Polymorphic Worm Detection Using Structural Information of Executables.
Christopher KrügelEngin KirdaDarren MutzWilliam K. RobertsonGiovanni VignaPublished in: RAID (2005)
Keyphrases
- structural information
- worm detection
- false alarms
- intrusion detection
- static analysis
- source code
- structural similarity
- malware detection
- false positive and false negative
- topological information
- detection rate
- structural features
- false positives
- semantic information
- machine learning
- network traffic
- spatial information
- logical structure
- detection algorithm
- low level