Relevant bibliographies by topics / Malware similarity

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Book chapters
  4. Conference papers

Academic literature on the topic 'Malware similarity'

Author: Grafiati
Published: 19 February 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Malware similarity.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Malware similarity"

1

Chen, Yu-Hung, Jiann-Liang Chen, and Ren-Feng Deng. "Similarity-Based Malware Classification Using Graph Neural Networks." Applied Sciences 12, no. 21 (October 26, 2022): 10837. http://dx.doi.org/10.3390/app122110837.

Full text
Abstract:
This work proposes a novel malware identification model that is based on a graph neural network (GNN). The function call relationship and function assembly content obtained by analyzing the malware are used to generate a graph that represents the functional structure of a malware sample. In addition to establishing a multi-classification model for predicting malware family, this work implements a similarity model that is based on Siamese networks, measuring the distance between two samples in the feature space to determine whether they belong to the same malware family. The distance between the samples is gradually adjusted during the training of the model to improve the performance. A Malware Bazaar dataset analysis reveals that the proposed classification model has an accuracy and area under the curve (AUC) of 0.934 and 0.997, respectively. The proposed similarity model has an accuracy and AUC of 0.92 and 0.92, respectively. Further, the proposed similarity model identifies the unseen malware family with approximately 70% accuracy. Hence, the proposed similarity model exhibits better performance and scalability than the pure classification model and previous studies.
APA, Harvard, Vancouver, ISO, and other styles
2

YANG, Yi, Pu-Rui SU, Ling-Yun YING, and Deng-Guo FENG. "Dependency-Based Malware Similarity Comparison Method." Journal of Software 22, no. 10 (October 25, 2011): 2438–53. http://dx.doi.org/10.3724/sp.j.1001.2011.03888.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Jang, Jae-wook, Hyunjae Kang, Jiyoung Woo, Aziz Mohaisen, and Huy Kang Kim. "Andro-AutoPsy: Anti-malware system based on similarity matching of malware and malware creator-centric information." Digital Investigation 14 (September 2015): 17–35. http://dx.doi.org/10.1016/j.diin.2015.06.002.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Jang, Jae-wook, Hyunjae Kang, Jiyoung Woo, Aziz Mohaisen, and Huy Kang Kim. "Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information." Computers & Security 58 (May 2016): 125–38. http://dx.doi.org/10.1016/j.cose.2015.12.005.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Pavithra, J., and S. Selvakumara Samy. "An Adaptive Feature Centric XG Boost Ensemble Classifier Model for Improved Malware Detection and Classification." International Journal on Recent and Innovation Trends in Computing and Communication 10, no. 2s (December 31, 2022): 208–17. http://dx.doi.org/10.17762/ijritcc.v10i2s.5930.

Full text
Abstract:
Machine learning (ML) is often used to solve the problem of malware detection and classification and various machine learning approaches are adapted to the problem of malware classification; still acquiring poor performance by the way of feature selection, and classification. To manage the issue, an efficient Adaptive Feature Centric XG Boost Ensemble Learner Classifier “AFC-XG Boost” novel algorithm is presented in this paper. The proposed model has been designed to handle varying data sets of malware detection obtained from Kaggle data set. The model turns the process of XG Boost classifier in several stages to optimize the performance. At preprocessing stage, the data set given has been noise removed, normalized and tamper removed using Feature Base Optimizer “FBO” algorithm. The FBO would normalize the data points as well as performs noise removal according to the feature values and their base information. Similarly, the performance of standard XG Boost has been optimized by adapting Feature selection using Class Based Principle Component Analysis “CBPCA” algorithm, which performs feature selection according to the fitness of any feature for different classes. Based on the selected features, the method generates regression tree for each feature considered. Based on the generated trees, the method performs classification by computing Tree Level Ensemble Similarity “TLES” and Class Level Ensemble Similarity “CLES”. Using both method computes the value of Class Match Similarity “CMS” based on which the malware has been classified. The proposed approach achieves 97% accuracy in malware detection and classification with the less time complexity of 34 seconds for 75000 samples
APA, Harvard, Vancouver, ISO, and other styles
6

Venkatraman, Sitalakshmi, and Mamoun Alazab. "Use of Data Visualisation for Zero-Day Malware Detection." Security and Communication Networks 2018 (December 2, 2018): 1–13. http://dx.doi.org/10.1155/2018/1728303.

