A Visualization Technique for Installation Evidences Containing Malicious Executable Files Using Machine Language Sequence

机译：用于使用机器语言序列的包含恶意可执行文件的安装证据的可视化技术

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

In the modern society the majority of information is stored and preserved on the digitalized storage medium. By the way, it is difficult to recognize that there are any adding, deleting, or changing of the records in the digitalized storage medium. In this paper, we suggest an evidence detection technique of malicious executable file installation on computer system using visualization of similarity between machine language sequences. Also suggested method can not only detect original malwares but also mutants of them. Besides, our method can help to reassemble the data blocks containing the fragments of the malicious file back into their proper sequences for securing legal evidences.

机译：在现代社会中，大多数信息都存储并保存在数字化存储介质上。顺便说一下，很难认识到，在数字化存储介质中有任何添加，删除或更改记录。在本文中，我们建议在计算机系统上使用机器语言序列之间的相似性可视化的恶意可执行文件安装的证据检测技术。还建议的方法不仅可以检测原始的恶意，还可以检测它们的突变体。此外，我们的方法可以帮助将包含恶意文件碎片的数据块重新组装回其适当的序列，以确保法律证据。

著录项

来源
《International Workshop on Information Security Applications》|2009年||共10页
会议地点
作者
Jun-Hyung Park; Minsoo Kim; Bong-Nam Noh;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP3-53;
关键词
Digital Forensic; Anti-Forensic; Machine language; Similarity; Malware; Malicious executables; Opcode visualization;

机译：数字法医;反法医;机器语言;相似;恶意软件;恶意可执行文件;OPCODE可视化;

相似文献

外文文献
中文文献
专利

1. Clustering of Malicious Executable Files Based on the Sequence Analysis of System Calls [J] . Automatic Control and Computer Sciences . 2019,第8期

机译：基于系统调用的序列分析的恶意可执行文件群集
2. New Approach of Hidden Data in the portable Executable File without Change the Size of Carrier File Using Statistical Technique [J] . A.W. Naji, Teddy S. Gunawan, A.A.Zaidan, International journal of computer science and network security . 2009,第7期

机译：使用统计技术在不更改载体文件大小的情况下在便携式可执行文件中隐藏数据的新方法
3. New Approach of Hidden Data in the portable Executable File without Change the Size of Carrier File Using Statistical Technique [J] . A.W. Naji, Teddy S. Gunawan, A.A.Zaidan, International journal of computer science and network security . 2009,第7期

机译：使用统计技术在不更改载体文件大小的情况下在便携式可执行文件中隐藏数据的新方法
4. A Visualization Technique for Installation Evidences Containing Malicious Executable Files Using Machine Language Sequence [C] . Jun-Hyung Park, Minsoo Kim, Bong-Nam Noh International Workshop on Information Security Applications . 2009

机译：用于使用机器语言序列的包含恶意可执行文件的安装证据的可视化技术
5. Transfer Learning Techniques for Sequence Labeling in Network File System Specifications [D] . Singh, Amanpreet. 2021

机译：在网络文件系统规范中传输序列标记的学习技术
6. Clinical experience with machine log file software for volumetric-modulated arc therapy techniques [O] . Luis Alberto Vazquez-Quino, Claudia Ivette Huerta-Hernandez, Dharanipathy Rangaraj 2017

机译：使用机器日志文件软件进行体积调制电弧治疗技术的临床经验
7. A Similarity based Technique for Detecting Malicious Executable files for Computer Forensics [O] . Jun-hyung Park, Minsoo Kim, Bong-nam Noh, 2015

机译：一种基于相似度的计算机取证恶意可执行文件检测技术
8. Development of a Machine-Independent, Multi-Level, Recursive Macro Substitution Language for the Specification of Real File Structures and Their Operational Environments [R] . Krohn, K. B. 1969

机译：开发与机器无关的多级递归宏替换语言，用于规范真实文件结构及其操作环境

A Visualization Technique for Installation Evidences Containing Malicious Executable Files Using Machine Language Sequence

摘要

著录项

相似文献

相关主题

期刊订阅