Auto-Sign: an automatic signature generator for high-speed malware filtering devices |
| |
Authors: | Gil Tahan Chanan Glezer Yuval Elovici Lior Rokach |
| |
Affiliation: | (1) Department of Computer Science, The University of Texas at Dallas, 2700 Waterview Pkwy, #5116, Richardson, TX 75080, USA;(2) Department of Computer Science, The University of Texas at Dallas, Box 830688, EC 31, Richardson, TX 75083-0688, USA |
| |
Abstract: | This research proposes a novel automatic method (termed Auto-Sign) for extracting unique signatures of malware executables
to be used by high-speed malware filtering devices based on deep-packet inspection and operating in real-time. Contrary to
extant string and token-based signature generation methods, we implemented Auto-Sign an automatic signature generation method that can be used on large-size malware by disregarding signature candidates which
appear in benign executables. Results from experimental evaluation of the proposed method suggest that picking a collection
of executables which closely represents commonly used code, plays a key role in achieving highly specific signatures which
yield low false positives. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|