Full text
Abstract:
With the explosion of Internet of Things (IoT) worldwide, there is an increasing threat from malicious software (malware) attackers that calls for efficient monitoring of vulnerable systems. Large amounts of data collected from computer networks, servers, and mobile devices need to be analysed for malware proliferation. Effective analysis methods are needed to match with the scale and complexity of such a data-intensive environment. In today’s Big Data contexts, visualisation techniques can support malware analysts going through the time-consuming process of analysing suspicious activities thoroughly. This paper takes a step further in contributing to the evolving realm of visualisation techniques used in the information security field. The aim of the paper is twofold: (1) to provide a comprehensive overview of the existing visualisation techniques for detecting suspicious behaviour of systems and (2) to design a novel visualisation using similarity matrix method for establishing malware classification accurately. The prime motivation of our proposal is to identify obfuscated malware using visualisation of the extended x86 IA-32 (opcode) similarity patterns, which are hard to detect with the existing approaches. Our approach uses hybrid models wherein static and dynamic malware analysis techniques are combined effectively along with visualisation of similarity matrices in order to detect and classify zero-day malware efficiently. Overall, the high accuracy of classification achieved with our proposed method can be visually observed since different malware families exhibit significantly dissimilar behaviour patterns.
APA, Harvard, Vancouver, ISO, and other styles
7

Shi, Hongbo, Tomoki Hamagami, Katsunari Yoshioka, Haoyuan Xu, Kazuhiro Tobe, and Shigeki Goto. "Structural classification and similarity measurement of malware." IEEJ Transactions on Electrical and Electronic Engineering 9, no. 6 (September 27, 2014): 621–32. http://dx.doi.org/10.1002/tee.22018.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Chen, Chia-Mei, and Shi-Hao Wang. "Advancing Malware Classification With an Evolving Clustering Method." International Journal of Applied Metaheuristic Computing 9, no. 3 (July 2018): 1–12. http://dx.doi.org/10.4018/ijamc.2018070101.

Full text
Abstract:
This article describes how honeypots and intrusion detection systems serve as major mechanisms for security administrators to collect a variety of sample viruses and malware for further analysis, classification, and system protection. However, increased variety and complexity of malware makes the analysis and classification challenging, especially when efficiency and timely response are two contradictory yet equally significant criteria in malware classification. Besides, similarity-based classifications exhibit insufficiency because the mutation and fuzzification of malware exacerbate classification difficulties. In order to improve malware classification speed and attend to mutation, this research proposes the ameliorated progressive classification that integrates static analysis and improved k-means algorithm. This proposed classification aims at assisting network administrators to have a malware classification preprocess and make efficient malware classifications upon the capture of new malware, thus enhancing the defense against malware.
APA, Harvard, Vancouver, ISO, and other styles
9

Frenklach, Tatiana, Dvir Cohen, Asaf Shabtai, and Rami Puzis. "Android malware detection via an app similarity graph." Computers & Security 109 (October 2021): 102386. http://dx.doi.org/10.1016/j.cose.2021.102386.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Park, Chan-Kyu, Hyong-Shik Kim, Tae Jin Lee, and Jae-Cheol Ryou. "Function partitioning methods for malware variant similarity comparison." Journal of the Korea Institute of Information Security and Cryptology 25, no. 2 (April 30, 2015): 321–30. http://dx.doi.org/10.13089/jkiisc.2015.25.2.321.

Full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Malware similarity"

1

Wrench, Peter Mark. "Detecting derivative malware samples using deobfuscation-assisted similarity analysis." Thesis, Rhodes University, 2016. http://hdl.handle.net/10962/383.

