Journal on Communications ›› 2014, Vol. 35 ›› Issue (8): 125-136.doi: 10.3969/j.issn.1000-436x.2014.08.016
• Academic paper • Previous Articles Next Articles
Xiao-guang HAN1,UWu Q2,3,AOXuan-xia Y1,UOChang-you G1,Fang ZHOU1
Online:
2014-08-25
Published:
2017-06-29
Supported by:
Xiao-guang HAN,UWu Q,AOXuan-xia Y,UOChang-you G,Fang ZHOU. Research on malicious code variants detection based on texture fingerprint[J]. Journal on Communications, 2014, 35(8): 125-136.
[1] | SYMANTEC. Highlights from 2010 internet security threat report[EB/OL]. , 2011. |
[2] | SYMANTEC. Highlights from 2012 internet security threat report[EB/OL]. , 2013. |
[3] | LI Y , ZUO Z H . An overview of object-code obfuscation technolo-gies[J]. Journal of Computer Technology and Development, 2007,17(4): 125-127. |
[4] | NATARAJ L , KARTHIKEYAN S , JACOB G , et al. Malware images:visualization and automatic classification[A]. Proceedings of VizSec[C]. Pittsburgh, USA 2011. |
[5] | NATARAJ L , YEGNESWARAN V , PORRAS P , et al. A comparative assessment of malware classification using binary texture analysis and dynamic analysis[A]. Proceedings of the 4th ACM Workshop on Secu-rity and Artificial Intelligence[C]. Chicago, USA, 2011. 21-30. |
[6] | 王蕊, 冯登国, 杨轶 等. 基于语义的恶意代码行为特征提取及检测方法[J]. 软件学报, 2012,23(2):378-393. WANG R , FENG D G , YANG Y , et al. Semantics-based malware be-havior signature extraction and detection method[J]. Journal of Soft-ware, 2012,23(2):378-393. |
[7] | COGSWELL B , RUSSINOVICH M . Rootkit revealer[EB/OL]. , 2006. |
[8] | KIRDA E , KRUEGEL C , BANKS G , et al. Behavior-based spyware detection[A]. Proceedings of the 15th USENIX Security Sympo-sium[C]. Canada, 2006. 273-288. |
[9] | CHRISTODORESCU M , JHA S , SESHIA S A , et al. Semantics-aware malware detection[A]. Proc of the 2005 IEEE Symposium on Security and Privacy[C]. California, USA, 2005. 32-46. |
[10] | KINDER J , KATZENBEISSER S , SCHALLHART C , et al. Detecting malicious code by model checking[A]. Detection of Intrusions and Malware, and Vulnerability Assessment, 2005,3548: 174-187. |
SATHYANARAYAN V S , KOHLI P , BRUHADESHWAR B . Signa-ture generation and detection of malware families[A]. Proc of the 13th Austalasian Conf on Information Security and Privacy[C]. Wollon-gong, Australia, 2008. 336-349. | |
[12] | CHRISTODORESCU M , KINDER J , JHA S . Malware Nor-malization[R]. Technical Report 1539, Madison: University of Wis-consin, 2005. |
[13] | WILLEMS C , HOLZ T , FREILING F . Toward automated dynamic malware analysis using CWSandbox[J]. IEEE Security and Privacy, 2007,5(2): 32-39. |
[14] | BAYER U , KRUEGEL C , KIRDA E . TTANALYZE. A tool for ana-lyzing malware[A]. 15th European Institute for Computer Antivirus Research (EICAR 2006)[C]. Hamburg, Germany, 2006. 180-192. |
[15] | BELLARD F . QEMU, A fast and portable dynamic translator[A][A]. USENIX Annual Technical Conference, FREENIX Track[C]. Califor-nia, USA, 2005. 41-46. |
[16] | LI P , LIU L , GAO D , et al. On challenges in evaluating malware clustering[A]. Recent Advances in Intrusion Detection[C], Ottawa, Canada 2010. 238-255. |
[17] | YOO I . Visualizing windows executable viruses using self-organizing maps[A]. International Workshop on Visualization for Cyber Security (VizSec)[C]. Washington DC, USA, 2004. 82-89. |
[18] | QUIST D A , LIEBROCK L M . Visualizing compiled executables for malware analysis[A]. International Workshop on Visualization for Cyber Security (VizSec)[C]. Atlantic City, USA, 2009. 27-32. |
[19] | TRINIUS P , HOLZ T , GOBEL J , et al. Visual analysis of malware behavior using treemaps and thread graphs[A]. International Workshop on Visualization for Cyber Security (VizSec)[C]. Atlantic City, USA, 2009. 33-38. |
[20] | GOODALL J H , RANDWAN H , HALSETH L , et al. Visual analysis of code security[A]. International Workshop on Visualization for Cyber Security (VizSec)[C]. Ottawa, Canada, 2010. 46-51. |
[21] | CONTI G , BRATUS S , SANGSTER B , et al. Automated mapping of large binary objects using primitive fragment type classification[J]. Digital Forensics Research Conference (DFRWS) Ottawa, Canada, 2010,7 3-12. |
[22] | CONTI G , BRATUS S . Voyage of the reverser: a visual study of binary species[A]. Black Hat[C]. USA. 2010. |
[23] | KANCHERLA K , MUKKAMALA S . Image visualization based malware detection[A]. Computational Intelligence in Cyber Security (CICS)[C]. Singapore, 2013.40-44. |
[24] | HARALICK R M , SHANMUGAM K , DINSTEIN I H . Textural fea-tures for image classification[A]. IEEE Transactions on Systems, Man and Cybernetics, 1973, (6): 610-621. |
[25] | JOLLIFFE I . Principal Component Analysis[A]. USA: John Wiley&Sons, Ltd, 2005. |
[26] | PAOLO C , MARCO P , PAVEL Z . IM-tree: an efficient access method for similarity search in metric spaces[A]. Proceedings of the 23rd In-ternational Conference on Very Large Data Bases[C]. San Francisco, USA, 1997.426-435. |
[27] | INDYK P , MOTWANI R . Approximate nearest neighbors: towards removing the curse of dimensionality[A]. Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing[C] New York, USA, 1998. 604-613. |
[28] | GIONIS A , INDYK P , MOTWANI R . Similarity search in high di-mensions via hashing[A]. VLDB'99: Proceedings of the 25th Interna-tional Conference on Very Large Data Bases[C]. San Francisco, CA, USA, 1999.518-529. |
[29] | DATAR M , IMMORLICA N , INDYK P , et al. Locality-sensitive hashing scheme based on p-stable distributions[A]. SCG'04: Proceed-ings of the Twentieth Annual Symposium on Computational Geome-try[C]. New York, USA, 2004.253-262. |
[30] | HOJJATOLESLAMI S A , KITTLER J . Region growing: a new ap-proach[J]. IEEE Transactions on Image Processing, 1998, 7(7): 1079-1084. |
[1] | Shiqi ZHAO, Xiaohong HUANG, Zhigang ZHONG. Research and implementation of reputation-based inter-domain routing selection mechanism [J]. Journal on Communications, 2023, 44(6): 47-56. |
[2] | Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain [J]. Journal on Communications, 2023, 44(2): 122-135. |
[3] | Hongbin ZHANG, Yan YIN, Dongmei ZHAO, Bin LIU. Network security situational awareness model based on threat intelligence [J]. Journal on Communications, 2021, 42(6): 182-194. |
[4] | Tengfei ZHANG, Shunzheng YU. Research prospects of user information detection from encrypted traffic of mobile devices [J]. Journal on Communications, 2021, 42(2): 154-167. |
[5] | Xu CHENG, Yingying WANG, Nianjie ZHANG, Zhangjie FU, Beijing CHEN, Guoying ZHAO. Multi-level loss object tracking adversarial attack method based on spatial perception [J]. Journal on Communications, 2021, 42(11): 242-254. |
[6] | Tao HUANG, Jiang LIU, Shuo WANG, Chen ZHANG, Yunjie LIU. Survey of the future network technology and trend [J]. Journal on Communications, 2021, 42(1): 130-150. |
[7] | Zhiyong LUO,Xu YANG,Jiahui LIU,Rui XU. Network intrusion intention analysis model based on Bayesian attack graph [J]. Journal on Communications, 2020, 41(9): 160-169. |
[8] | Hanxun ZHOU,Chen CHEN,Runze FENG,Junkun XIONG,Hong PAN,Wei GUO. Mobile malware traffic detection approach based on value-derivative GRU [J]. Journal on Communications, 2020, 41(1): 102-113. |
[9] | JIANG Lyu,ZHANG Hengwei,WANG Jindong. Optimal strategy selection method for moving target defense based on signaling game [J]. Journal on Communications, 2019, 40(6): 128-137. |
[10] | Zhiyong LUO, Xu YANG, Guanglu SUN, Zhiqiang XIE, Jiahui LIU. Finite automaton intrusion tolerance system model based on Markov [J]. Journal on Communications, 2019, 40(10): 79-89. |
[11] | Shirui HUANG,Hengwei ZHANG,Jindong WANG,Ruiyu DOU. Network security threat warning method based on qualitative differential game [J]. Journal on Communications, 2018, 39(8): 29-36. |
[12] | Xiaodong ZANG,Jian GONG,Xiaoyan HU. Detecting malicious domain names based on AGD [J]. Journal on Communications, 2018, 39(7): 15-25. |
[13] | Le-yi SHI,Hui SUN,Yu-wen CUI,Hong-bin GUO,Jian-lan LI. Web plug-in paradigm for anti-DoS attack based on end hopping [J]. Journal on Communications, 2017, 38(Z1): 19-24. |
[14] | Tao WANG,Hong-chang CHEN,Guo-zhen CHENG. Research on software-defined network and the security defense technology [J]. Journal on Communications, 2017, 38(11): 133-160. |
[15] | Tao YIN,Shi-cong LI,Yu-peng TUO,Yong-zheng ZHANG. Modeling and countermeasures of a social network-based botnet with strong destroy-resistance [J]. Journal on Communications, 2017, 38(1): 97-105. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|