Probabilistic Programming for Malware Analysis.

In this work, we formulate the lineage task as a probabilistic model, and use a novel probabilistic programming solution to jointly infer the lineage and creation times of families of malware. ... Constructing lineages of malware is an important cyber-defense task. Performing this task is difficult, however, due to the amount of malware data and obfuscation techniques by the authors. ... We formulate the problem as a generative probabilistic model and develop a probabilistic programming (PP) algorithm to learn and infer the temporal and structural organization of a family's lineage. ...

arXiv:1603.08379v1 fatcat:gaz4gqg4vvgrhcdf2mcz7c447e

malware binaries. ... This paper describes our approach and provides an evaluation of its accuracy and performance, demonstrating that it can detect at least 14 high-level malware capabilities in unpacked malware binaries with ... ACKNOWLEDGEMENTS We would like to thank the anonymous reviewers for their very helpful comments. ...

arXiv:1605.08642v1 fatcat:d4a6rrycu5ehfjys4bzlzrgwim

A strategy of self-confidence for information collection, fraud, or access to the system, is different from a traditional "con" that it is often one of the more complex fraudulent schemes. ... That is why in this paper we proposed theoretical framework, which can not only demonstrate its potential for the risk assessment, but it can be sensitive and effective in analyzing a critical and uncertain ... But any kind of statistical approach for quantitative analysis is also very important things. ...

doi:10.37134/jcit.vol9.2.2019 fatcat:7y7jr72tljaihcd2ru3ceugqza

Szczepanski

Our experiments show that our technique is 84 times faster than X-Force, has 6.5X and 10% fewer false positives and negatives for program dependence detection, respectively, and can expose 98% more malicious ... Without losing analysis precision, it avoids tracking individual instructions and on-demand allocation. Under our scheme, a forced execution is very similar to a native one. ... We compare the malware analysis result of PMP with that of Cuckoo [2] (a well-known sandbox for automatic malware analysis), Padawan [8] (an academic multi-architecture ELF malware analysis platform) ...

doi:10.1109/sp40000.2020.00035 dblp:conf/sp/You0KAPSHZ20 fatcat:eaxxgnjwtree3nn3r42qtn57tu

Malware detection is a milestone in the field of computer security. For detecting malware many methods have been evolved. ... Malware, is any kind of program or file which would adversely affect the computer users in a harmful way. ... [2] illustrated a probabilistic discriminative model. Here uses a logistic regression technique for the identification of malware in android applications. ...

doi:10.35940/ijisme.f1218.046620 fatcat:fut3da7njbepxlcpogkonlz6ye

This decision method may yield a fast technique to aid malware detection. ... The framework is used to define a method for finding telltale signs of the use of closed-world, instruction-substituting transformers within the frequencies of instruction forms found in a program. ... For example, a semantics-based approach such as that of Christodorescu et. al [6] involves heavyweight program analysis. ...

doi:10.1109/malware.2008.4690861 dblp:conf/malware/ChouchaneWL08 fatcat:wqfrzy4qonhpdo2ztasxyeygka

The method is defined for the prominent class of metamorphic engines that work by probabilistically selecting instruction-substituting program transformations. ... Introducing program variations via metamorphic transformations is one of the methods used by malware authors in order to help their programs slip past defenses. ... Acknowledgements Thanks to Rachit Mathur for extracting the transformations and probabilistic methods of W32.Evol. Funding for this work was provided in part by the Louisiana IT Initiative. ...

doi:10.1145/1314389.1314397 fatcat:yyaq64hpgrevjbrknnmdxn7qzm

Our technique, based on graph mining and concept analysis, scales to large classes of programs due to probabilistic sampling of the specification space. ... In this paper, we present an automatic technique for extracting optimally discriminative specifications, which uniquely identify a class of programs. ... Rao, Angelos Stavrou, Hao Wang, and the anonymous reviewers for their helpful comments. ...

doi:10.1109/sp.2010.11 dblp:conf/sp/FredriksonJCSY10 fatcat:zqyonjbwlbf4lgj7wl5suoxxsq

In this way, a criterion is introduced that is used together with accuracy and FPR criteria for malware analysis in IoT environment. ... In this paper, three malware detection methods based on visualization techniques called the clustering approach, the probabilistic approach, and the deep learning approach are proposed. ... Malware analysis Static analysis is the most basic and widely used method for determining the functionality of a system. ...