Full text
Abstract:
The overwhelming popularity of PHP as a hosting platform has made it the language of choice for developers of Remote Access Trojans (RATs or web shells) and other malicious software. These shells are typically used to compromise and monetise web platforms by providing the attacker with basic remote access to the system, including _le transfer, command execution, network reconnaissance, and database connectivity. Once infected, compromised systems can be used to defraud users by hosting phishing sites, performing Distributed Denial of Service attacks, or serving as anonymous platforms for sending spam or other malfeasance. The vast majority of these threats are largely derivative, incorporating core capabilities found in more established RATs such as c99 and r57. Authors of malicious software routinely produce new shell variants by modifying the behaviours of these ubiquitous RATs, either to add desired functionality or to avoid detection by signature-based detection systems. Once these modified shells are eventually identified (or additional functionality is required), the process of shell adaptation begins again. The end result of this iterative process is a web of separate but related shell variants, many of which are at least partially derived from one of the more popular and influential RATs. In response to the problem outlined above, the author set out to design and implement a system capable of circumventing common obfuscation techniques and identifying derivative malware samples in a given collection. To begin with, a decoder component was developed to syntactically deobfuscate and normalise PHP code by detecting and reversing idiomatic obfuscation constructs, and to apply uniform formatting conventions to all system inputs. A unified malware analysis framework, called Viper, was then extended to create a modular similarity analysis system comprised of individual feature extraction modules, modules responsible for batch processing, a matrix module for comparing sample features, and two visualisation modules capable of generating visual representations of shell similarity. The principal conclusion of the research was that the deobfuscation performed by the decoder component prior to analysis dramatically improved the observed levels of similarity between test samples. This in turn allowed the modular similarity analysis system to identify derivative clusters (or families) within a large collection of shells more accurately. Techniques for isolating and re-rendering these clusters were also developed and demonstrated to be effective at increasing the amount of detail available for evaluating the relative magnitudes of the relationships within each cluster.
APA, Harvard, Vancouver, ISO, and other styles
2

Li, Yuping. "Similarity Based Large Scale Malware Analysis: Techniques and Implications." Scholar Commons, 2018. https://scholarcommons.usf.edu/etd/7691.

Full text
Abstract:
Malware analysis and detection continues to be one of the central battlefields for cybersecurity industry. For the desktop malware domain, we observed multiple significant ransomware attacks in the past several years, e.g., it was estimated that in 2017 the WannaCry ransomware attack affected more than 200,000 computers across 150 countries with hundreds of millions damages. Similarly, we witnessed the increased impacts of Android malware on global individuals due to the popular smartphone and IoT devices worldwide. In this dissertation, we describe similarity comparison based novel techniques that can be applied to achieve large scale desktop and Android malware analysis, and the practical implications of machine learning based approaches for malware detection. First, we propose a generic and effective solution for accurate and efficient binary similarity analysis of desktop malware. Binary similarity analysis is an essential technique for a variety of security analysis tasks, including malware detection and malware clustering. Even though various solutions have been developed, existing binary similarity analysis methods still suffer from limited efficiency, accuracy, and usability. In this work, we propose a novel graphical fuzzy hashing scheme for accurate and efficient binary similarity analysis. We first abstract control flow graphs (CFGs) of binary codes to extract blended n-gram graphical features of the CFGs, and then encode the graphical features into numeric vectors (called graph signatures) to measure similarity by comparing the graph signatures. We further leverage a fuzzy hashing technique to convert the numeric graph signatures into smaller fixed size fuzzy hash outputs for efficient comparisons. Our comprehensive evaluation demonstrates that our blended n-gram graphical feature based CFG comparison is more effective and efficient compared to existing CFG comparison techniques. Based on our CFG comparison method, we develop BingSim, a binary similarity analysis tool, and show that BingSim outperforms existing binary similarity analysis tools while conducting similarity analysis based malware detection and malware clustering. Second, we identify the challenges faced by overall similarity based Android malware clustering and design a specialized system for solving the problems. Clustering has been well studied for desktop malware analysis as an effective triage method. Conventional similarity-based clustering techniques, however, cannot be immediately applied to Android malware analysis due to the excessive use of third-party libraries in Android application development and the widespread use of repackaging in malware development. We design and implement an Android malware clustering system through iterative mining of malicious payloads and checking whether malware samples share the same version of malicious payloads. Our system utilizes a hierarchical clustering technique and an efficient bit-vector format to represent Android apps. Experimental results demonstrate that our clustering approach achieves precision of 0.90 and recall of 0.75 for the Android Genome mal- ware dataset, and average precision of 0.98 and recall of 0.96 with respect to manually verified ground-truth. Third, we study the fundamental issues faced by traditional machine learning (ML) based Android malware detection systems, and examine the role of ML for Android malware detection in practice, which leads to a revised evaluation strategy that evaluates an ML based malware detection system by checking their zero-day detection capabilities. Existing machine learning based Android malware research obtains the ground truth by consulting AV products, and uses the same label set for training and testing. However, there is a mismatch between how the ML system has been evaluated, and the true purpose of using ML system in practice. The goal of applying ML is not to reproduce or verify the same potentially imperfect knowledge, but rather to produce something that is better — closer to the ultimate ground truth about the apps’ maliciousness. Therefore, it will be more meaningful to check their zero-day detection capabilities than detection accuracy for known malware. This evaluation strategy is aligned with how an ML algorithm can potentially benefit malware detection in practice, by acknowledging that any ML classifier has to be trained on imperfect knowledge, and such knowledge evolves over time. Besides the traditional malware prediction approaches, we also examine the mislabel identification approaches. Through extensive experiments, we demonstrate that: (a) it is feasible to evaluate ML based Android malware detection systems with regard to their zero-day malware detection capabilities; (b) both malware prediction and mislabel identification approaches can be used to achieve verifiable zero-day malware detection, even when trained with an old and noisy ground truth dataset.
APA, Harvard, Vancouver, ISO, and other styles
3

