2012
DOI: 10.1007/s11416-012-0169-9
|View full text |Cite
|
Sign up to set email alerts
|

ECFGM: enriched control flow graph miner for unknown vicious infected code detection

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
6
0

Year Published

2012
2012
2020
2020

Publication Types

Select...
4
3

Relationship

1
6

Authors

Journals

citations
Cited by 11 publications
(7 citation statements)
references
References 22 publications
0
6
0
Order By: Relevance
“…We start with file classification techniques including static and dynamic analysis. In static analysis, students learn three major classes of features including: Binary N-grams [45][46][47][48], Control Flow Graphs (CFGs) [49][50][51] and Static features/Disassembling [52,53]. Although static analysis techniques are efficient, most recent malware are sophisticated and has polymorphic nature, which hinder the effectiveness of static analysis.…”
Section: Module 4: Ai Assisted Malware Detectionmentioning
confidence: 99%
“…We start with file classification techniques including static and dynamic analysis. In static analysis, students learn three major classes of features including: Binary N-grams [45][46][47][48], Control Flow Graphs (CFGs) [49][50][51] and Static features/Disassembling [52,53]. Although static analysis techniques are efficient, most recent malware are sophisticated and has polymorphic nature, which hinder the effectiveness of static analysis.…”
Section: Module 4: Ai Assisted Malware Detectionmentioning
confidence: 99%
“…The method presented in [11,12] uses CFG for visualizing the control structure and representing the semantic aspects of a Annotated Control Flow Graph for Metamorphic Malware Detection 3 program. They extended the CFG with the extracted API calls to have more information about the executable program.…”
Section: Related Workmentioning
confidence: 99%
“…The CFG of a program represents all the paths that can be taken during the program execution. Current techniques [11][12][13][14][15][16][17][18][19][20] that use CFG for malware detection are compute intensive (others have poor detection rate) and cannot handle malware with smaller CFGs.…”
Section: Introductionmentioning
confidence: 99%
“…Another approach that uses CFGs to recognise viral code, which is infected a sane programme, is introduced in . This approach modifies the CFG model in order to make an enriched CFG.…”
Section: Related Workmentioning
confidence: 99%