Vorträge und Posterpräsentationen (mit Tagungsband-Eintrag):
U. Bayer, E. Kirda, Ch. Krügel, P. Milani Comparetti, C. Hlauschek:
"Scalable, Behavior-Based Malware Clustering";
Vortrag: Network and Distributed System Security Symposium (NDSS),
San Diego;
08.02.2009
- 11.02.2009; in: "16th Annual Network and Distributed System Security Symposium (NDSS 2009)",
NDSS Proceedings,
(2009).
Kurzfassung englisch:
Anti-malware companies receive thousands of malware samples every day. To process this large quantity, a number of automated analysis tools were developed. These tools execute a malicious program in a controlled environment and produce reports that summarize the program's actions. Of course, the problem of analyzing the reports still remains. Recently, researchers have started to explore automated clustering techniques that help to identify samples that exhibit similar behavior. This allows an analyst to discard reports of samples that have been seen before, while focusing on novel, interesting threats. Unfortunately, previous techniques do not scale well and frequently fail to generalize the observed activity well enough to recognize related malware.
Schlagworte:
malware, clustering
Elektronische Version der Publikation:
http://publik.tuwien.ac.at/files/PubDat_179716.pdf
Zugeordnete Projekte:
Projektleitung Wolfgang Kastner:
Pathfinder - Malicious Code Analysis and Detection
Projektleitung Paolo Milani Comparetti:
Worldwide Observatory of Malicious Behaviors and Attack Threats
Erstellt aus der Publikationsdatenbank der Technischen Universität Wien.