arXiv:2204.01690v1 fatcat:ckmmsmyflrco3isisk3gghfvy4

A Malware, short for malicious software, means a variety of forms of hostile, intrusive, or annoying software or program code. ... Static analysis then identifies characteristics, building signatures for control flow graphs in each procedure. ... Approximate matching of program structure has shown to be expensive in runtime costs. ...

doi:10.1016/j.ins.2011.08.020 fatcat:74jfmvfgcres7gc7ggfxvdkfi4

This paper investigates the evaluation and detection of malware through the data mining based technique .The research paper based on Naïve Bayes method, classifier and analysis of the result value by analysis ... A mobile phones, smartphones are essential for daily life but the smartphones based on different operating systems like Symbian, Android mobile devices may be infected malwares because of different applications ... ACKNOWLEDGEMENT We are thankful from JSPM'S BSIOTR and COMPUTER DEPARTMENT for their supports throughout the project stage. ...

doi:10.5120/21683-4783 fatcat:w2cj5phtrnhl7bsicbvf6mr7sq

In this paper proposed novel methods for the detection and classification of malware data in android based smart devices. ... The detection and classification of malware data in android based smart device is very serious challenge due to selfpropagation nature of malware. ... EXPERIMENTAL RESULT For the assessment of proposed model utilized java advancement programming, java include, java apparatuses and android improvement unit for the preparing of malware characterization ...

doi:10.22214/ijraset.2017.8294 fatcat:xlb4g5swjnhe5nnheiznklrmu4

Open Access

Each paper was reviewed by at least three members of the program committee. Finally, 28 papers were selected for presentation at the conference, giving an acceptance rate of 25%. ... In the paper "CASSANDRA: A Probabilistic, Efficient, and Privacy Preserving Solution to Compute Set Intersection," Marconi et al. propose a toolbox composed of three probabilistic protocols that allow ... Each paper was reviewed by at least three members of the program committee. Finally, 28 papers were selected for presentation at the conference, giving an acceptance rate of 25%. ...

doi:10.1007/s10207-011-0131-8 fatcat:bgjik2tlnrghppxzjyhzffoa7i

This work presents a new approach for deobfuscating Android APKs based on probabilistic learning of large code bases (termed "Big Code"). ... elements of Android malware. ... Probabilistic models for programs. A recent surge in the number of open-source repositories has triggered several authors to create large-scale probabilistic models for code. ...

doi:10.1145/2976749.2978422 dblp:conf/ccs/BichselRTV16 fatcat:nbbsd63emragroezpcmx6gjpuu

This paper introduces the "engine signature" approach to assist in detecting metamorphic malware by tracking it to its engine. ... More specifically, it presents and evaluates a code scoring technique for collecting forensic evidence from x86 code segments in order to get some measure of how likely they are to have been generated ... The authors thank Rachit Mathur for extracting the samples and rule set W32.Evol. ...

doi:10.1145/1179542.1179558 dblp:conf/worm/ChouchaneL06 fatcat:xpct7c3tgzhkraqxdb437o3g3u

Probabilistic Programming for Malware Analysis [article]

Preserved Fulltext

CrowdSource: Automated Inference of High Level Malware Functionality from Low-Level Symbols Using a Crowd Trained Machine Learning Model [article]

Preserved Fulltext

Viewpoint of Probabilistic Risk Assessment in Artificial Enabled Social Engineering Attacks

Preserved Fulltext

PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning

Preserved Fulltext

Malware Detection using Deep Learning Methods

Preserved Fulltext

Using Markov chains to filter machine-morphed variants of malicious programs

Preserved Fulltext

Statistical signatures for fast filtering of instruction-substituting metamorphic malware

Preserved Fulltext

Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors

Preserved Fulltext

Deep Image: A precious image based deep learning method for online malware detection in IoT Environment [article]

Preserved Fulltext

Opcode sequences as representation of executables for data-mining-based unknown malware detection

Preserved Fulltext

Android App Categorization using Naïve Bayes Classifier

Preserved Fulltext

Detection and Classification of Malware Data in Android Based Smart Device

Preserved Fulltext

Message from the Guest Editors

Preserved Fulltext

Statistical Deobfuscation of Android Applications

Preserved Fulltext

Using engine signature to detect metamorphic malware

Preserved Fulltext