Subramanian, Nandita. "Analysis of Rank Distance for Malware Classification." University of Cincinnati / OhioLINK, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1479823187035784.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Namanya, Anitta P., Irfan U. Awan, J. P. Disso, and M. Younas. "Similarity hash based scoring of portable executable files for efficient malware detection in IoT." Elsevier, 2019. http://hdl.handle.net/10454/17168.

Full text
Abstract:
Yes
The current rise in malicious attacks shows that existing security systems are bypassed by malicious files. Similarity hashing has been adopted for sample triaging in malware analysis and detection. File similarity is used to cluster malware into families such that their common signature can be designed. This paper explores four hash types currently used in malware analysis for portable executable (PE) files. Although each hashing technique produces interesting results, when applied independently, they have high false detection rates. This paper investigates into a central issue of how different hashing techniques can be combined to provide a quantitative malware score and to achieve better detection rates. We design and develop a novel approach for malware scoring based on the hashes results. The proposed approach is evaluated through a number of experiments. Evaluation clearly demonstrates a significant improvement (> 90%) in true detection rates of malware.
APA, Harvard, Vancouver, ISO, and other styles
5

Ali-Gombe, Aisha Ibrahim. "Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications." ScholarWorks@UNO, 2017. http://scholarworks.uno.edu/td/2290.

Full text
Abstract:
The rapid increase in mobile malware and deployment of over-privileged applications over the years has been of great concern to the security community. Encroaching on user’s privacy, mobile applications (apps) increasingly exploit various sensitive data on mobile devices. The information gathered by these applications is sufficient to uniquely and accurately profile users and can cause tremendous personal and financial damage. On Android specifically, the security and privacy holes in the operating system and framework code has created a whole new dynamic for malware and privacy exploitation. This research work seeks to develop novel analysis techniques that monitor Android applications for possible unwanted behaviors and then suggest various ways to deal with the privacy leaks associated with them. Current state-of-the-art static malware analysis techniques on Android-focused mainly on detecting known variants without factoring any kind of software obfuscation. The dynamic analysis systems, on the other hand, are heavily dependent on extending the Android OS and/or runtime virtual machine. These methodologies often tied the system to a single Android version and/or kernel making it very difficult to port to a new device. In privacy, accesses to the database system’s objects are not controlled by any security check beyond overly-broad read/write permissions. This flawed model exposes the database contents to abuse by privacy-agnostic apps and malware. This research addresses the problems above in three ways. First, we developed a novel static analysis technique that fingerprints known malware based on three-level similarity matching. It scores similarity as a function of normalized opcode sequences found in sensitive functional modules and application permission requests. Our system has an improved detection ratio over current research tools and top COTS anti-virus products while maintaining a high level of resiliency to both simple and complex obfuscation. Next, we augment the signature-related weaknesses of our static classifier with a hybrid analysis system which incorporates bytecode instrumentation and dynamic runtime monitoring to examine unknown malware samples. Using the concept of Aspect-oriented programming, this technique involves recompiling security checking code into an unknown binary for data flow analysis, resource abuse tracing, and analytics of other suspicious behaviors. Our system logs all the intercepted activities dynamically at runtime without the need for building custom kernels. Finally, we designed a user-level privacy policy enforcement system that gives users more control over their personal data saved in the SQLite database. Using bytecode weaving for query re-writing and enforcing access control, our system forces new policies at the schema, column, and entity levels of databases without rooting or voiding device warranty.
APA, Harvard, Vancouver, ISO, and other styles
6

Regard, Viktor. "Studying the effectiveness of dynamic analysis for fingerprinting Android malware behavior." Thesis, Linköpings universitet, Databas och informationsteknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-163090.

