Weiqin Ma scite author profile

Weiqin Ma

3Publications

34Citation Statements Received

61Citation Statements Given

How they've been cited

How they cite others

Affiliations

Texas A&M University

Publications

Order By: Most citations

Shadow attacks: automatically evading system-call-behavior based malware detection

Duan

Liu

et al. 2011

J Comput Virol

View full text Add to dashboard Cite

Abstract. Contemporary malware makes extensive use of different techniques such as packing, code obfuscation, polymorphism, and metamorphism, to evade signature-based detection. Traditional signature-based detection technique is hard to catch up with latest malware or unknown malware. Behavior-based detection models are being investigated as a new methodology to defeat malware. This kind of approaches typically relies on system call sequences/graphs to model a malicious specification/pattern. In this paper, we present a new class of attacks, namely "shadow attacks", to evade current behaviorbased malware detectors by partitioning one piece of malware into multiple "shadow processes". None of the shadow processes contains a recognizable malicious behavior specification known to single-process-based malware detectors, yet those shadow processes as an ensemble can still fulfill the original malicious functionality. To demonstrate the feasibility of this attack, we have developed a compiler-level prototype tool, AutoShadow, to automatically generate shadow-process version of malware given the source code of original malware. Our preliminary result has demonstrated the effectiveness of shadow attacks in evading several behavior-based malware analysis/detection solutions in real world. With the increasing adoption of multi-core computers and multi-process programs, malware writers may exploit more such shadow attacks in the future. We hope our preliminary study can foster more discussion and research to improve current generation of behavior-based malware detectors to address this great potential threat before it becomes a security problem of the epidemic proportions.

show abstract

Rapid prototyping and compact testing of CPU emulators

Forin

Liu

2010

View full text Add to dashboard Cite

Optimal Investment Problem with Multiple Risky Assets under the Constant Elasticity of Variance (CEV) Model

Zhao¹,

Rong²,

Ma³

et al. 2012

View full text Add to dashboard Cite

This paper studies the optimal investment problem for utility maximization with multiple risky assets under the constant elasticity of variance (CEV) model. By applying stochastic optimal control approach and variable change technique, we derive explicit optimal strategy for an investor with logarithmic utility function. Finally, we analyze the properties of the optimal strategy and present a numerical example.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Weiqin Ma

Shadow attacks: automatically evading system-call-behavior based malware detection

Rapid prototyping and compact testing of CPU emulators

Optimal Investment Problem with Multiple Risky Assets under the Constant Elasticity of Variance (CEV) Model

Contact Info

Product

Resources

About