Babble: Identifying malware by its dialects

Aziz Mohaisen, Omar Alrawi, Andrew G. West, Allison Mankin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Using runtime execution artifacts to identify whether code is malware, and to which malware family it belongs, is an established technique in the security domain. Traditionally, literature has relied on explicit features derived from network, file system, or registry interaction [1]. While effective, the collection and analysis of these fine-granularity data points makes the technique quite computationally expensive. Moreover, the signatures/heuristics this analysis produces are often easily circumvented by subsequent malware authors.

Original languageEnglish
Title of host publication2013 IEEE Conference on Communications and Network Security, CNS 2013
PublisherIEEE Computer Society
Pages407-408
Number of pages2
ISBN (Print)9781479908950
DOIs
Publication statusPublished - 1 Jan 2013
Event1st IEEE International Conference on Communications and Network Security, CNS 2013 - Washington, DC, United States
Duration: 14 Oct 201316 Oct 2013

Publication series

Name2013 IEEE Conference on Communications and Network Security, CNS 2013

Other

Other1st IEEE International Conference on Communications and Network Security, CNS 2013
CountryUnited States
CityWashington, DC
Period14/10/1316/10/13

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Babble: Identifying malware by its dialects'. Together they form a unique fingerprint.

  • Cite this

    Mohaisen, A., Alrawi, O., West, A. G., & Mankin, A. (2013). Babble: Identifying malware by its dialects. In 2013 IEEE Conference on Communications and Network Security, CNS 2013 (pp. 407-408). [6682751] (2013 IEEE Conference on Communications and Network Security, CNS 2013). IEEE Computer Society. https://doi.org/10.1109/CNS.2013.6682751