| Publisher | University of Wisconsin | ||
|---|---|---|---|
| Format | 312.0KB PDF | Date added | 22 Aug 2005 |
| Topics | Spyware, Anti-Virus, Network Security | ||
| Downloads | 114 | ||
Malware is code designed for a malicious purpose, such as obtaining root privilege on a host. A malware detector identifies malware and thus prevents it from adversely affecting a host. In order to evade detection by malware detectors, malware writers use various obfuscation techniques to transform their malware. There is strong evidence that commercial malware detectors are susceptible to these evasion tactics. This paper describes the design and implementation of a malware normalizer that undoes the obfuscations performed by a malware writer. The experimental evaluation demonstrates that a malware normalizer can drastically improve detection rates of commercial malware detectors. Moreover, a malware normalizer can also ease the task of forensic analysis of malware.
Did you find this white paper useful?
25 out of 50 users found this white paper useful
Related white papers
MessageLabs Intelligence : 2009 security Predictions
Having analyzed the global threat landscape for almost a decade, MessageLabs Team Skeptic™ is comprised of many world-renowned malware and spam experts who have a global view of threats across...
Enabling business growth with expert security solutions. Protecting your systems and your data
Hackers, viruses, worms, spams, spy ware and inside attacks can stop organisations growing. This white paper deals with these vunerabilities and how to achieve cost effective soultions.
Want Some Worms With That Spam and Spyware Computer Sandwich?
Most Internet users know about the nasty Spyware, and the ever-annoying Spam. It has seemingly become a mainstay in everyday net travels. Although Spam is really not a major problem,...
Malware and Spyware: Are They the Same Thing?
Everyone has heard of Spyware, it is that nasty program that gets into the machine and causes havoc. It redirects one when one is not expecting it, it messes with...
TechNet Webcast: Introduction to Windows Defender (Level 300)
This webcast describes the new features available in the Windows Defender program and shows how it can help protect from spyware. The webcast covers the common tasks and tools, including...
Editorial Preface: Special Issue on Intrusion and Malware Detection
Welcome to the special issue of Intrusion and Malware detection. Detection of Intrusions and Malware remains a serious problem in the realm of computer and communications security. These include viruses,...
Security Threat Report: July 2009 update
2009 has proven malware attacks are continuing to broaden. While the number of web-based attacks outweighs the attacks through email, financially-motivated cybercriminals are turning their attention to Web 2.0 and...
