FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2400599487> ?p ?o ?g. }

• W2400599487 endingPage "517" @default.
• W2400599487 startingPage "497" @default.
• W2400599487 abstract "As the underground market of malware flourishes, there is an exponential increase in the number and diversity of malware. A crucial question in malware analysis research is how to define malware specifications or signatures that faithfully describe similar malicious intent and clearly stand out from other programs. It is evident that the classical syntactic signatures are insufficient to defeat state-of-the art malware. Behavior-based specifications which capture real malicious characteristics during runtime, have become more prevalent in anti-malware tasks, such as malware detection and malware clustering. This kind of specification is typically extracted from system call dependence graphs that a malware sample invokes. In this paper we present replacement attacks to poison behavior-based specifications by concealing similar behaviors among malware variants. The essence of the attacks is to replace a behavior specification to its semantically equivalent one, so that similar malware variants within one family turn out to be different. As a result, malware analysts have to put more efforts to re-analyze similar samples. We distill general attacking strategies by mining more than 5,000 malware samples’ behavior specifications and implement a compiler-level prototype to automate replacement attacks. Experiments on 960 real malware samples demonstrate effectiveness of our approach to impede multiple malware analyses based on behavior specifications, such as similarity comparison and malware clustering. In the end, we provide possible counter-measures to strengthen behavior-based malware analysis." @default.
• W2400599487 created "2016-06-24" @default.
• W2400599487 creator A5003467063 @default.
• W2400599487 creator A5008435786 @default.
• W2400599487 creator A5013883558 @default.
• W2400599487 creator A5018814025 @default.
• W2400599487 creator A5048249261 @default.
• W2400599487 creator A5089309949 @default.
• W2400599487 date "2015-01-01" @default.
• W2400599487 modified "2023-09-25" @default.
• W2400599487 title "Replacement Attacks: Automatically Impeding Behavior-Based Malware Specifications" @default.
• W2400599487 cites W1495745096 @default.
• W2400599487 cites W1496704300 @default.
• W2400599487 cites W1573286687 @default.
• W2400599487 cites W1580559113 @default.
• W2400599487 cites W162711728 @default.
• W2400599487 cites W1851403712 @default.
• W2400599487 cites W1981033991 @default.
• W2400599487 cites W1992181084 @default.
• W2400599487 cites W2003568760 @default.
• W2400599487 cites W2012459404 @default.
• W2400599487 cites W2033857234 @default.
• W2400599487 cites W2038276547 @default.
• W2400599487 cites W2049629426 @default.
• W2400599487 cites W2052854541 @default.
• W2400599487 cites W2089103284 @default.
• W2400599487 cites W2105037940 @default.
• W2400599487 cites W2115392339 @default.
• W2400599487 cites W2126401948 @default.
• W2400599487 cites W2135143063 @default.
• W2400599487 cites W2136245903 @default.
• W2400599487 cites W2140807364 @default.
• W2400599487 cites W2152565070 @default.
• W2400599487 cites W2166924764 @default.
• W2400599487 cites W2167671111 @default.
• W2400599487 cites W2168519318 @default.
• W2400599487 cites W2247654784 @default.
• W2400599487 cites W4254636208 @default.
• W2400599487 doi "https://doi.org/10.1007/978-3-319-28166-7_24" @default.
• W2400599487 hasPublicationYear "2015" @default.
• W2400599487 type Work @default.
• W2400599487 sameAs 2400599487 @default.
• W2400599487 citedByCount "14" @default.
• W2400599487 countsByYear W24005994872016 @default.
• W2400599487 countsByYear W24005994872017 @default.
• W2400599487 countsByYear W24005994872018 @default.
• W2400599487 countsByYear W24005994872019 @default.
• W2400599487 countsByYear W24005994872020 @default.
• W2400599487 countsByYear W24005994872021 @default.
• W2400599487 countsByYear W24005994872022 @default.
• W2400599487 crossrefType "book-chapter" @default.
• W2400599487 hasAuthorship W2400599487A5003467063 @default.
• W2400599487 hasAuthorship W2400599487A5008435786 @default.
• W2400599487 hasAuthorship W2400599487A5013883558 @default.
• W2400599487 hasAuthorship W2400599487A5018814025 @default.
• W2400599487 hasAuthorship W2400599487A5048249261 @default.
• W2400599487 hasAuthorship W2400599487A5089309949 @default.
• W2400599487 hasBestOaLocation W24005994872 @default.
• W2400599487 hasConcept C154945302 @default.
• W2400599487 hasConcept C169590947 @default.
• W2400599487 hasConcept C199360897 @default.
• W2400599487 hasConcept C2778579508 @default.
• W2400599487 hasConcept C2779395397 @default.
• W2400599487 hasConcept C38652104 @default.
• W2400599487 hasConcept C41008148 @default.
• W2400599487 hasConcept C541664917 @default.
• W2400599487 hasConcept C73555534 @default.
• W2400599487 hasConcept C84525096 @default.
• W2400599487 hasConceptScore W2400599487C154945302 @default.
• W2400599487 hasConceptScore W2400599487C169590947 @default.
• W2400599487 hasConceptScore W2400599487C199360897 @default.
• W2400599487 hasConceptScore W2400599487C2778579508 @default.
• W2400599487 hasConceptScore W2400599487C2779395397 @default.
• W2400599487 hasConceptScore W2400599487C38652104 @default.
• W2400599487 hasConceptScore W2400599487C41008148 @default.
• W2400599487 hasConceptScore W2400599487C541664917 @default.
• W2400599487 hasConceptScore W2400599487C73555534 @default.
• W2400599487 hasConceptScore W2400599487C84525096 @default.
• W2400599487 hasLocation W24005994871 @default.
• W2400599487 hasLocation W24005994872 @default.
• W2400599487 hasOpenAccess W2400599487 @default.
• W2400599487 hasPrimaryLocation W24005994871 @default.
• W2400599487 hasRelatedWork W1573526548 @default.
• W2400599487 hasRelatedWork W2951553000 @default.
• W2400599487 hasRelatedWork W2965893286 @default.
• W2400599487 hasRelatedWork W3013896538 @default.
• W2400599487 hasRelatedWork W3193776713 @default.
• W2400599487 hasRelatedWork W4312206273 @default.
• W2400599487 hasRelatedWork W4319151772 @default.
• W2400599487 hasRelatedWork W4323520309 @default.
• W2400599487 hasRelatedWork W4381279634 @default.
• W2400599487 hasRelatedWork W4386029484 @default.
• W2400599487 isParatext "false" @default.
• W2400599487 isRetracted "false" @default.
• W2400599487 magId "2400599487" @default.
• W2400599487 workType "book-chapter" @default.