TY - JOUR AU - Okane, P. AU - Sakir, S. AU - McLaughlin, K. AU - Im, E. G. PY - 2014 DA - 2014// TI - Malware detection: program run length against detection rate JO - IET Softw VL - 8 UR - https://doi.org/10.1049/iet-sen.2013.0020 DO - 10.1049/iet-sen.2013.0020 ID - Okane2014 ER - TY - JOUR AU - O’Kane, P. AU - Sezer, S. AU - McLaughlin, K. PY - 2011 DA - 2011// TI - Obfuscation: the hidden malware JO - IEEE Secur Privacy VL - 9 UR - https://doi.org/10.1109/MSP.2011.98 DO - 10.1109/MSP.2011.98 ID - O’Kane2011 ER - TY - JOUR AU - Eskandari, M. AU - Hashemi, S. PY - 2012 DA - 2012// TI - A graph mining approach for detecting unknown malwares JO - J Vis Lang Comput VL - 23 UR - https://doi.org/10.1016/j.jvlc.2012.02.002 DO - 10.1016/j.jvlc.2012.02.002 ID - Eskandari2012 ER - TY - STD TI - Sung A, Xu J, Chavez P, Mukkamala S, et al (2004) Static analyzer of vicious executables (save). In: Proceedings of the 20th annual computer security applications conference, 2004 ID - ref4 ER - TY - STD TI - Tian R, Batten L, Islam R, et al (2009) An automated classification system based on the strings of trojan and virus families. In: Proceedings of the 4rd international conference on malicious and unwanted software: MALWARE, 2009, pp 23–30 ID - ref5 ER - TY - STD TI - Sami A, Yadegari B, Rahimi H, et al (2010) Malware detection based on mining API calls. In: Proceedings of the 2010 ACM symposium on applied computing, 2010, pp 1020–1025 ID - ref6 ER - TY - JOUR AU - Lakhotia, A. AU - Kumar, E. U. AU - Venable, M. PY - 2005 DA - 2005// TI - A method for detecting obfuscated calls in malicious binaries JO - IEEE Trans Softw Eng VL - 31 UR - https://doi.org/10.1109/TSE.2005.120 DO - 10.1109/TSE.2005.120 ID - Lakhotia2005 ER - TY - JOUR AU - Bilar, D. PY - 2007 DA - 2007// TI - Opcodes as predictor for malware JO - Int J Electron Secur Digit Forensics VL - 1 UR - https://doi.org/10.1504/IJESDF.2007.016865 DO - 10.1504/IJESDF.2007.016865 ID - Bilar2007 ER - TY - STD TI - Bilar D (2007) Callgraph properties of executables and generative mechanisms. AI Communications, special issue on Network Analysis in Natural Sciences and Engineering 20(4): 231–243 ID - ref9 ER - TY - STD TI - Agrawal H (2011) Detection of global metamorphic malware variants using control and data flow analysis. WIPO Patent No. 2011119940, 30 September 2011 ID - ref10 ER - TY - STD TI - I Santos, YK Penya, J Devesa, PG Garcia (2009) N-grams-based file signatures for malware detection. S3Lab, Deusto Technological Foundation ID - ref11 ER - TY - STD TI - Santos I, Brezo F, Nieves J, Penya YK, Sanz B, Laorden C, Bringas PG (2010) Opcode-sequence-based malware detection. In: Proceedings of the 2nd international symposium on engineering secure software and systems (ESSoS), Pisa (Italy), 3–4th February 2010, LNCS 5965, pp 35–43 ID - ref12 ER - TY - JOUR AU - Santos, I. AU - Brezo, F. AU - Ugarte-Pedrero, X. AU - Bringas, P. G. PY - 2013 DA - 2013// TI - Opcode sequences as representation of executables for data-mining-based unknown malware detection JO - Inf Sci VL - 231 UR - https://doi.org/10.1016/j.ins.2011.08.020 DO - 10.1016/j.ins.2011.08.020 ID - Santos2013 ER - TY - STD TI - Anderson B, Storlie C, Lane T (2012, October) Improving malware classification: bridging the static/dynamic gap. In: Proceedings of the 5th ACM workshop on Security and artificial intelligence, pp 3–14. ACM ID - ref14 ER - TY - JOUR AU - Shabtai, A. AU - Moskovitch, R. AU - Feher, C. AU - Dolev, S. AU - Elovici, Y. PY - 2012 DA - 2012// TI - Detecting unknown malicious code by applying classification techniques on opcode patterns JO - Secur Inf VL - 1 UR - https://doi.org/10.1186/2190-8532-1-1 DO - 10.1186/2190-8532-1-1 ID - Shabtai2012 ER - TY - STD TI - Moskovitch R, Feher C, Tzachar N, Berger E, Gitelman M, Dolev S, Elovici Y (2008) Unknown malcode detection using opcode representation. In: Proceedings of the 1st European conference on intelligence and security informatics (EuroISI08), 2008, pp 204–215 ID - ref16 ER - TY - STD TI - Song Y, Locasto M, Stavro A (2007) On the infeasibility of modeling polymorphic shellcode. In: ACM CCS, 2007, pp 541–551 ID - ref17 ER - TY - BOOK AU - Eilam, E. PY - 2011 DA - 2011// TI - Reversing: secrets of reverse engineering PB - Wiley CY - New York ID - Eilam2011 ER - TY - STD TI - Ferrie P (2011) The ultimate anti debugge reference. http://pferrie.host22.com/papers/antidebug.pdf. Written May 2011, last accessed 11 October 2012 UR - http://pferrie.host22.com/papers/antidebug.pdf ID - ref19 ER - TY - STD TI - Chen X, Andersen J, Mao ZM, Bailey M, Nazario J (2008) Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. In: ICDSN proceedings, 2008, pp 177–186 ID - ref20 ER - TY - STD TI - Heaven VX (2013) Malware collection. http://vxheaven.org/vl.php. Last accessed Oct 2013 UR - http://vxheaven.org/vl.php ID - ref21 ER - TY - JOUR AU - O’Kane, P. AU - Sezer, S. AU - McLaughlin, K. AU - Im, E. G. PY - 2013 DA - 2013// TI - SVM training phase reduction using dataset feature filtering for malware detection JO - IEEE Trans Inf Forensics Secur VL - 8 UR - https://doi.org/10.1109/TIFS.2013.2242890 DO - 10.1109/TIFS.2013.2242890 ID - O’Kane2013 ER - TY - BOOK AU - Kantardzic, M. PY - 2011 DA - 2011// TI - Data mining: concepts, models, methods, and algorithms PB - Wiley CY - London UR - https://doi.org/10.1002/9781118029145 DO - 10.1002/9781118029145 ID - Kantardzic2011 ER - TY - JOUR AU - Herbrich, R. AU - Graepel, T. PY - 2002 DA - 2002// TI - A PAC-Bayesian margin bound for linear classifiers JO - IEEE Trans Inf Theory VL - 48 UR - https://doi.org/10.1109/TIT.2002.805090 DO - 10.1109/TIT.2002.805090 ID - Herbrich2002 ER - TY - BOOK AU - Graf, A. B. A. AU - Borer, S. PY - 2001 DA - 2001// TI - Normalization in support vector machines PB - Springer CY - Berlin, Heidelberg ID - Graf2001 ER - TY - JOUR AU - Parke, J. AU - Holford, N. H. G. AU - Charles, B. G. PY - 1999 DA - 1999// TI - A procedure for generating bootstrap samples for the validation of nonlinear mixed-effects population models JO - Comput Methods Programs Biomed VL - 59 UR - https://doi.org/10.1016/S0169-2607(98)00098-4 DO - 10.1016/S0169-2607(98)00098-4 ID - Parke1999 ER - TY - STD TI - Curtsinger C, Livshits B, Zorn B, Seifert C (2011) Zozzle: low-overhead mostly static javascript malware detection. In: Proceedings of the usenix security symposium, Aug 2011 ID - ref27 ER - TY - STD TI - Dahl G, Stokes JW, Deng L, Yu D (2013) Large-scale malware classification using random projections and neural networks. Poster (MLSP-P5.4), May ICASSP 2013, Vancouver Canada, IEEE Signal Processing Society, 2013 ID - ref28 ER - TY - STD TI - Ye Y, Wang D, Li T, Ye D (2007) IMDS: intelligent malware detection system. In: Proceedings of the 13th ACM SIGKDD international conference on knowledge discovery and data mining. ACM, 2007 ID - ref29 ER -