2012
DOI: 10.1007/s11416-012-0160-5
|View full text |Cite
|
Sign up to set email alerts
|

Opcode graph similarity and metamorphic detection

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

2
112
0
1

Year Published

2014
2014
2021
2021

Publication Types

Select...
5
3
1

Relationship

2
7

Authors

Journals

citations
Cited by 143 publications
(117 citation statements)
references
References 9 publications
2
112
0
1
Order By: Relevance
“…We use two different aspects of the instructions, the first one is instruction opcode and the second one is instruction category. Instruction opcode is one of the features previously used for static malware detection [52,54,10,67]. However, it is not common to use the opcodes for dynamic detection of malware.…”
Section: Features Related To Instructionsmentioning
confidence: 99%
See 1 more Smart Citation
“…We use two different aspects of the instructions, the first one is instruction opcode and the second one is instruction category. Instruction opcode is one of the features previously used for static malware detection [52,54,10,67]. However, it is not common to use the opcodes for dynamic detection of malware.…”
Section: Features Related To Instructionsmentioning
confidence: 99%
“…Santos et al and Yan et al evaluate opcode sequence signatures [54,67], while in particular, opcode sequence signatures were found to effectively classify metamorphic malware. Runwal et al [52] study opcode sequence similarity graphs. These techniques obtain this information from running programs and malware inside heavyweight profiling tools such as Pin [15].…”
Section: Related Workmentioning
confidence: 99%
“…Others use sequence signatures of the opcodes [28,34]. Runwal et al use similarity graphs of opcode sequences [27]. However, these works used offline analysis.…”
Section: Related Workmentioning
confidence: 99%
“…G2 viruses are one of several well-known metamorphic families. The benign files we use to compare against the G2 viruses are 16 specific Cygwin utility files [11] chosen for their representation as non-virus files in previous papers such as [3,21,30]. The exact files included in the benign data set are shown in Table 3.…”
Section: Test Data 411 Second Generation Virus Generatormentioning
confidence: 99%