Full text
Abstract:
Android is the second most targeted operating system for malware authors and to counter the development of Android malware, more knowledge about their behavior is needed. There are mainly two approaches to analyze Android malware, namely static and dynamic analysis. Recently in 2017, a study and well labeled dataset, named AMD (Android Malware Dataset), consisting of over 24,000 malware samples was released. It is divided into 135 varieties based on similar malicious behavior, retrieved through static analysis of the file classes.dex in the APK of each malware, whereas the labeled features were determined by manual inspection of three samples in each variety. However, static analysis is known to be weak against obfuscation techniques, such as repackaging or dynamic loading, which can be exploited to avoid the analysis. In this study the second approach is utilized and all malware in the dataset are analyzed at run-time in order to monitor their dynamic behavior. However, analyzing malware at run-time has known weaknesses as well, as it can be avoided through, for instance, anti-emulator techniques. Therefore, the study aimed to explore the available sandbox environments for dynamic analysis, study the effectiveness of fingerprinting Android malware using one of the tools and investigate whether static features from AMD and the dynamic analysis correlate. For instance, by an attempt to classify the samples based on similar dynamic features and calculating the Pearson Correlation Coefficient (r) for all combinations of features from AMD and the dynamic analysis. The comparison of tools for dynamic analysis, showed a need of development, as most popular tools has been released for a long time and the common factor is a lack of continuous maintenance. As a result, the choice of sandbox environment for this study ended up as Droidbox, because of aspects like ease of use/install and easily adaptable for large scale analysis. Based on the dynamic features extracted with Droidbox, it could be shown that Android malware are more similar to the varieties which they belong to. The best metric for classifying samples to varieties, out of four investigated metrics, turned out to be Cosine Similarity, which received an accuracy of 83.6% for the entire dataset. The high accuracy indicated a correlation between the dynamic features and static features which the varieties are based on. Furthermore, the Pearson Correlation Coefficient confirmed that the manually extracted features, used to describe the varieties, and the dynamic features are correlated to some extent, which could be partially confirmed by a manual inspection in the end of the study.
APA, Harvard, Vancouver, ISO, and other styles
7

Otočka, Dávid. "Rozpoznávání podobností souborů na základě chování." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2009. http://www.nusl.cz/ntk/nusl-236767.

Full text
Abstract:
The goal of this master thesis was to design an algorithm that will be able to measure the difference between two programs based on their behavioral description. For the algorithm needs, the Levenshtein distance method between two strings and NCD method, were used. Both methods have their implementation approach and test result described. This term also discusses various methods of program analysis in virtual machine environment, as well as explanation of some basic concepts regarding malware analysis.
APA, Harvard, Vancouver, ISO, and other styles
8

Ďurfina, Lukáš. "Generický zpětný překlad za účelem rozpoznání chování." Doctoral thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2014. http://www.nusl.cz/ntk/nusl-261238.

Full text
Abstract:
Práce je zaměřena na rozpoznávání specifického chování pomocí generického zpětného překladu. Generický zpětný překlad je proces, který transformuje spustitelné soubory z různých architektur a formátů objektových souborů na stejný jazyk na vysoké úrovni. Tento proces se vztahuje k nástroji Lissom Decompiler. Pro účely rozpoznání chování práce zavádí Language for Decompilation -- LfD. LfD představuje jednoduchý imperativní jazyk, který je vhodný pro srovnávaní. Konkrétní chování je dáno známým spustitelným souborem (např. malware) a rozpoznání se provádí jako najítí poměru podobnosti s jiným neznámým spustitelným souborem. Tento poměr podobnosti je vypočítán nástrojem LfDComparator, který zpracovává dva vstupy v LfD a rozhoduje o jejich podobnosti.
APA, Harvard, Vancouver, ISO, and other styles
9

Varga, Adam. "Identifikace a charakterizace škodlivého chování v grafech chování." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2021. http://www.nusl.cz/ntk/nusl-442388.

