[1] |
SYMANTEC. Highlights from 2010 internet security threat report[EB/OL]. , 2011.
|
[2] |
SYMANTEC. Highlights from 2012 internet security threat report[EB/OL]. , 2013.
|
[3] |
LI Y , ZUO Z H . An overview of object-code obfuscation technolo-gies[J]. Journal of Computer Technology and Development, 2007,17(4): 125-127.
|
[4] |
NATARAJ L , KARTHIKEYAN S , JACOB G , et al. Malware images:visualization and automatic classification[A]. Proceedings of VizSec[C]. Pittsburgh, USA 2011.
|
[5] |
NATARAJ L , YEGNESWARAN V , PORRAS P , et al. A comparative assessment of malware classification using binary texture analysis and dynamic analysis[A]. Proceedings of the 4th ACM Workshop on Secu-rity and Artificial Intelligence[C]. Chicago, USA, 2011. 21-30.
|
[6] |
王蕊, 冯登国, 杨轶 等. 基于语义的恶意代码行为特征提取及检测方法[J]. 软件学报, 2012,23(2):378-393. WANG R , FENG D G , YANG Y , et al. Semantics-based malware be-havior signature extraction and detection method[J]. Journal of Soft-ware, 2012,23(2):378-393.
|
[7] |
COGSWELL B , RUSSINOVICH M . Rootkit revealer[EB/OL]. , 2006.
|
[8] |
KIRDA E , KRUEGEL C , BANKS G , et al. Behavior-based spyware detection[A]. Proceedings of the 15th USENIX Security Sympo-sium[C]. Canada, 2006. 273-288.
|
[9] |
CHRISTODORESCU M , JHA S , SESHIA S A , et al. Semantics-aware malware detection[A]. Proc of the 2005 IEEE Symposium on Security and Privacy[C]. California, USA, 2005. 32-46.
|
[10] |
KINDER J , KATZENBEISSER S , SCHALLHART C , et al. Detecting malicious code by model checking[A]. Detection of Intrusions and Malware, and Vulnerability Assessment, 2005,3548: 174-187.
|
|
SATHYANARAYAN V S , KOHLI P , BRUHADESHWAR B . Signa-ture generation and detection of malware families[A]. Proc of the 13th Austalasian Conf on Information Security and Privacy[C]. Wollon-gong, Australia, 2008. 336-349.
|
[12] |
CHRISTODORESCU M , KINDER J , JHA S . Malware Nor-malization[R]. Technical Report 1539, Madison: University of Wis-consin, 2005.
|
[13] |
WILLEMS C , HOLZ T , FREILING F . Toward automated dynamic malware analysis using CWSandbox[J]. IEEE Security and Privacy, 2007,5(2): 32-39.
|
[14] |
BAYER U , KRUEGEL C , KIRDA E . TTANALYZE. A tool for ana-lyzing malware[A]. 15th European Institute for Computer Antivirus Research (EICAR 2006)[C]. Hamburg, Germany, 2006. 180-192.
|
[15] |
BELLARD F . QEMU, A fast and portable dynamic translator[A][A]. USENIX Annual Technical Conference, FREENIX Track[C]. Califor-nia, USA, 2005. 41-46.
|
[16] |
LI P , LIU L , GAO D , et al. On challenges in evaluating malware clustering[A]. Recent Advances in Intrusion Detection[C], Ottawa, Canada 2010. 238-255.
|
[17] |
YOO I . Visualizing windows executable viruses using self-organizing maps[A]. International Workshop on Visualization for Cyber Security (VizSec)[C]. Washington DC, USA, 2004. 82-89.
|
[18] |
QUIST D A , LIEBROCK L M . Visualizing compiled executables for malware analysis[A]. International Workshop on Visualization for Cyber Security (VizSec)[C]. Atlantic City, USA, 2009. 27-32.
|
[19] |
TRINIUS P , HOLZ T , GOBEL J , et al. Visual analysis of malware behavior using treemaps and thread graphs[A]. International Workshop on Visualization for Cyber Security (VizSec)[C]. Atlantic City, USA, 2009. 33-38.
|
[20] |
GOODALL J H , RANDWAN H , HALSETH L , et al. Visual analysis of code security[A]. International Workshop on Visualization for Cyber Security (VizSec)[C]. Ottawa, Canada, 2010. 46-51.
|
[21] |
CONTI G , BRATUS S , SANGSTER B , et al. Automated mapping of large binary objects using primitive fragment type classification[J]. Digital Forensics Research Conference (DFRWS) Ottawa, Canada, 2010,7 3-12.
|
[22] |
CONTI G , BRATUS S . Voyage of the reverser: a visual study of binary species[A]. Black Hat[C]. USA. 2010.
|
[23] |
KANCHERLA K , MUKKAMALA S . Image visualization based malware detection[A]. Computational Intelligence in Cyber Security (CICS)[C]. Singapore, 2013.40-44.
|
[24] |
HARALICK R M , SHANMUGAM K , DINSTEIN I H . Textural fea-tures for image classification[A]. IEEE Transactions on Systems, Man and Cybernetics, 1973, (6): 610-621.
|
[25] |
JOLLIFFE I . Principal Component Analysis[A]. USA: John Wiley&Sons, Ltd, 2005.
|
[26] |
PAOLO C , MARCO P , PAVEL Z . IM-tree: an efficient access method for similarity search in metric spaces[A]. Proceedings of the 23rd In-ternational Conference on Very Large Data Bases[C]. San Francisco, USA, 1997.426-435.
|
[27] |
INDYK P , MOTWANI R . Approximate nearest neighbors: towards removing the curse of dimensionality[A]. Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing[C] New York, USA, 1998. 604-613.
|
[28] |
GIONIS A , INDYK P , MOTWANI R . Similarity search in high di-mensions via hashing[A]. VLDB'99: Proceedings of the 25th Interna-tional Conference on Very Large Data Bases[C]. San Francisco, CA, USA, 1999.518-529.
|
[29] |
DATAR M , IMMORLICA N , INDYK P , et al. Locality-sensitive hashing scheme based on p-stable distributions[A]. SCG'04: Proceed-ings of the Twentieth Annual Symposium on Computational Geome-try[C]. New York, USA, 2004.253-262.
|
[30] |
HOJJATOLESLAMI S A , KITTLER J . Region growing: a new ap-proach[J]. IEEE Transactions on Image Processing, 1998, 7(7): 1079-1084.
|