Resilience of Anti-malware Programs to Naïve Modifications of Malicious Binaries Conference Paper uri icon


  • Abstract: The massive amounts of malware variants which are released each day demand fast in-lab analysis, along with fast in-field detection. Traditional malware detection methodology depends on either static or dynamic in-lab analysis to identify a suspicious file as malicious. When a file is identified as malware, the analyst extracts a structural signature, which is dispatched to subscriber machines. The signature should enable fast scanning, and should also be flexible enough to detect simple variants. In this paper we discuss' naïve' …

publication date

  • September 24, 2014