FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2011009207> ?p ?o ?g. }

• W2011009207 abstract "Malware writers and detectors have been running an endless battle. Self-defense is the weapon most malware writers prepare against malware detectors. Malware writers have tried to evade the improved detection techniques of anti-virus(AV) products. Packing and code obfuscation are two popular evasion techniques. When these techniques are applied to malwares, they are able to change their instruction sequence while maintaining their intended function. We propose a detection mechanism defeating these self-defense techniques to improve malware detection. Since an obfuscated malware is able to change the syntax of its code while preserving its semantics, the proposed mechanism uses the semantic invariant. We convert the API call sequence of the malware into a graph, commonly known as a call graph, to extract the semantic of the malware. The call graph can be reduced to a code graph used for semantic signatures of the proposed mechanism. We show that the code graph can represent the characteristics of a program exactly and uniquely. Next, we evaluate the proposed mechanism by experiment. The mechanism has an 91% detection ratio of real-world malwares and detects 300 metamorphic malwares that can evade AV scanners. In this paper, we show how to analyze malwares by extracting program semantics using static analysis. It is shown that the proposed mechanism provides a high possibility of detecting malwares even when they attempt self-protection." @default.
• W2011009207 created "2016-06-24" @default.
• W2011009207 creator A5009761760 @default.
• W2011009207 creator A5034083735 @default.
• W2011009207 creator A5084346302 @default.
• W2011009207 date "2010-03-22" @default.
• W2011009207 modified "2023-10-05" @default.
• W2011009207 title "Detecting metamorphic malwares using code graphs" @default.
• W2011009207 cites W1582350176 @default.
• W2011009207 cites W1916732574 @default.
• W2011009207 cites W1966150547 @default.
• W2011009207 cites W1989255635 @default.
• W2011009207 cites W2096725584 @default.
• W2011009207 cites W2099053789 @default.
• W2011009207 cites W2099194862 @default.
• W2011009207 cites W2111038628 @default.
• W2011009207 cites W2117030266 @default.
• W2011009207 cites W2122471594 @default.
• W2011009207 cites W2131523719 @default.
• W2011009207 cites W2132504937 @default.
• W2011009207 cites W2132874238 @default.
• W2011009207 cites W2138471478 @default.
• W2011009207 cites W2139212933 @default.
• W2011009207 cites W2143807210 @default.
• W2011009207 cites W2150423842 @default.
• W2011009207 doi "https://doi.org/10.1145/1774088.1774505" @default.
• W2011009207 hasPublicationYear "2010" @default.
• W2011009207 type Work @default.
• W2011009207 sameAs 2011009207 @default.
• W2011009207 citedByCount "78" @default.
• W2011009207 countsByYear W20110092072012 @default.
• W2011009207 countsByYear W20110092072013 @default.
• W2011009207 countsByYear W20110092072014 @default.
• W2011009207 countsByYear W20110092072015 @default.
• W2011009207 countsByYear W20110092072016 @default.
• W2011009207 countsByYear W20110092072017 @default.
• W2011009207 countsByYear W20110092072018 @default.
• W2011009207 countsByYear W20110092072019 @default.
• W2011009207 countsByYear W20110092072020 @default.
• W2011009207 countsByYear W20110092072021 @default.
• W2011009207 countsByYear W20110092072022 @default.
• W2011009207 countsByYear W20110092072023 @default.
• W2011009207 crossrefType "proceedings-article" @default.
• W2011009207 hasAuthorship W2011009207A5009761760 @default.
• W2011009207 hasAuthorship W2011009207A5034083735 @default.
• W2011009207 hasAuthorship W2011009207A5084346302 @default.
• W2011009207 hasConcept C132525143 @default.
• W2011009207 hasConcept C154945302 @default.
• W2011009207 hasConcept C199360897 @default.
• W2011009207 hasConcept C2778579508 @default.
• W2011009207 hasConcept C38652104 @default.
• W2011009207 hasConcept C40305131 @default.
• W2011009207 hasConcept C41008148 @default.
• W2011009207 hasConcept C541664917 @default.
• W2011009207 hasConcept C80444323 @default.
• W2011009207 hasConcept C84525096 @default.
• W2011009207 hasConcept C97686452 @default.
• W2011009207 hasConceptScore W2011009207C132525143 @default.
• W2011009207 hasConceptScore W2011009207C154945302 @default.
• W2011009207 hasConceptScore W2011009207C199360897 @default.
• W2011009207 hasConceptScore W2011009207C2778579508 @default.
• W2011009207 hasConceptScore W2011009207C38652104 @default.
• W2011009207 hasConceptScore W2011009207C40305131 @default.
• W2011009207 hasConceptScore W2011009207C41008148 @default.
• W2011009207 hasConceptScore W2011009207C541664917 @default.
• W2011009207 hasConceptScore W2011009207C80444323 @default.
• W2011009207 hasConceptScore W2011009207C84525096 @default.
• W2011009207 hasConceptScore W2011009207C97686452 @default.
• W2011009207 hasFunder F4320321640 @default.
• W2011009207 hasFunder F4320322065 @default.
• W2011009207 hasFunder F4320334879 @default.
• W2011009207 hasLocation W20110092071 @default.
• W2011009207 hasOpenAccess W2011009207 @default.
• W2011009207 hasPrimaryLocation W20110092071 @default.
• W2011009207 hasRelatedWork W1482228399 @default.
• W2011009207 hasRelatedWork W2120297918 @default.
• W2011009207 hasRelatedWork W2167003418 @default.
• W2011009207 hasRelatedWork W2582087290 @default.
• W2011009207 hasRelatedWork W3195170298 @default.
• W2011009207 hasRelatedWork W4205194689 @default.
• W2011009207 hasRelatedWork W4283212140 @default.
• W2011009207 hasRelatedWork W4311731381 @default.
• W2011009207 hasRelatedWork W4312234627 @default.
• W2011009207 hasRelatedWork W4316077018 @default.
• W2011009207 isParatext "false" @default.
• W2011009207 isRetracted "false" @default.
• W2011009207 magId "2011009207" @default.
• W2011009207 workType "article" @default.