A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf.
Filters
Collective classification for packed executable identification
2011
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference on - CEAS '11
Preserved Fulltext
In this paper, we propose a new method for packed executable detection that adopts a collective learning approach to reduce the labelling requirements of completely supervised approaches. ...
Notwithstanding, supervised learning methods need the identification and labelling of a high number of packed and not packed executables. ...
We would also like to acknowledge S21Sec for the Zeus malware family samples provided in order to set up the experimental dataset. ...
doi:10.1145/2030376.2030379
dblp:conf/ceas/SantosUSLB11
fatcat:4brlzovyvrbs7fmp5iu5egvgnm
File Packing from the Malware Perspective: Techniques, Analysis Approaches, and Directions for Enhancements
2022
ACM Computing Surveys
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
This paper then surveys 23 methods proposed in academic research for the detection and classification of packed portable executable (PE) files and highlights various trends in malware packing. ...
The packing of executable files, which is one of the most common techniques for code protection, has been repurposed for code obfuscation by malware authors as a means of evading malware detectors (mainly ...
We would also like to thank Eitam Sheetrit for his inputs on how to improve our proposed packing classification solution using the TPF classification algorithm, Lastly, we would like to thanks Tomer Panker ...
doi:10.1145/3530810
fatcat:c6horhx3i5bevk5ibtu5y42rim
A Fine-Grained Classification Approach for the Packed Malicious Code
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
SVM Classifier to implement the fast detection of packed malicious code.We also show that our system achieves very high detection accuracy of packed executables, so that only executables detected as packed ...
However,these universal unpackers are computationally expensive and scanning large collections of executables may take several hours or even days.In order to improve the computational efficiency, Machine ...
of packed executables into the packed and non-packed,inlcuding the identification issues of different packers . we first analysis its feature of the typical packed malicious code and described how to ...
doi:10.1007/978-3-642-34129-8_49
fatcat:btvg5wkqajeg7lnzepyjwhjszi
An Improved Method for Packed Malware Detection using PE Header and Section Table Information
2019
International Journal of Computer Network and Information Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
There, a method is presented for detecting malware based on the features extracted from the PE header and section table PE files. The packed files are detected and then unpacke them. ...
The results of the experiments consist of 971 executable files containing 761 malware and 210 clean files with an accuracy of 98.26%. ...
Packing means a packed executable file inside another executable file. In order to detect the malware, this pack must be unpacked. ...
doi:10.5815/ijcnis.2019.09.02
fatcat:ybgcmfmo5bhoxp73kfx6r7off4
Birds of a Feature: Intrafamily Clustering for Version Identification of Packed Malware
2020
IEEE Systems Journal
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
It should be noted that we do not execute lineage inference itself but refine an input for lineage inference based on version identification. ...
Our system design is straightforward and executes stepwise feature processing and version identification. ...
doi:10.1109/jsyst.2019.2960076
fatcat:svhj66lnqfdbtl7zz3epikw5ue
Absent extreme learning machine algorithm with application to packed executable identification
2014
Neural computing & applications (Print)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
By observing the fact that some structural characteristics of a part of packed malware instances hold unreasonable values, we cast the packed executable identification tasks into an absence learning problem ...
Extreme learning machine (ELM) has been an important research topic over the last decade due to its high efficiency, easy-implementation, unification of classification and regression, and unification of ...
Guang-Bin Huang for the valuable comments. This work was supported by the National Natural Science Foundation of China (Project Nos. 61105050, 61170287, 61303264 and 61271252). ...
doi:10.1007/s00521-014-1558-4
fatcat:zszr6kpwqzge3gl6h5cuwzll5q
Identifying Ransomware - Specific Properties using Static Analysis of Executables
2019
IJARCCE
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
The experiments show that higher accuracy of classification, using machine learning algorithms, is achieved by combining these properties with the set of generic malware properties for malware detection ...
This paper presents the results of the study and analysis of ransomware executable files in order to identify the characteristic properties that distinguish ransomware from other malware and benign executable ...
then with the collection of all the general and specific properties. ...
doi:10.17148/ijarcce.2019.8461
fatcat:34l43o3qszf75pf65336sf5zy4
Opcode sequences as representation of executables for data-mining-based unknown malware detection
2013
Information Sciences
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Entropy analysis initially determines if the binary has undergone a code packing transformation. ...
A Malware, short for malicious software, means a variety of forms of hostile, intrusive, or annoying software or program code. ...
