Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Physical Sciences and Mathematics
Statistical Tools For Linking Engine-Generated Malware To Its Engine, Edna Chelangat Milgo
Statistical Tools For Linking Engine-Generated Malware To Its Engine, Edna Chelangat Milgo
Theses and Dissertations
Malware-generating engines challenge typical malware analysts by requiring them to quickly extract and upload to their customers' machines, a signature for each of a possi- bly vast number of never-before-seen malware instances that an engine can generate in a short amount of time In this thesis we propose and evaluate two methods for'linking va- riants of engine-generated malware to its engine. The proposed methods use the w-gram frequency vector (NFV) of the opcode mnemonics of an engine-generated malware in- stance as a feature vector for the instance. An NFV is a tuple that maps «-grams with their frequencies. The in-formation …