Language:
English
繁體中文
Help
回圖書館首頁
手機版館藏查詢
Login
Back
Switch To:
Labeled
|
MARC Mode
|
ISBD
A new approach to malware detection.
~
Tang, Hong Ying.
Linked to FindBook
Google Book
Amazon
博客來
A new approach to malware detection.
Record Type:
Language materials, printed : Monograph/item
Title/Author:
A new approach to malware detection./
Author:
Tang, Hong Ying.
Description:
101 p.
Notes:
Source: Masters Abstracts International, Volume: 49-02, page: 1292.
Contained By:
Masters Abstracts International49-02.
Subject:
Engineering, Computer. -
Online resource:
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=MR67230
ISBN:
9780494672303
A new approach to malware detection.
Tang, Hong Ying.
A new approach to malware detection.
- 101 p.
Source: Masters Abstracts International, Volume: 49-02, page: 1292.
Thesis (M.A.Sc.)--Concordia University (Canada), 2010.
Malware is a type of malicious programs, and is one of the most common and serious types of attacks on the Internet. Obfuscating transformations have been widely applied by attackers to malware, which makes malware detection become a more challenging issue. There has been extensive research to detect obfuscated malware. A promising research direction uses both control-flow graph and instruction classes of basic blocks as the signature of malware. This research direction is robust against certain obfuscation, such as variable substitution, instruction reordering. But only using instruction classes to detect obfuscated basic blocks will cause high false positives and false negatives. In this thesis, based on the same research direction, we proposed an improved approach to detect obfuscated malware. In addition to using CFG, our approach also uses functionalities of basic block as the signature of malware.
ISBN: 9780494672303Subjects--Topical Terms:
1669061
Engineering, Computer.
A new approach to malware detection.
LDR
:02449nam 2200253 4500
001
1401368
005
20111017083930.5
008
130515s2010 ||||||||||||||||| ||eng d
020
$a
9780494672303
035
$a
(UMI)AAIMR67230
035
$a
AAIMR67230
040
$a
UMI
$c
UMI
100
1
$a
Tang, Hong Ying.
$3
1680497
245
1 2
$a
A new approach to malware detection.
300
$a
101 p.
500
$a
Source: Masters Abstracts International, Volume: 49-02, page: 1292.
502
$a
Thesis (M.A.Sc.)--Concordia University (Canada), 2010.
520
$a
Malware is a type of malicious programs, and is one of the most common and serious types of attacks on the Internet. Obfuscating transformations have been widely applied by attackers to malware, which makes malware detection become a more challenging issue. There has been extensive research to detect obfuscated malware. A promising research direction uses both control-flow graph and instruction classes of basic blocks as the signature of malware. This research direction is robust against certain obfuscation, such as variable substitution, instruction reordering. But only using instruction classes to detect obfuscated basic blocks will cause high false positives and false negatives. In this thesis, based on the same research direction, we proposed an improved approach to detect obfuscated malware. In addition to using CFG, our approach also uses functionalities of basic block as the signature of malware.
520
$a
Specifically, our contributions are presented as follows: 1) we design "signature calculation algorithm" to extract the signature of a malicious code fragment. "Signature calculation algorithm" is based on compiler optimization algorithm, but add and integrate memory sub-variable optimization, expression formalization and cross basic block propagation into it. 2) we formalize the expressions of assignment statements to facilitate comparing the functionalities of two expressions. 3) we design a detection algorithm to detect whether a program is an obfuscated malware instance. Our detection algorithm compares two aspects: CFG and the functionalities of basic blocks. 4) we implement the proposed approach, and perform experiments to compare our approach and the previous approach.
590
$a
School code: 0228.
650
4
$a
Engineering, Computer.
$3
1669061
690
$a
0464
710
2
$a
Concordia University (Canada).
$3
1018569
773
0
$t
Masters Abstracts International
$g
49-02.
790
$a
0228
791
$a
M.A.Sc.
792
$a
2010
856
4 0
$u
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=MR67230
based on 0 review(s)
Location:
ALL
電子資源
Year:
Volume Number:
Items
1 records • Pages 1 •
1
Inventory Number
Location Name
Item Class
Material type
Call number
Usage Class
Loan Status
No. of reservations
Opac note
Attachments
W9164507
電子資源
11.線上閱覽_V
電子書
EB
一般使用(Normal)
On shelf
0
1 records • Pages 1 •
1
Multimedia
Reviews
Add a review
and share your thoughts with other readers
Export
pickup library
Processing
...
Change password
Login