Evasion-resistant malware signature based on profiling kernel data structure objects.
Ahmed F. ShoshaChen-Ching LiuPavel GladyshevMarcus MattenPublished in: CRiSIS (2012)
Keyphrases
- data structure
- d objects
- malware detection
- tree structure
- malicious executables
- data objects
- efficient data structures
- kernel function
- object segmentation
- quad trees
- hierarchical structures
- control flow
- suffix tree
- countermeasures
- reverse engineering
- network traffic
- attribute values
- anomaly detection
- computer systems
- moving objects