Auto-Sign: an automatic signature generator for high-speed malware filtering devices

Abstract: This research proposes a novel automatic method (termed Auto-Sign) for extracting unique signatures of malware executables to be used by high-speed malware filtering devices based on deep-packet inspection and operating in real-time. Contrary to extant string and tokenbased signature generation methods, we implemented Auto-Sign an automatic signature generation method that can be used on large-size malware by disregarding signature candidates which appear in benign executables. Results from experimental evalua… Show more

“…Most real world malware are large, containing many modules and sub-modules, and so a statistical analysis would not be sufficient to accurately classify them. Auto-Sign [25] generates a list of signatures for a malware by splitting its executable to segments of equal sizes. For each segment a signature is generated, and the list of signatures is subsequently ranked.…”

DeepSign: Deep learning for automatic malware signature generation and classification

“…Most real world malware are large, containing many modules and sub-modules, and so a statistical analysis would not be sufficient to accurately classify them. Auto-Sign [25] generates a list of signatures for a malware by splitting its executable to segments of equal sizes. For each segment a signature is generated, and the list of signatures is subsequently ranked.…”

DeepSign: Deep learning for automatic malware signature generation and classification

Design of Malicious Code Detection System Based on Convolutional Neural Network

Hybrid intrusion detection and signature generation using Deep Recurrent Neural Networks