Pei Dai Xie scite author profile

Pei Dai Xie

3Publications

8Citation Statements Received

20Citation Statements Given

How they've been cited

How they cite others

Affiliations

National University of Defense Technology

Publications

Order By: Most citations

Having an Insight into Malware Phylogeny: Building Persistent Phylogeny Tree of Families

Liu

Xie

Liu

et al. 2018

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Malware phylogeny refers to inferring evolutionary relationships between instances of families. It has gained a lot of attention over the past several years, due to its efficiency in accelerating reverse engineering of new variants within families. Previous researches mainly focused on tree-based models. However, those approaches merely demonstrate lineage of families using dendrograms or directed trees with rough evolution information. In this paper, we propose a novel malware phylogeny construction method taking advantage of persistent phylogeny tree model, whose nodes correspond to input instances and edges represent the gain or lost of functional characters. It can not only depict directed ancestor-descendant relationships between malware instances, but also show concrete function inheritance and variation between ancestor and descendant, which is significant in variants defense. We evaluate our algorithm on three malware families and one benign family whose ground truth are known, and compare with competing algorithms. Experiments demonstrate that our method achieves a higher mean accuracy of 61.4%.

show abstract

Inferring Phylogenetic Network of Malware Families Based on Splits Graph

Liu

Wang

Xie

et al. 2017

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYMalware phylogeny refers to inferring the evolutionary relationships among instances of a family. It plays an important role in malware forensics. Previous works mainly focused on tree-based model. However, trees cannot represent reticulate events, such as inheriting code fragments from different parents, which are common in variants generation. Therefore, phylogenetic networks as a more accurate and general model have been put forward. In this paper, we propose a novel malware phylogenetic network construction method based on splits graph, taking advantage of the one-to-one correspondence between reticulate events and netted components in splits graph. We evaluate our algorithm on three malware families and two benign families whose ground truth are known and compare with competing algorithms. Experiments demonstrate that our method achieves a higher mean accuracy of 64.8%.

show abstract

Unpacking Techniques and Tools in Malware Analysis

Xie

Wang

et al. 2012

AMM

View full text Add to dashboard Cite

Nowadays most of malware samples are packed with runtime packers to complicate the task of reverse engineering and security analysis in order to evade detection of signature-based anti-virus engines. In the overall process of malware analysis, unpacking a packed malicious binary effectively is a necessary preliminary to extract the structure features from the binary for generation of its signature, and therefore several unpacking techniques have been proposed so far that attempt to deal with the packer problem. This brief survey article provides an overview of the currently published prevalent unpacking techniques and tools. It covers the operation process of packing and unpacking, packer detection methods, heuristic policies for spotting original entry point (OEP), environments for runtime unpacking, anti-unpacking techniques, and introduces several typical tools for unpacking.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Pei Dai Xie

Having an Insight into Malware Phylogeny: Building Persistent Phylogeny Tree of Families

Inferring Phylogenetic Network of Malware Families Based on Splits Graph

Unpacking Techniques and Tools in Malware Analysis

Contact Info

Product

Resources

About