Testing detection of k-ary code obfuscated by metamorphic and polymorphic techniques
GT Harter, NC Rowe - National Cyber Summit (NCS) Research Track …, 2022 - Springer
K-ary codes are a form of obfuscation used by malware in which the code is distributed
across K distinct files. Detecting them is difficult because recognizing the pieces that belong …
across K distinct files. Detecting them is difficult because recognizing the pieces that belong …
Identifying forensically uninteresting files in a large corpus
NC Rowe - EAI Endorsed Transactions on Security and Safety, 2016 - eudl.eu
For digital forensics, eliminating the uninteresting is often more critical than finding the
interesting. We discuss methods exploiting the metadata of a large corpus. Tests were done …
interesting. We discuss methods exploiting the metadata of a large corpus. Tests were done …
[PDF][PDF] Time sensitivity in cyberweapon reusability
CG Hall - 2017 - apps.dtic.mil
ABSTRACT A cyberweapon is weaponized software code that exploits flaws in software. It is
only effective if the flaw still exists at the time of weapon deployment. Because of this, there …
only effective if the flaw still exists at the time of weapon deployment. Because of this, there …
Analysis of Differences between Versions of Software Executables
N Rowe, B Allen - 2019 - dair.nps.edu
We studied differences between versions of software by comparing their executable files.
We used a large database (“corpus”) of around 2600 digital-forensic copies of secondary …
We used a large database (“corpus”) of around 2600 digital-forensic copies of secondary …
[PDF][PDF] FREQUENCY-BASED FEATURE EXTRACTION FOR MALWARE CLASSIFICATION
JP Erwert - 2018 - calhoun.nps.edu
Traditional signature-based malware detection is effective, but it can only identify known
malicious programs. This thesis attempts to use machine-learning techniques to successfully …
malicious programs. This thesis attempts to use machine-learning techniques to successfully …