FARM - Malware Information Sharing (Automated Malware Analysis Symposium
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Proceedings - 2013 12th International Conference on Machine Learning and Applications, ICMLA 2013
Malware, or malicious software, is capable of performing any action or command that can be expressed in code and is typically used for illicit activities, such as e-mail spamming, corporate espionage, and identity theft. Most organizations rely on anti-virus software to identifymalware, which typically utilize signatures that can only identify previously-seen malware instances. We consider the detection ofmalware executables that are downloaded in streaming network data as a supervised machine learning problem. Using malwaredata collected over multiple years, we characterize the effect of concept drift and class imbalance on batch and streaming decision tree ensembles. In particular, we illustrate a surprising vulnerability generated by precisely the aspect of streaming methods that seemed most likely to help them, when compared to batch methods. © 2013 IEEE.
We report on the work done in the late-start LDRDUsing Emulation and Simulation toUnderstand the Large-Scale Behavior of the Internet. We describe the creation of a researchplatform that emulates many thousands of machines to be used for the study of large-scale inter-net behavior. We describe a proof-of-concept simple attack we performed in this environment.We describe the successful capture of a Storm bot and, from the study of the bot and furtherliterature search, establish large-scale aspects we seek to understand via emulation of Storm onour research platform in possible follow-on work. Finally, we discuss possible future work.3
We present the forensic analysis repository for malware (FARM), a system for automating malware analysis. FARM leverages existing dynamic and static analysis tools and is designed in a modular fashion to provide future extensibility. We present our motivations for designing the system and give an overview of the system architecture. We also present several common scenarios that detail uses for FARM as well as illustrate how automated malware analysis saves time. Finally, we discuss future development of this tool.
We present the forensic analysis repository for malware (FARM), a system for automating malware analysis. FARM leverages existing dynamic and static analysis tools and is designed in a modular fashion to provide future extensibility. We present our motivations for designing the system and give an overview of the system architecture. We also present several common scenarios that detail uses for FARM as well as illustrate how automated malware analysis saves time. Finally, we discuss future development of this tool.
Abstract not provided.
Abstract not provided.
Abstract not provided.