SigMal: A Static Signal Processing Based Malware Triage

Download Now
Provided by: Association for Computing Machinery
Topic: Security
Format: PDF
In this paper, the authors propose SigMal, a fast and precise malware detection framework based on signal processing techniques. SigMal is designed to operate with systems that process large amounts of binary samples. It has been observed that many samples received by such systems are variants of previously seen malware, and they retain some similarity at the binary level. Previous systems used this notion of malware similarity to detect new variants of previously seen malware. SigMal improves the state-of-the-art by leveraging techniques borrowed from signal processing to extract noise-resistant similarity signatures from the samples.
Download Now

Find By Topic