Rachit Mathur scite author profile

Rachit Mathur

3Publications

32Citation Statements Received

38Citation Statements Given

How they've been cited

How they cite others

Affiliations

University of Louisiana at Lafayette

Publications

Order By: Most citations

Normalizing Metamorphic Malware Using Term Rewriting

Walenstein

Mathur

Chouchane

et al. 2006

View full text Add to dashboard Cite

Metamorphic malware -including certain viruses and worms -rewrite their code during propagation. This paper presents a method for normalizing multiple variants of metamorphic programs that perform their transformations using finite sets of instruction-sequence substitutions. The paper shows that the problem of constructing a normalizer can, in specific contexts, be formalized as a term rewriting problem. A general method is proposed for constructing normalizers. It involves modeling the metamorphic program's transformations as rewrite rules, and then modifying these rules to create a normalizing rule set. Casting the problem in terms of term rewriting exposes key challenges for constructing effective normalizers. In cases where the challenges cannot be met, approximations are proposed. The normalizer construction method is applied in a case study involving the virus called "W32.Evol". The results demonstrate that both the overall approach and the approximation schemes may have practical use on realistic malware, and may thus have the potential to improve signature-based malware scanners.

show abstract

Constructing malware normalizers using term rewriting

et al. 2008

View full text Add to dashboard Cite

A malware mutation engine is able to transform a malicious program to create a different version of the program. Such mutation engines are used at distribution sites or in self-propagating malware in order to create variation in the distributed programs. Program normalization is a way to remove variety introduced by mutation engines, and can thus simplify the problem of detecting variant strains. This paper introduces the "normalizer construction problem" (NCP), and formalizes a restricted form of the problem called "NCP=", which assumes a model of the engine is already known in the form of a term rewriting system. It is shown that even this restricted version of the problem is undecidable. A procedure is provided that can, in certain cases, automatically solve NCP= from the model of the engine. This procedure is analyzed in conjunction with term rewriting theory to create a list of distinct classes of normalizer construction problems. These classes yield a list of possible attack vectors. Three strategies are defined for approximate solutions of NCP=, and an analysis is provided of the risks they entail. A case study using the W32.Evol virus suggests the approximations may be effective in practice for countering mutated malware.

show abstract

An Efficient Approach towards Crimes against Women using Time Series Algorithm

Motwani¹,

Purwar²,

Mathur³

et al. 2018

IJCA

View full text Add to dashboard Cite

One of the major issues in every nation these days is the rise in crime against women. Every day we come across various cases of abuse against women. Study of past crime data can help us in analysing crime patterns and important hidden relations between the crimes. So, crimes predicting model can be simulated which will study verified past crime records and predict future criminal activities. In recent past, there has been an increased interest in time series research. This has been used particularly for finding useful similar trends in multivariate time series in various applied fields such as environmental research, agriculture, sales and finance. This paper elaborates upon the use of time series algorithm in accurately predicting and extracting patterns that occur frequently within a dataset to obtain useful hidden information.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Rachit Mathur

Normalizing Metamorphic Malware Using Term Rewriting

Constructing malware normalizers using term rewriting

An Efficient Approach towards Crimes against Women using Time Series Algorithm

Contact Info

Product

Resources

About