Graphs, Entropy and Grid Computing: Automatic Comparison of Malware

Download Now Free registration required

Executive Summary

Nowadays AV laboratories are saturated with huge collections of malware which are received daily. It's a fact that the industry needs better methods to automatically identify, analyse and classify these volumes of samples. AV laboratories cannot continue working as they did years ago (or even months ago). This paper describes an automated classification system to identify files with similar internal structures. The paper will use graph theory as a way to identify similar functions among malware samples. This system helps to minimize human error and false positive detection.

  • Format: PDF
  • Size: 807.3 KB