Full text
Abstract:
Za posledné roky je zaznamenaný nárast prác zahrňujúcich komplexnú detekciu malvéru. Pre potreby zachytenia správania je často vhodné pouziť formát grafov. To je prípad antivírusového programu Avast, ktorého behaviorálny štít deteguje škodlivé správanie a ukladá ich vo forme grafov. Keďže sa jedná o proprietárne riešenie a Avast antivirus pracuje s vlastnou sadou charakterizovaného správania bolo nutné navrhnúť vlastnú metódu detekcie, ktorá bude postavená nad týmito grafmi správania. Táto práca analyzuje grafy správania škodlivého softvéru zachytené behavioralnym štítom antivírusového programu Avast pre proces hlbšej detekcie škodlivého softvéru. Detekcia škodlivého správania sa začína analýzou a abstrakciou vzorcov z grafu správania. Izolované vzory môžu efektívnejšie identifikovať dynamicky sa meniaci malware. Grafy správania sú uložené v databáze grafov Neo4j a každý deň sú zachytené tisíce z nich. Cieľom tejto práce bolo navrhnúť algoritmus na identifikáciu správania škodlivého softvéru s dôrazom na rýchlosť skenovania a jasnosť identifikovaných vzorcov správania. Identifikácia škodlivého správania spočíva v nájdení najdôležitejších vlastností natrénovaných klasifikátorov a následnej extrakcie podgrafu pozostávajúceho iba z týchto dôležitých vlastností uzlov a vzťahov medzi nimi. Následne je navrhnuté pravidlo pre hodnotenie extrahovaného podgrafu. Diplomová práca prebehla v spolupráci so spoločnosťou Avast Software s.r.o.
APA, Harvard, Vancouver, ISO, and other styles
10

Jian, Yi, and 簡毅. "Android Malware Detection Based on Structural Content Similarity." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/39880338043570415216.

Full text
Abstract:
碩士
中國文化大學
資訊管理學系
105
In recent years, smartphones have become the mainstream of the market, everyday there are more and more computing power and has a strong mobile device can store large amounts of data, and therefore allow a more private data, such as personal information, account passwords and even Financial information, etc., are likely to be stolen abuse of information. With the improvement of computing power and the progress of mobile communication technology, mobile devices become more popular, the proportion of In-ternet population is gradually increasing. Therefore, mobile devices are also emerging threats in the past PC facing attacks like Trojans, steal data, blocking attacks and extortion attacks. Mobile malware is very fast, and new versions and variants appear every day. In view of the fact that this study suggests that the malicious program is discovered from the occurrence to the discovery, the window period between the capture and the completion of the signature analysis must be shortened , it was first developed to reverse engineering technology source reduction, reuse of the source code in the class-meth od-API composi-tion for making a junction, MI selected malicious reuse common API, and finally through the above-described configuration than FIG comprising the sensitive API part to deter-mine whether the malware.
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Malware similarity"

1

Lokoč, Jakub, Tomáš Grošup, Přemysl Čech, Tomáš Pevný, and Tomáš Skopal. "Malware Discovery Using Behaviour-Based Exploration of Network Traffic." In Similarity Search and Applications, 315–23. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-68474-1_22.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Liu, Jing, Yongjun Wang, Peidai Xie, Yuan Wang, and Zhijian Huang. "Malware Similarity Analysis Based on Graph Similarity Flooding Algorithm." In Advances in Computer Science and Ubiquitous Computing, 31–37. Singapore: Springer Singapore, 2015. http://dx.doi.org/10.1007/978-981-10-0281-6_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Čech, Přemysl, Jan Kohout, Jakub Lokoč, Tomáš Komárek, Jakub Maroušek, and Tomáš Pevný. "Feature Extraction and Malware Detection on Large HTTPS Data Using MapReduce." In Similarity Search and Applications, 311–24. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-46759-7_24.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Choi, Sunoh. "Hierarchical Similarity Hash for Fast Malware Detection." In Lecture Notes in Electrical Engineering, 127–31. Singapore: Springer Singapore, 2020. http://dx.doi.org/10.1007/978-981-15-9309-3_19.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Yi, Yang, Ying Lingyun, Wang Rui, Su Purui, and Feng Dengguo. "DepSim: A Dependency-Based Malware Similarity Comparison System." In Information Security and Cryptology, 503–22. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011. http://dx.doi.org/10.1007/978-3-642-21518-6_35.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Massarelli, Luca, Giuseppe Antonio Di Luna, Fabio Petroni, Roberto Baldoni, and Leonardo Querzoni. "SAFE: Self-Attentive Function Embeddings for Binary Similarity." In Detection of Intrusions and Malware, and Vulnerability Assessment, 309–29. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-22038-9_15.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Shankarpani, M. K., K. Kancherla, R. Movva, and S. Mukkamala. "Computational Intelligent Techniques and Similarity Measures for Malware Classification." In Computational Intelligence for Privacy and Security, 215–36. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012. http://dx.doi.org/10.1007/978-3-642-25237-2_13.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Liu, Jing, Yongjun Wang, Peidai Xie, and Xingkong Ma. "Using a Fine-Grained Hybrid Feature for Malware Similarity Analysis." In Advances in Computer Science and Ubiquitous Computing, 54–60. Singapore: Springer Singapore, 2016. http://dx.doi.org/10.1007/978-981-10-3023-9_9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Kim, Jihun, and Jonghee M. Youn. "Dynamic Analysis Bypassing Malware Detection Method Utilizing Malicious Behavior Visualization and Similarity." In Lecture Notes in Electrical Engineering, 560–65. Singapore: Springer Singapore, 2017. http://dx.doi.org/10.1007/978-981-10-5041-1_89.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Liu, Liang, Yusen Wang, Shan Liao, Yang Tan, Kai Liu, and Lei Zhang. "CL-GCN: Malware Familial Similarity Calculation Based on GCN and Topic Model." In Proceedings of 2021 Chinese Intelligent Automation Conference, 607–17. Singapore: Springer Singapore, 2021. http://dx.doi.org/10.1007/978-981-16-6372-7_66.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Malware similarity"

