Abstract. Run-time malware detection strategies are efficient and robust, which get more and more attention. In this paper, we use I/O Request Package (IRP) sequences for malware d...
Software keyloggers are a fast growing class of malware often used to harvest confidential information. One of the main reasons for this rapid growth is the possibility for unpriv...
Stefano Ortolani, Cristiano Giuffrida, Bruno Crisp...
Application-level protocol specifications are helpful for network security management, including intrusion detection, intrusion prevention and detecting malicious code. However, c...
Abstract. Recent studies estimate that peer-to-peer (p2p) traffic comprises 40-70% of today's Internet traffic [1]. Surprisingly, the impact of p2p traffic on anomaly detectio...
Irfan Ul Haq, Sardar Ali, Hassan Khan, Syed Ali Kh...
Abstract. Many worm detectors have been proposed and are being deployed, but the literature does not clearly indicate which one is the best. New worms such as IKEE.B (also known as...