語系:
繁體中文
English
說明(常見問題)
回圖書館首頁
手機版館藏查詢
登入
回首頁
切換:
標籤
|
MARC模式
|
ISBD
A new approach to malware detection.
~
Tang, Hong Ying.
FindBook
Google Book
Amazon
博客來
A new approach to malware detection.
紀錄類型:
書目-語言資料,印刷品 : Monograph/item
正題名/作者:
A new approach to malware detection./
作者:
Tang, Hong Ying.
面頁冊數:
101 p.
附註:
Source: Masters Abstracts International, Volume: 49-02, page: 1292.
Contained By:
Masters Abstracts International49-02.
標題:
Engineering, Computer. -
電子資源:
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=MR67230
ISBN:
9780494672303
A new approach to malware detection.
Tang, Hong Ying.
A new approach to malware detection.
- 101 p.
Source: Masters Abstracts International, Volume: 49-02, page: 1292.
Thesis (M.A.Sc.)--Concordia University (Canada), 2010.
Malware is a type of malicious programs, and is one of the most common and serious types of attacks on the Internet. Obfuscating transformations have been widely applied by attackers to malware, which makes malware detection become a more challenging issue. There has been extensive research to detect obfuscated malware. A promising research direction uses both control-flow graph and instruction classes of basic blocks as the signature of malware. This research direction is robust against certain obfuscation, such as variable substitution, instruction reordering. But only using instruction classes to detect obfuscated basic blocks will cause high false positives and false negatives. In this thesis, based on the same research direction, we proposed an improved approach to detect obfuscated malware. In addition to using CFG, our approach also uses functionalities of basic block as the signature of malware.
ISBN: 9780494672303Subjects--Topical Terms:
1669061
Engineering, Computer.
A new approach to malware detection.
LDR
:02449nam 2200253 4500
001
1401368
005
20111017083930.5
008
130515s2010 ||||||||||||||||| ||eng d
020
$a
9780494672303
035
$a
(UMI)AAIMR67230
035
$a
AAIMR67230
040
$a
UMI
$c
UMI
100
1
$a
Tang, Hong Ying.
$3
1680497
245
1 2
$a
A new approach to malware detection.
300
$a
101 p.
500
$a
Source: Masters Abstracts International, Volume: 49-02, page: 1292.
502
$a
Thesis (M.A.Sc.)--Concordia University (Canada), 2010.
520
$a
Malware is a type of malicious programs, and is one of the most common and serious types of attacks on the Internet. Obfuscating transformations have been widely applied by attackers to malware, which makes malware detection become a more challenging issue. There has been extensive research to detect obfuscated malware. A promising research direction uses both control-flow graph and instruction classes of basic blocks as the signature of malware. This research direction is robust against certain obfuscation, such as variable substitution, instruction reordering. But only using instruction classes to detect obfuscated basic blocks will cause high false positives and false negatives. In this thesis, based on the same research direction, we proposed an improved approach to detect obfuscated malware. In addition to using CFG, our approach also uses functionalities of basic block as the signature of malware.
520
$a
Specifically, our contributions are presented as follows: 1) we design "signature calculation algorithm" to extract the signature of a malicious code fragment. "Signature calculation algorithm" is based on compiler optimization algorithm, but add and integrate memory sub-variable optimization, expression formalization and cross basic block propagation into it. 2) we formalize the expressions of assignment statements to facilitate comparing the functionalities of two expressions. 3) we design a detection algorithm to detect whether a program is an obfuscated malware instance. Our detection algorithm compares two aspects: CFG and the functionalities of basic blocks. 4) we implement the proposed approach, and perform experiments to compare our approach and the previous approach.
590
$a
School code: 0228.
650
4
$a
Engineering, Computer.
$3
1669061
690
$a
0464
710
2
$a
Concordia University (Canada).
$3
1018569
773
0
$t
Masters Abstracts International
$g
49-02.
790
$a
0228
791
$a
M.A.Sc.
792
$a
2010
856
4 0
$u
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=MR67230
筆 0 讀者評論
館藏地:
全部
電子資源
出版年:
卷號:
館藏
1 筆 • 頁數 1 •
1
條碼號
典藏地名稱
館藏流通類別
資料類型
索書號
使用類型
借閱狀態
預約狀態
備註欄
附件
W9164507
電子資源
11.線上閱覽_V
電子書
EB
一般使用(Normal)
在架
0
1 筆 • 頁數 1 •
1
多媒體
評論
新增評論
分享你的心得
Export
取書館
處理中
...
變更密碼
登入