A survey on automated dynamic malware-analysis techniques and tools
Anti-virus vendors are confronted with a multitude of potentially malicious samples today.
Receiving thousands of new samples every day is not uncommon. The signatures that …
Receiving thousands of new samples every day is not uncommon. The signatures that …
Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization
Today, the Internet security community largely emphasizes cyberspace monitoring for the
purpose of generating cyber intelligence. In this paper, we present a survey on darknet. The …
purpose of generating cyber intelligence. In this paper, we present a survey on darknet. The …
Does every second count? time-based evolution of malware behavior in sandboxes
The amount of time in which a sample is executed is one of the key parameters of a malware
analysis sandbox. Setting the threshold too high hinders the scalability and reduces the …
analysis sandbox. Setting the threshold too high hinders the scalability and reduces the …
Challenges and pitfalls in malware research
As the malware research field became more established over the last two decades, new
research questions arose, such as how to make malware research reproducible, how to …
research questions arose, such as how to make malware research reproducible, how to …
Bayesian bot detection based on DNS traffic similarity
R Villamarín-Salomón, JC Brustoloni - … of the 2009 ACM symposium on …, 2009 - dl.acm.org
Bots often are detected by their communication with a command and control (C&C)
infrastructure. To evade detection, botmasters are increasingly obfuscating C&C …
infrastructure. To evade detection, botmasters are increasingly obfuscating C&C …
Automatic malware mutant detection and group classification based on the n-gram and clustering coefficient
The majority of recent cyber incidents have been caused by malware. According to a report
by Symantec, an average of one million malicious codes is found daily. Automated static and …
by Symantec, an average of one million malicious codes is found daily. Automated static and …
Towards network containment in malware analysis systems
This paper focuses on the containment and control of the network interaction generated by
malware samples in dynamic analysis environments. A currently unsolved problem consists …
malware samples in dynamic analysis environments. A currently unsolved problem consists …
[PDF][PDF] YALIH, yet another low interaction honeyclient
Low-interaction honeyclients employ static detection techniques such as signatures,
heuristic or anomaly detection in the identification of malicious websites. They are …
heuristic or anomaly detection in the identification of malicious websites. They are …
IT2FS-based ontology with soft-computing mechanism for malware behavior analysis
Antimalware application is one of the most important research issues in the area of cyber
security threat. Nowadays, because hackers continuously develop novel techniques to …
security threat. Nowadays, because hackers continuously develop novel techniques to …
An unknown trojan detection method based on software network behavior
Y Liang, G Peng, H Zhang, Y Wang - Wuhan University Journal of Natural …, 2013 - Springer
Aiming at the difficulty of unknown Trojan detection in the APT flooding situation, an
improved detecting method has been proposed. The basic idea of this method originates …
improved detecting method has been proposed. The basic idea of this method originates …