Malware stands for malicious software. It is software that is designed with a harmful intent. A malware detector is a system that attempts to identify malware using Application Programming Interface (API) call graph technique and/or other techniques. API call graph techniques follow two main steps, namely, transformation of malware samples into an API call graph using API call graph constructio...

Malware stands for malicious software. It is software that is designed with a harmful intent. A malware detector is a system that attempts to identify malware using Application Programming Interface (API) call graph technique and/or other techniques. Matching the API call graph using graph matching algorithm have NP-complete problem and is slow because of computational complexity .In this study...

Malware variants could be defined as malware that have similar malcious behavior. In this paper, a sequence alignment method, the method widely used in Bioinformatics, was used to detect malware variants. This method can find the common parts of Malware’s API call sequences, and these common API call sequences can be used to detect similar behaviors of malware variants. However, when a sequence...

Software systems often undergo significant changes in their life cycle, exposing increasingly complex API to their developers. Without methodical guidances, it is easy to become bogged down in a morass of complex API even for the professional software developers. This paper presents the Flow-Augmented Call Graph (FACG) for taming API complexity. Augmenting the call graph with control flow analy...

Based on API call sequences, semantic-aware and machine learning (ML) based malware classifiers can be built for malware detection or classification. Previous works concentrate on crafting and extracting various features from malware binaries, disassembled binaries or API calls via static or dynamic analysis and resorting to ML to build classifiers. However, they tend to involve too much featur...

Future telecommunications networks will consist of integrated packet-switched (IP and/or ATM), circuitswitched (PSTN) and wireless networks. Service providers will offer a wide portfolio of innovative applications over these integrated networks. Doing so rapidly and efficiently requires open network APIs, with a key API being that for call control as well as coordination and transactions. The J...

Future telecommunications networks will consist of integrated packet-switched (IP and/or ATM), circuit-switched (PSTN) and wireless networks. Service providers will offer a wide portfolio of innovative applications over these integrated networks. Doing so rapidly and efficiently requires open network APIs, with a key API being that for call control as well as coordination and transactions. The ...

A software birthmark is a unique characteristic of a program that can be used as a software theft detection. In this paper we suggest and empirically evaluate a static birthmark of binary executables based on API call structure. The program properties employed in this birthmark are functions and standard API calls when the functions are executed. The API calls from a function includes the API c...