MCF: a malicious code filter
نویسندگان
چکیده
The goal of this research is to develop a method to detect malicious code (e.g. computer viruses, worms, Trojan horses, and time/logic bombs) and security-related vulnerabilities in system programs. The Malicious Code Filter (MCF) is a programmable static analysis tool developed for this purpose. It allows the examination of a program before installation, thereby avoiding damage a malicious program might inflict. This paper summarizes our work over the last few years that led us to develop MCF.
منابع مشابه
Head-First into the Sandbox
Sandbox and Proactive Signature Detection But sandboxing is resource-intensive. Code needs to fully execute in the sandbox before it can be analyzed, and exploring all code execution paths — possibly including additional modules that malicious code tries to download — takes time. Fortinet combines sandboxing with proactive signature detection to filter traffic before it hits the sandbox, since ...
متن کاملX-ray spectra calculation for different target-filter of mammograms using MCNP Code
ABSTRACTBackground: An electron beam generated X-ray spectrum consists of characteristic X-ray and continuous bermsstrahlung. The aim of this research is calculating and comparing X-ray spectra for different target filter of mammograms. Materials and Methods: Monte Carlo is a very powerful tool to simulate a series of different target-filter assembly in order to calculate the X-ray spectra. MC...
متن کاملOptimal Filtering of Malicious IP Sources
How can we protect the network infrastructure from malicious traffic, such as scanning, malicious code propagation, and distributed denial-of-service (DDoS) attacks? One mechanism for blocking malicious traffic is filtering: access control lists (ACLs) can selectively block traffic based on fields of the IP header. Filters (ACLs) are already available in the routers today but are a scarce resou...
متن کاملStatic Analysis of Executables to Detect Malicious Patterns
Malicious code detection is a crucial component of any defense mechanism. In this paper, we present a unique viewpoint on malicious code detection. We regard malicious code detection as an obfuscation-deobfuscation game between malicious code writers and researchers working on malicious code detection. Malicious code writers attempt to obfuscate the malicious code to subvert the malicious code ...
متن کاملStudy of Dataset Feature Filtering of OpCode for Malware Detection Using SVM Training Phase
Malware can be defined as any type of malicious code that has the potential to harm a computer or network. To detect unknown malware families, the frequency of the appearance of Opcode (Operation Code) sequences are used through dynamic analysis. Opcode n-gram analysis used to extract features from the inspected files. Opcode n-grams are used as features during the classification process with t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computers & Security
دوره 14 شماره
صفحات -
تاریخ انتشار 1995