Automatic analysis of malware behavior using machine learning
Malicious software–so called malware–poses a major threat to the security of computer
systems. The amount and diversity of its variants render classic security defenses ineffective …
systems. The amount and diversity of its variants render classic security defenses ineffective …
System and methods for detecting intrusions in a computer system by monitoring operating system registry accesses
A method for detecting intrusions in the operation of a computer system is disclosed which
comprises gathering features from records of normal processes that access the files system …
comprises gathering features from records of normal processes that access the files system …
[PDF][PDF] Vulnerability extrapolation: Assisted discovery of vulnerabilities using machine learning
F Yamaguchi, K Rieck - 5th USENIX workshop on offensive …, 2011 - usenix.org
Rigorous identification of vulnerabilities in program code is a key to implementing and
operating secure systems. Unfortunately, only some types of vulnerabilities can be detected …
operating secure systems. Unfortunately, only some types of vulnerabilities can be detected …
{JACKSTRAWS}: Picking Command and Control Connections from Bot Traffic
A distinguishing characteristic of bots is their ability to establish a command and control
(C&C) channel. The typical approach to build detection models for C&C traffic and to identify …
(C&C) channel. The typical approach to build detection models for C&C traffic and to identify …
Deriving common malware behavior through graph clustering
Detection of malicious software (malware) continues to be a problem as hackers devise new
ways to evade available methods. The proliferation of malware and malware variants …
ways to evade available methods. The proliferation of malware and malware variants …
Commercial antivirus software effectiveness: an empirical study
O Sukwong, H Kim, J Hoe - Computer, 2011 - computer.org
Commercial Antivirus Software Effectiveness: An Empirical Study Toggle navigation IEEE
Computer Society Digital Library Jobs Tech News Resource Center Press Room Advertising …
Computer Society Digital Library Jobs Tech News Resource Center Press Room Advertising …
Collabra: a xen hypervisor based collaborative intrusion detection system
S Bharadwaja, W Sun, M Niamat… - 2011 Eighth …, 2011 - ieeexplore.ieee.org
In this paper, we introduce Collabra, a distributed intrusion detection platform based on Xen
hyper visors to maintain the security of the cloud based on virtualized network. While the …
hyper visors to maintain the security of the cloud based on virtualized network. While the …
Methods, media and systems for detecting anomalous program executions
Methods, media, and systems for detecting anomalous pro gram executions are provided. In
some embodiments, meth ods for detecting anomalous program executions are pro vided …
some embodiments, meth ods for detecting anomalous program executions are pro vided …
Detection of malicious programs
JC Mitchell, EA Stinson - US Patent 7,870,610, 2011 - Google Patents
Various approaches for detecting unauthorized actions on a computing platform are
disclosed. In one approach, a memory region is designated as tainted if data is received …
disclosed. In one approach, a memory region is designated as tainted if data is received …
Insider threat detection using stream mining and graph mining
P Parveen, J Evans, B Thuraisingham… - 2011 IEEE Third …, 2011 - ieeexplore.ieee.org
Evidence of malicious insider activity is often buried within large data streams, such as
system logs accumulated over months or years. Ensemble-based stream mining leverages …
system logs accumulated over months or years. Ensemble-based stream mining leverages …