Auto-Sign: an automatic signature generator for high-speed malware filtering devices

13 years 9 months ago

Download www.ise.bgu.ac.il

This research proposes a novel automatic method (termed Auto-Sign) for extracting unique signatures of malware executables to be used by high-speed malware filtering devices based on deep-packet inspection and operating in real-time. Contrary to extant string and tokenbased signature generation methods, we implemented Auto-Sign an automatic signature generation method that can be used on large-size malware by disregarding signature candidates which appear in benign executables. Results from experimental evaluation of the proposed method suggest that picking a collection of executables which closely represents commonly used code, plays a key role in achieving highly specific signatures which yield low false positives. Keywords Malware, Automatic Signature Generation (ASG), Intrusion Detection Systems 1 Corresponding author, Telefax + 972-3-6440414

Gil Tahan, Chanan Glezer, Yuval Elovici, Lior Roka

Real-time Traffic

Automatic Signature Generation | Signature | Signature Generation Method | VIROLOGY 2010 |

claim paper

Post Info
More Details (n/a)

Added	31 Jan 2011
Updated	31 Jan 2011
Type	Journal
Year	2010
Where	VIROLOGY
Authors	Gil Tahan, Chanan Glezer, Yuval Elovici, Lior Rokach

Comments (0)

Sciweavers

Auto-Sign: an automatic signature generator for high-speed malware filtering devices

Automatic Signature Generation | Signature | Signature Generation Method | VIROLOGY 2010 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers