareswaran

Squicciarini

2012

Data and Applications Security and Privacy XXVI

View full text Add to dashboard Cite

Abstract. Cross-site scripting attacks represent one of the major security threats in today's Web applications. Current approaches to mitigate cross-site scripting vulnerabilities rely on either server-based or client-based defense mechanisms. Although effective for many attacks, server-side protection mechanisms may leave the client vulnerable if the server is not well patched. On the other hand, client-based mechanisms may incur a significant overhead on the client system. In this work, we present a hybrid client-server solution that combines the benefits of both architectures. Our Proxy-based solution leverages the strengths of both anomaly detection and control flow analysis to provide accurate detection. We demonstrate the feasibility and accuracy of our approach through extended testing using real-world cross-site scripting exploits.

show abstract

“…In one month amid 2007, 79% of recognized malware was packed [7]. Also, very nearly half of new malware in 2006 were repacked forms of existing malware [7] [8].This article has been acknowledged for distribution in a future issue of this diary, yet has not been completely altered. Substance may change preceding last distribution.…”

Section: Introductionmentioning

confidence: 99%

Classification System for Malware Identification and Detection

Punjabi¹,

Biradar²,

Kawade³

et al. 2017

IJARCSSE

View full text Add to dashboard Cite

Abstract-Signature based malware detection systems have been a tremendously utilized reaction to the unavoidable issue of malware. Distinguishing proof of malware variations is basic to a detection system furthermore, is made conceivable by distinguishing invariant qualities in related examples. To characterize the packed and polymorphic malware, this paper proposes a novel system, named malwise, for malware characterization utilizing a quick application level emulator to switch the code pressing change, furthermore, two flowgraph coordinating algorithms to perform characterization. A correct flowgraph coordinating algorithm is utilized that utilizations string based signatures, and can recognize malware with close constant execution. Furthermore, a more powerful surmised stream chart coordinating algorithm is recommended that uses the decompilation method of organizing to produce string based signatures managable to the string alter remove. We utilize genuine and manufactured malware to show the adequacy what's more, productivity of Malwise. Utilizing more than 15,000 genuine malware, gathered from honeypots, the viability is approved by demonstrating that there is an 88% likelihood that new malware is distinguished as a variation of existing malware. The effectiveness is shown from a littler example set of malware where 86% of the specimens can be classified in under 1.3 seconds.

show abstract

Morphological detection of malware

Cited by 22 publications

References 9 publications

Code synchronization by morphological analysis

Code synchronization by morphological analysis

XSS-Dec: A Hybrid Solution to Mitigate Cross-Site Scripting Attacks

Classification System for Malware Identification and Detection

Contact Info

Product

Resources

About