During classification, it adopts a top-down approach and traverses a tree for classification of any instance. Moreover, Random Forest is an ensemble learner. ...
doi:10.1016/j.ins.2011.08.020
fatcat:74jfmvfgcres7gc7ggfxvdkfi4
A Cross-Platform Malware Variant Classification based on Image Representation
2019
KSII Transactions on Internet and Information Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The existing research proved that the similarities among malware variants could be used for detection and family classification. ...
CP-MVCS reduced computational time and improved classification accuracy by using CSGM feature description along machine learning classification. ...
For our case, we collected 181 unpacked binary executables from Virus share [27] portal. ...
doi:10.3837/tiis.2019.07.023
fatcat:w3zsmghhm5d45g2ouh2cpuhyk4
Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification
2021
Annual Computer Security Applications Conference
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
They use numerous customized firmware and hardware, without taking into consideration security issues, which make them a target for cybercriminals, especially malware authors. ...
altered malware samples with unseen obfuscation techniques during the training phase, and to determine what kind of obfuscations were applied to the binary, which makes our approach particularly useful for ...
Executable classification. This scenario is a straightforward executable identification, where the model is trying to profile exactly the binary that generated the spectrogram. ...
doi:10.1145/3485832.3485894
fatcat:tqzl6tvwffdvxftflyzzdcyp3u
An efficient block-discriminant identification of packed malware
2015
Sadhana (Bangalore)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Therefore, unpacking becomes a mandatory phase prior to anti-virus scanning for identifying the known malware hidden behind packing layers. ...
The second phase (PEAL) validates inferences of ESCAPE by employing bi-classification (packed vs native) model using relevant hex byte features extracted blockwise. ...
They have claimed classification accuracy of 87.3% and an AUC equal to 0.977. Numerous tools have been also designed to identify packed executables for malware analysis. ...
doi:10.1007/s12046-015-0399-x
fatcat:kuyo2ztuhbfl5jjadoehb7byo4
Evolving Computational Intelligence System for Malware Detection
[chapter]
2014
Lecture Notes in Business Information Processing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
It is an Evolving Computational Intelligence System for Malware Detection (ECISMD) which performs classification by Evolving Spiking Neural Networks (eSNN), in order to properly label a packed executable ...
On the other hand, it uses an Evolving Classification Function (ECF) for the detection of malwares and applies Genetic Algorithms to achieve ECF Optimization. ...
Scanning large collections of executables, may take hours or days. ...
doi:10.1007/978-3-319-07869-4_30
fatcat:n2pyy7xzybaitmxxrpgqiggc3q
Classification Method for Imbalanced Data using Ensemble Learning System
2020
VOLUME-8 ISSUE-10, AUGUST 2019, REGULAR ISSUE
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
In this paper, we propose a grouping based subset troupe learning strategy for taking care of class imbalanced issue. ...
bunching based Under-inspecting, at that point, a further grouping of new training sets is performed by applying four calculations: Decision Tree, Naive Bayes, KNN and SVM, as the base algorithms in joined packing ...
Packing is abbreviated type of bootstrap total. It is the main successful method for outfit learning and is one of the clear techniques for versatile weight and joining. ...
doi:10.35940/ijitee.b6289.129219
fatcat:nkiv7ygxrbf37hmz5f3pejt4vi
Image Clustering using K-Means on Marine Products
2020
VOLUME-8 ISSUE-10, AUGUST 2019, REGULAR ISSUE
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
This research succeeds 83% accuracy for bunch the images into nine clusters ...
In this study, the researcher collected 360 marine product images consist of red snapper, prawn, silver belly, pomfret, mackerel, cuttle fish, lobster, crab and sardine to conduct try-outs at first. ...
GLCM and K-means have been executed in MATLAB for real marine products images. ...
doi:10.35940/ijitee.d1369.029420
fatcat:tomwfwmpujccjhausxf5rpb5cm
Dynamic Malware Analysis and Detection in Virtual Environment
2017
International Journal of Modern Education and Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Thus, automated dynamic malware analysis becomes a widely preferred technique for the identification of unknown malware. ...
efficient detection of unknown malware compared to the traditional hierarchical classification approach. ...
The execution traces are collected in the form of a textual report. ...
doi:10.5815/ijmecs.2017.03.06
fatcat:b4ek3kj2cbcirocnq73e6b7ecy
« Previous
Showing results 1 — 15 out of 22,129 results