1

Apel, Martin, Christian Bockermann, and Michael Meier. "Measuring similarity of malware behavior." In 2009 IEEE 34th Conference on Local Computer Networks (LCN 2009). IEEE, 2009. http://dx.doi.org/10.1109/lcn.2009.5355037.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Upchurch, Jason, and Xiaobo Zhou. "Variant: a malware similarity testing framework." In 2015 10th International Conference on Malicious and Unwanted Software (MALWARE). IEEE, 2015. http://dx.doi.org/10.1109/malware.2015.7413682.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Black, Paul, Iqbal Gondal, Peter Vamplew, and Arun Lakhotia. "Evolved Similarity Techniques in Malware Analysis." In 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). IEEE, 2019. http://dx.doi.org/10.1109/trustcom/bigdatase.2019.00061.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Jian Li, Jun Xu, Ming Xu, HengLi Zhao, and Ning Zheng. "Malware obfuscation measuring via evolutionary similarity." In 2009 First International Conference on Future Information Networks (ICFIN). IEEE, 2009. http://dx.doi.org/10.1109/icfin.2009.5339567.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Alkhateeb, Ehab Mufid Shafiq. "Dynamic Malware Detection Using API Similarity." In 2017 IEEE International Conference on Computer and Information Technology (CIT). IEEE, 2017. http://dx.doi.org/10.1109/cit.2017.14.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Shanhu Shang, Ning Zheng, Jian Xu, Ming Xu, and Haiping Zhang. "Detecting malware variants via function-call graph similarity." In 2010 5th International Conference on Malicious and Unwanted Software (MALWARE). IEEE, 2010. http://dx.doi.org/10.1109/malware.2010.5665787.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Jones, Luke, Andrew Sellers, and Martin Carlisle. "CARDINAL: similarity analysis to defeat malware compiler variations." In 2016 11th International Conference on Malicious and Unwanted Software (MALWARE). IEEE, 2016. http://dx.doi.org/10.1109/malware.2016.7888728.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Park, Wonjoo, Sun-joong Kim, and Won Ryu. "Detecting malware with similarity to Android applications." In 2015 International Conference on Information and Communication Technology Convergence (ICTC). IEEE, 2015. http://dx.doi.org/10.1109/ictc.2015.7354788.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Bak, Marton, Dorottya Papp, Csongor Tamas, and Levente Buttyan. "Clustering IoT Malware based on Binary Similarity." In NOMS 2020-2020 IEEE/IFIP Network Operations and Management Symposium. IEEE, 2020. http://dx.doi.org/10.1109/noms47738.2020.9110432.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Buttyan, Levente, Roland Nagy, and Dorottya Papp. "SIMBIoTA++: Improved Similarity-based IoT Malware Detection." In 2022 IEEE 2nd Conference on Information Technology and Data Science (CITDS). IEEE, 2022. http://dx.doi.org/10.1109/citds54976.2022.9914145.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Malware similarity' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography