A short overview of advances in computer virology
|
|
- Theodora Paul
- 7 years ago
- Views:
Transcription
1 A short overview of advances in computer virology LRI/LIMSI Doctoral Seminar Series Hai Nguyen Van Laboratoire de Recherche en Informatique Université Paris-Sud 29 janvier 2015 A short overview of advances in computer virology 1/13
2 Introduction What is a computer virus? Computer Invaders: The 25 Most Infamous PC Viruses of All Time, F-Secure A short overview of advances in computer virology 2/13
3 Introduction What is a computer virus? Two points of view 1 software engineer : some malicious program that copies itself 2 mathematician : self-reproductive TM or some fix point of a malicious reproductive behavior equation Which one appeared first? A short overview of advances in computer virology 3/13
4 Introduction Some history 1948 von Neumann introduces self-reproducing automata 1984 Cohen defines a virus as a self-reproducing program 1986 Brain infects the ARPANET 1990 Adleman splits the definition : injuring, infecting, imitating A short overview of advances in computer virology 4/13
5 Some theoretical framework Turing machines Introduced in 1936 by Alan Turing, a Turing machine can simulate any computer algorithm [Church-Turing-de Bruijn thesis] Informatique théorique, Julien Marcil A short overview of advances in computer virology 5/13
6 Some theoretical framework Viral Turing machines definition given by [Cohen, 1986] Definition.... v... j... v... j q i... q k.... q n. q n q 1 q 0 q 1 q 0 Question. Does v necessary syntactically equal to v? A short overview of advances in computer virology 6/13
7 Some theoretical framework Viral Turing machines definition given by [Cohen, 1986] Definition.... v... j... v... j q i... q k.... q n. q n q 1 q 0 q 1 q 0 Question. Does v necessary syntactically equal to v? NO! polymorphism [Szor, 2005] A short overview of advances in computer virology 6/13
8 Some theoretical framework Viral µ-recursive functions [Bonfante et al., 2006] Definition. Let B be a µ-recursive function. A program (i.e. µ-recursive function) v is viral w.r.t. B iff for all program p and data x, execute v (p, x) = execute B(v,p) (x) A short overview of advances in computer virology 7/13
9 Some theoretical framework Viral µ-recursive functions [Bonfante et al., 2006] Definition. Let B be a µ-recursive function. A program (i.e. µ-recursive function) v is viral w.r.t. B iff for all program p and data x, execute v (p, x) = execute B(v,p) (x) This equations models the propagation behavior B over a virus v. The virus v exists by Kleene recursion theorem! A short overview of advances in computer virology 7/13
10 Some theoretical framework Analyzing and detecting viruses Problem. Can all viruses be detected? A short overview of advances in computer virology 8/13
11 Some theoretical framework Analyzing and detecting viruses Problem. Can all viruses be detected? NO! [Cohen, 1986] Theorem (undecidability of viral detection) [Cohen, 1986] Deciding whether a program v is viral is not possible. Theorem (undecidability of viral evolutivity) [Filiol, 2009] Deciding whether a program v duplicates itself into a semantically equivalent form v is not possible. A short overview of advances in computer virology 8/13
12 Virus detection in practice Analyzing and detecting viruses in pratice! In practice, analysis techniques are divided as follows static detection with syntactic signatures with semantic signatures probabilistic models dynamic detection (human) comprehension A short overview of advances in computer virology 9/13
13 Virus detection in practice Industrial examples of viral syntactic signatures Virus 1 : Boot/Stoned Signature 1 (string matching) BE B D1 41 9C A short overview of advances in computer virology 10/13
14 Virus detection in practice Industrial examples of viral syntactic signatures Virus 1 : Boot/Stoned Virus 2 : W95/Regswap (polymorphic) Signature 1 (string matching) BE B D1 41 9C Signature 2 (regular expressions)? A short overview of advances in computer virology 10/13
15 Virus detection in practice Industrial examples of viral syntactic signatures Virus 1 : Boot/Stoned Virus 2 : W95/Regswap (polymorphic) Signature 1 (string matching) BE B D1 41 9C Signature 2 (regular expressions)???? B???? 0C... A short overview of advances in computer virology 10/13
16 Virus detection in practice Syntactic signatures are not enough Viruses are programmed to protect themselves from being detected and/or understood. Classification. [Nguyen Van, 2013] A short overview of advances in computer virology 11/13
17 Virus detection in practice Semantic approaches : model-checking with PoMMaDe The viral signature is encoded as a logic formula against what a formal model of a program is checked [Song et al., 2012]. Example : Signature of W32.Netsky@mm filename EF( call( GetModuleFileNameA) 0.filename.Γ EF ( call( CopyFileA) filename.γ )) A short overview of advances in computer virology 12/13
18 Virus detection in practice Conclusion Two main points of view of viral programs 1 software engineer : program that copies itself somewhere else 2 mathematician : fix point of µ-recursive functions A short overview of advances in computer virology 13/13
19 Virus detection in practice Conclusion Two main points of view of viral programs 1 software engineer : program that copies itself somewhere else 2 mathematician : fix point of µ-recursive functions Two approaches for static detection of viruses 1 syntactic : cost-effective, high false positive rate 2 semantic : cost-expensive, low false positive rate A short overview of advances in computer virology 13/13
20 Virus detection in practice Conclusion Two main points of view of viral programs 1 software engineer : program that copies itself somewhere else 2 mathematician : fix point of µ-recursive functions Two approaches for static detection of viruses 1 syntactic : cost-effective, high false positive rate 2 semantic : cost-expensive, low false positive rate Are industrial antivirus software enough? NO! 82 percent of all malware it detects stays active for one hour [Z. Bu, FireEye, 2013] traditional antivirus detects a mere 45 percent of all attacks [B. Dye, Symantec, 2014] A short overview of advances in computer virology 13/13
Formal Model Proposal for (Malware) Program Stealth
Formal Model Proposal for (Malware) Program Stealth Eric Filiol efiliol@esat.terre.defense.gouv.fr Army Signals Academy Cryptology and Virology Lab Rennes Virus Bulletin 2007 Plan Introduction 1 Introduction
More informationHow To Compare A Markov Algorithm To A Turing Machine
Markov Algorithm CHEN Yuanmi December 18, 2007 1 Abstract Markov Algorithm can be understood as a priority string rewriting system. In this short paper we give the definition of Markov algorithm and also
More informationCS 3719 (Theory of Computation and Algorithms) Lecture 4
CS 3719 (Theory of Computation and Algorithms) Lecture 4 Antonina Kolokolova January 18, 2012 1 Undecidable languages 1.1 Church-Turing thesis Let s recap how it all started. In 1990, Hilbert stated a
More informationCS154. Turing Machines. Turing Machine. Turing Machines versus DFAs FINITE STATE CONTROL AI N P U T INFINITE TAPE. read write move.
CS54 Turing Machines Turing Machine q 0 AI N P U T IN TAPE read write move read write move Language = {0} q This Turing machine recognizes the language {0} Turing Machines versus DFAs TM can both write
More informationThe Halting Problem is Undecidable
185 Corollary G = { M, w w L(M) } is not Turing-recognizable. Proof. = ERR, where ERR is the easy to decide language: ERR = { x { 0, 1 }* x does not have a prefix that is a valid code for a Turing machine
More informationQuantum and Non-deterministic computers facing NP-completeness
Quantum and Non-deterministic computers facing NP-completeness Thibaut University of Vienna Dept. of Business Administration Austria Vienna January 29th, 2013 Some pictures come from Wikipedia Introduction
More informationMalware Detection Module using Machine Learning Algorithms to Assist in Centralized Security in Enterprise Networks
Malware Detection Module using Machine Learning Algorithms to Assist in Centralized Security in Enterprise Networks Priyank Singhal Student, Computer Engineering Sardar Patel Institute of Technology University
More informationInformatique Fondamentale IMA S8
Informatique Fondamentale IMA S8 Cours 1 - Intro + schedule + finite state machines Laure Gonnord http://laure.gonnord.org/pro/teaching/ Laure.Gonnord@polytech-lille.fr Université Lille 1 - Polytech Lille
More informationComputability Theory
CSC 438F/2404F Notes (S. Cook and T. Pitassi) Fall, 2014 Computability Theory This section is partly inspired by the material in A Course in Mathematical Logic by Bell and Machover, Chap 6, sections 1-10.
More information3515ICT Theory of Computation Turing Machines
Griffith University 3515ICT Theory of Computation Turing Machines (Based loosely on slides by Harald Søndergaard of The University of Melbourne) 9-0 Overview Turing machines: a general model of computation
More informationPKOMP 89/5. Analysis of the Bouncing Ball Virus M S Olivier H W Teitge
PKOMP 89/5 Analysis of the Bouncing Ball Virus M S Olivier H W Teitge TEGNIESE VERSLAG TECHNICAL REPORT SENTRUM VIR GEVORDERDE REKEN- EN BESLUITNEMINGSONDERSTEUNING CENTRE FOR ADVANCED COMPUTING AND DECISION
More informationComputation Beyond Turing Machines
Computation Beyond Turing Machines Peter Wegner, Brown University Dina Goldin, U. of Connecticut 1. Turing s legacy Alan Turing was a brilliant mathematician who showed that computers could not completely
More informationHilberts Entscheidungsproblem, the 10th Problem and Turing Machines
Hilberts Entscheidungsproblem, the 10th Problem and Turing Machines Nitin Saxena (Hausdorff Center for Mathematics, Bonn) [Happy] [100 th ] [Alan] [Mathison] [Turing!][][][]... **all pictures are works
More informationAlgorithmic Software Verification
Algorithmic Software Verification (LTL Model Checking) Azadeh Farzan What is Verification Anyway? Proving (in a formal way) that program satisfies a specification written in a logical language. Formal
More informationTuring Machines: An Introduction
CIT 596 Theory of Computation 1 We have seen several abstract models of computing devices: Deterministic Finite Automata, Nondeterministic Finite Automata, Nondeterministic Finite Automata with ɛ-transitions,
More informationCSE 135: Introduction to Theory of Computation Decidability and Recognizability
CSE 135: Introduction to Theory of Computation Decidability and Recognizability Sungjin Im University of California, Merced 04-28, 30-2014 High-Level Descriptions of Computation Instead of giving a Turing
More informationProtecting Anti-virus Programs From Viral Attacks
Protecting Anti-virus Programs From Viral Attacks By- Umakant Mishra, Bangalore, India umakant@trizsite.tk, Contents 1. Introduction...1 2. Weak Points of an Anti-Virus Program...2 3. How to Prevent Attacks
More informationCHAPTER 7 GENERAL PROOF SYSTEMS
CHAPTER 7 GENERAL PROOF SYSTEMS 1 Introduction Proof systems are built to prove statements. They can be thought as an inference machine with special statements, called provable statements, or sometimes
More informationMalicious Websites uncover vulnerabilities (browser, plugins, webapp, server), initiate attack steal sensitive information, install malware, compromise victim s machine Malicious Websites uncover vulnerabilities
More informationChapter 7 Uncomputability
Chapter 7 Uncomputability 190 7.1 Introduction Undecidability of concrete problems. First undecidable problem obtained by diagonalisation. Other undecidable problems obtained by means of the reduction
More informationOverview of E0222: Automata and Computability
Overview of E0222: Automata and Computability Deepak D Souza Department of Computer Science and Automation Indian Institute of Science, Bangalore. August 3, 2011 What this course is about What we study
More informationRegular Languages and Finite Automata
Regular Languages and Finite Automata 1 Introduction Hing Leung Department of Computer Science New Mexico State University Sep 16, 2010 In 1943, McCulloch and Pitts [4] published a pioneering work on a
More informationUNIVERSALITY IS UBIQUITOUS
UNIVERSALITY IS UBIQUITOUS Martin Davis Professor Emeritus Courant Institute, NYU Visiting Scholar UC Berkeley Q 3 a 0 q 5 1 Turing machine operation: Replace symbol ( print ) Move left or right one square,
More informationPhiladelphia University Faculty of Information Technology Department of Computer Science First Semester, 2007/2008.
Philadelphia University Faculty of Information Technology Department of Computer Science First Semester, 2007/2008 Course Syllabus Course Title: Theory of Computation Course Level: 3 Lecture Time: Course
More information24 Uses of Turing Machines
Formal Language and Automata Theory: CS2004 24 Uses of Turing Machines 24 Introduction We have previously covered the application of Turing Machine as a recognizer and decider In this lecture we will discuss
More informationAccess Control Based on Dynamic Monitoring for Detecting Software Malicious Behaviours
Access Control Based on Dynamic Monitoring for Detecting Software Malicious Behaviours K. Adi, L. Sullivan & A. El Kabbal Computer Security Research Laboratory http://w3.uqo.ca/lrsi NCAC'05 1 Motivation
More informationApplications of obfuscation to software and hardware systems
Applications of obfuscation to software and hardware systems Victor P. Ivannikov Institute for System Programming Russian Academy of Sciences (ISP RAS) www.ispras.ru Program obfuscation is an efficient
More information1. Nondeterministically guess a solution (called a certificate) 2. Check whether the solution solves the problem (called verification)
Some N P problems Computer scientists have studied many N P problems, that is, problems that can be solved nondeterministically in polynomial time. Traditionally complexity question are studied as languages:
More informationUniversal Turing Machine: A Model for all Computational Problems
Universal Turing Machine: A Model for all Computational Problems Edward E. Ogheneovo Lecturer I, Dept of Computer Science, University of Port Harcourt, Port Harcourt Nigeria. ABSTRACT: Turing machines
More informationCode obfuscation techniques for metamorphic viruses
J Comput Virol DOI 10.1007/s11416-008-0084-2 ORIGINAL PAPER Code obfuscation techniques for metamorphic viruses Jean-Marie Borello Ludovic Mé Received: 15 June 2007 / Revised: 27 October 2007 / Accepted:
More informationOracle Turing machines faced with the verification problem
Oracle Turing machines faced with the verification problem 1 Introduction Alan Turing is widely known in logic and computer science to have devised the computing model today named Turing machine. In computer
More informationProtecting the Infrastructure: Symantec Web Gateway
Protecting the Infrastructure: Symantec Web Gateway 1 Why Symantec for Web Security? Flexibility and Choice Best in class hosted service, appliance, and virtual appliance (upcoming) deployment options
More informationAS RECENTLY AS SIX YEARS AGO, COMPUTER
Computer Virus Coevolution The battle to conquer computer viruses is far from won, but new and improved antidotes are controlling the field. Carey Nachenberg AS RECENTLY AS SIX YEARS AGO, COMPUTER relatively
More informationTuring Machines, Part I
Turing Machines, Part I Languages The $64,000 Question What is a language? What is a class of languages? Computer Science Theory 2 1 Now our picture looks like Context Free Languages Deterministic Context
More information1949 Self-reproducing cellular automata. 1959 Core Wars
114 Virus timeline When did viruses, Trojans and worms begin to pose a threat? Most histories of viruses start with the Brain virus, written in 1986. That was just the first virus for a Microsoft PC, though.
More informationArtificial Intelligence An Introduction 1
Artificial Intelligence An Introduction 1 Instructor: Dr. B. John Oommen Chancellor s Professor Fellow: IEEE; Fellow: IAPR School of Computer Science, Carleton University, Canada. 1 The primary source
More informationMalware: Malicious Software
Malware: Malicious Software 10/21/2010 Malware 1 Viruses, Worms, Trojans, Rootkits Malware can be classified into several categories, depending on propagation and concealment Propagation Virus: human-assisted
More informationCourse Syllabus For Operations Management. Management Information Systems
For Operations Management and Management Information Systems Department School Year First Year First Year First Year Second year Second year Second year Third year Third year Third year Third year Third
More informationThe Model Checker SPIN
The Model Checker SPIN Author: Gerard J. Holzmann Presented By: Maulik Patel Outline Introduction Structure Foundation Algorithms Memory management Example/Demo SPIN-Introduction Introduction SPIN (Simple(
More informationShor s algorithm and secret sharing
Shor s algorithm and secret sharing Libor Nentvich: QC 23 April 2007: Shor s algorithm and secret sharing 1/41 Goals: 1 To explain why the factoring is important. 2 To describe the oldest and most successful
More informationLASTLINE WHITEPAPER. Why Anti-Virus Solutions Based on Static Signatures Are Easy to Evade
LASTLINE WHITEPAPER Why Anti-Virus Solutions Based on Static Signatures Are Easy to Evade Abstract Malicious code is an increasingly important problem that threatens the security of computer systems. The
More informationHow To Understand The Theory Of Computer Science
Theory of Computation Lecture Notes Abhijat Vichare August 2005 Contents 1 Introduction 2 What is Computation? 3 The λ Calculus 3.1 Conversions: 3.2 The calculus in use 3.3 Few Important Theorems 3.4 Worked
More informationIntroduction to Turing Machines
Automata Theory, Languages and Computation - Mírian Halfeld-Ferrari p. 1/2 Introduction to Turing Machines SITE : http://www.sir.blois.univ-tours.fr/ mirian/ Automata Theory, Languages and Computation
More information(Teams removed to preserve email address privacy)
(Teams removed to preserve email address privacy) Prizes The Millennium Problems: The Seven Greatest Unsolved Mathematical Puzzles Of Our Time Keith J. Devlin Your Inner Fish: A Journey into the 3.5-Billion-Year
More informationComputer Viruses as Artificial Life
Computer Viruses as Artificial Life Eugene H. Spafford Department of Computer Sciences Purdue University West Lafayette, IN 47907 1398 spaf@cs.purdue.edu Abstract There has been considerable interest in
More informationSpecification and Analysis of Contracts Lecture 1 Introduction
Specification and Analysis of Contracts Lecture 1 Introduction Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo SEFM School, Oct. 27 - Nov.
More informationApplied evaluation methodology for anti-virus software. EICAR Conference 2009
Applied evaluation methodology for anti-virus software Jean-Baptiste Bédrune Sogeti / ESEC R&D jean-baptiste.bedrune(at)sogeti.com Alexandre Gazet Sogeti / ESEC R&D alexandre.gazet(at)sogeti.com EICAR
More informationONE often-used defence against computer viruses is the execution
IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 49, NO. 1, JANUARY 2003 (DRAFT) 280 Reliable Identification of Bounded-length Viruses is NP-complete Diomidis Spinellis, Member, IEEE Abstract A virus is a
More informationAlternative machine models
Alternative machine models Computational complexity thesis: All reasonable computer models can simulate one another in polynomial time (i.e. P is robust or machine independent ). But the Turing machine
More informationBenefits of Machine Learning. with Behavioral Analysis in Detection of Advanced Persistent Threats WHITE PAPER
Benefits of Machine Learning with Behavioral Analysis in Detection of Advanced Persistent Threats WHITE PAPER Overview The Evolution of Advanced Persistent Threat Detection Computer viruses have plagued
More informationAndroid Malware Characterisation. Giovanni Russello g.russello@auckland.ac.nz
Android Malware Characterisation Giovanni Russello g.russello@auckland.ac.nz Analysis of Two Malware Families DroidKungFu and AnserverBot represent the most recent incarnation of malware engineering Since
More informationComputer Architecture Syllabus of Qualifying Examination
Computer Architecture Syllabus of Qualifying Examination PhD in Engineering with a focus in Computer Science Reference course: CS 5200 Computer Architecture, College of EAS, UCCS Created by Prof. Xiaobo
More informationCAs and Turing Machines. The Basis for Universal Computation
CAs and Turing Machines The Basis for Universal Computation What We Mean By Universal When we claim universal computation we mean that the CA is capable of calculating anything that could possibly be calculated*.
More informationDetecting Internet Worms Using Data Mining Techniques
Detecting Internet Worms Using Data Mining Techniques Muazzam SIDDIQUI Morgan C. WANG Institute of Simulation & Training Department of Statistics and Actuarial Sciences University of Central Florida University
More informationANTIVIRUS IS DEAD - AGAIN?
ANTIVIRUS IS DEAD - AGAIN? Thomas Uhlemann ESET Deutschland GmbH Thomas.Uhlemann@ESET.de 'ELLO, I WISH TO REGISTER A COMPLAINT. MAY 4th 2014 THE DAY AV DIED ANTIVIRUS IS DEAD! Brian Dye - Senior Vice President
More informationAnti-Virus Comparative - Proactive/retrospective test May 2009
Anti-Virus Comparative Proactive/retrospective test (on-demand detection of virus/malware) Language: English May 2009 Last revision: 27 th May 2009 1 - Content 1. Introduction 3 2. Description 3 3. Test
More informationCOMPUTER SCIENCE, BACHELOR OF SCIENCE (B.S.)
VCU 1 COMPUTER SCIENCE, BACHELOR OF SCIENCE (B.S.) The Bachelor of Science in Computer Science is built on a rigorous, highly concentrated, accredited curriculum of computer science courses. The program
More informationImam Mohammad Ibn Saud Islamic University College of Computer and Information Sciences Department of Computer Sciences
1121-1122 In the Name Of Allah, the Most Beneficent, the Most Merciful Imam Mohammad Ibn Saud Islamic University Department of Computer Sciences Program Description of Master of Science in Computer Sciences
More informationEvolution of Computer Virus Concealment and Anti-Virus Techniques: A Short Survey
IJCSI International Journal of Computer Science Issues, Vol. 8, Issue 1, January 2011 113 Evolution of Computer Virus Concealment and Anti-Virus Techniques: A Short Survey Babak Bashari Rad 1, Maslin Masrom
More informationCS 301 Course Information
CS 301: Languages and Automata January 9, 2009 CS 301 Course Information Prof. Robert H. Sloan Handout 1 Lecture: Tuesday Thursday, 2:00 3:15, LC A5 Weekly Problem Session: Wednesday, 4:00 4:50 p.m., LC
More informationSpeedy Signature Based Intrusion Detection System Using Finite State Machine and Hashing Techniques
www.ijcsi.org 387 Speedy Signature Based Intrusion Detection System Using Finite State Machine and Hashing Techniques Utkarsh Dixit 1, Shivali Gupta 2 and Om Pal 3 1 School of Computer Science, Centre
More informationNotes on Complexity Theory Last updated: August, 2011. Lecture 1
Notes on Complexity Theory Last updated: August, 2011 Jonathan Katz Lecture 1 1 Turing Machines I assume that most students have encountered Turing machines before. (Students who have not may want to look
More information(IALC, Chapters 8 and 9) Introduction to Turing s life, Turing machines, universal machines, unsolvable problems.
3130CIT: Theory of Computation Turing machines and undecidability (IALC, Chapters 8 and 9) Introduction to Turing s life, Turing machines, universal machines, unsolvable problems. An undecidable problem
More informationCIT 480: Securing Computer Systems. Malware
CIT 480: Securing Computer Systems Malware Topics 1. Anti-Virus Software 2. Virus Types 3. Infection Methods 4. Rootkits 5. Malware Analysis 6. Protective Mechanisms 7. Malware Factories 8. Botnets Malware
More informationConversations: from Alan Turing to NP-completeness
Conversations: from Alan Turing to NP-completeness Compiled by Jaikumar Radhakrishnan* School of Technology and Computer Science, Tata Institute of Fundamental Research, Mumbai 400 005, India Scientists
More informationLCS 11: Cognitive Science Chinese room argument
Agenda Pomona College LCS 11: Cognitive Science argument Jesse A. Harris February 25, 2013 Turing test review Searle s argument GQ 2.3 group discussion Selection of responses What makes brains special?
More informationDoctor of Philosophy in Computer Science
Doctor of Philosophy in Computer Science Background/Rationale The program aims to develop computer scientists who are armed with methods, tools and techniques from both theoretical and systems aspects
More informationEIT ICT Labs MASTER SCHOOL DSS Programme Specialisations
EIT ICT Labs MASTER SCHOOL DSS Programme Specialisations DSS EIT ICT Labs Master Programme Distributed System and Services (Cloud Computing) The programme in Distributed Systems and Services focuses on
More informationComplexity Classes P and NP
Complexity Classes P and NP MATH 3220 Supplemental Presentation by John Aleshunas The cure for boredom is curiosity. There is no cure for curiosity Dorothy Parker Computational Complexity Theory In computer
More informationNumerology - A Case Study in Network Marketing Fractions
Vers l analyse statique de programmes numériques Sylvie Putot Laboratoire de Modélisation et Analyse de Systèmes en Interaction, CEA LIST Journées du GDR et réseau Calcul, 9-10 novembre 2010 Sylvie Putot
More informationS3 Control and System Call Indirection
S3 Control Confirma Technology Brief November 2008 Confirma Product Support 11040 Main St., Suite 100, Bellevue, WA 98004-6368, USA Toll free: 877.274.3045 Local: 425.691.1595 Email: support@confirma.com
More informationEfficient Program Exploration by Input Fuzzing
Efficient Program Exploration by Input Fuzzing towards a new approach in malcious code detection Guillaume Bonfante Jean-Yves Marion Ta Thanh Dinh Université de Lorraine CNRS - INRIA Nancy First Botnet
More informationKaspersky Security. for Virtualization 1.1 and Trend Micro Deep. Security 8.0 virtual environment detection rate and performance testing by AV-Test
Kaspersky Security for Virtualization 1.1 and Deep Security 8.0 virtual environment detection rate and performance testing by AV-Test Kaspersky Security for Virtualization, Kaspersky Lab s corporate security
More informationData Structure Reverse Engineering
Data Structure Reverse Engineering Digging for Data Structures Polymorphic Software with DSLR Scott Hand October 28 th, 2011 Outline 1 Digging for Data Structures Motivations Introduction Laika Details
More informationSimulation-Based Security with Inexhaustible Interactive Turing Machines
Simulation-Based Security with Inexhaustible Interactive Turing Machines Ralf Küsters Institut für Informatik Christian-Albrechts-Universität zu Kiel 24098 Kiel, Germany kuesters@ti.informatik.uni-kiel.de
More informationFinite Automata and Formal Languages
Finite Automata and Formal Languages TMV026/DIT321 LP4 2011 Ana Bove Lecture 1 March 21st 2011 Course Organisation Overview of the Course Overview of today s lecture: Course Organisation Level: This course
More informationRBACS: Rootkit Behavioral Analysis and Classification System
2010 Third International Conference on Knowledge Discovery and Data Mining RBACS: Rootkit Behavioral Analysis and Classification System Desmond Lobo, Paul Watters and Xinwen Wu Internet Commerce Security
More informationProactive Rootkit Protection Comparison Test
Proactive Rootkit Protection Comparison Test A test commissioned by McAfee and performed by AV-TEST GmbH Date of the report: February 2 th, 213 Executive Summary In January 213, AV-TEST performed a comparative
More informationIntroduction to Automata Theory. Reading: Chapter 1
Introduction to Automata Theory Reading: Chapter 1 1 What is Automata Theory? Study of abstract computing devices, or machines Automaton = an abstract computing device Note: A device need not even be a
More informationEuropean developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules
Cloud Email Firewall Maximum email availability and protection against phishing and advanced threats. If the company email is not protected then the information is not safe Cloud Email Firewall is a solution
More informationComputer Science MS Course Descriptions
Computer Science MS Course Descriptions CSc I0400: Operating Systems Underlying theoretical structure of operating systems; input-output and storage systems, data management and processing; assembly and
More informationMalware: Malicious Code
Malware: Malicious Code UIC 594/Kent Law: Computer and Network Privacy and Security: Ethical, Legal, and Technical Considerations 2007, 2008 Robert H. Sloan Malicious code: Viruses Most famous type of
More informationA logical approach to role-based access control in a distributed environment
A logical approach to role-based access control in a distributed environment Université Paul Sabatier, IRIT COPS - February 2008 Motivation Express access control policies in distributed systems. Take
More informationNorton AntiVirus 9.0 for Macintosh
Norton AntiVirus 9.0 for Macintosh Upgrade Overview Overview Norton AntiVirus 9.0 for Macintosh is the latest release of Symantec s awardwinning Norton AntiVirus product line. This document explains the
More informationE-mail Spam Classification With Artificial Neural Network and Negative Selection Algorithm
E-mail Spam Classification With Artificial Neural Network and Negative Selection Algorithm Ismaila Idris Dept of Cyber Security Science, Federal University of Technology, Minna, Nigeria. Idris.ismaila95@gmail.com
More informationHow To Understand What A Virus Is And How To Protect Yourself From A Virus
Viruses, Trojans and Worms Oh My! 2006 Technology Leadership Presentation Series Why is my computer running so slow? What are all of these little windows popping up on my system? Why did my home page change?
More informationCorrespondence analysis for strong three-valued logic
Correspondence analysis for strong three-valued logic A. Tamminga abstract. I apply Kooi and Tamminga s (2012) idea of correspondence analysis for many-valued logics to strong three-valued logic (K 3 ).
More informationAutomatic Network Protocol Analysis
Gilbert Wondracek, Paolo M ilani C omparetti, C hristopher Kruegel and E ngin Kirda {gilbert,pmilani}@ seclab.tuwien.ac.at chris@ cs.ucsb.edu engin.kirda@ eurecom.fr Reverse Engineering Network Protocols
More informationModel 2.4 Faculty member + student
Model 2.4 Faculty member + student Course syllabus for Formal languages and Automata Theory. Faculty member information: Name of faculty member responsible for the course Office Hours Office Number Email
More informationHypercomputation: computing more than the Turing machine
Hypercomputation: computing more than the Turing machine Abstract: Toby Ord Department of Philosophy * The University of Melbourne t.ord@pgrad.unimelb.edu.au In this report I provide an introduction to
More informationINF5140: Specification and Verification of Parallel Systems
Motivation INF5140: Specification and Verification of Parallel Systems Lecture 1 Introduction: Formal Methods Gerardo Schneider Department of Informatics University of Oslo INF5140, Spring 2009 Outline
More informationA progressive and integrated approach to protecting corporate networks
A progressive and integrated approach to protecting corporate networks Kaspersky Open Space Security is a suite of products that offers security coverage for all types of network endpoints, from mobile
More informationCompiler Construction
Compiler Construction Regular expressions Scanning Görel Hedin Reviderad 2013 01 23.a 2013 Compiler Construction 2013 F02-1 Compiler overview source code lexical analysis tokens intermediate code generation
More informationIntroduction to computer science
Introduction to computer science Michael A. Nielsen University of Queensland Goals: 1. Introduce the notion of the computational complexity of a problem, and define the major computational complexity classes.
More informationOS Security. Malware (Part 2) & Intrusion Detection and Prevention. Radboud University Nijmegen, The Netherlands. Winter 2015/2016
OS Security Malware (Part 2) & Intrusion Detection and Prevention Radboud University Nijmegen, The Netherlands Winter 2015/2016 A short recap Different categories of malware: Virus (self-reproducing, needs
More informationhttp://www.guido.be/intranet/enqueteoverview/tabid/152/ctl/eresults...
1 van 70 20/03/2014 11:55 EnqueteDescription 2 van 70 20/03/2014 11:55 3 van 70 20/03/2014 11:55 4 van 70 20/03/2014 11:55 5 van 70 20/03/2014 11:55 6 van 70 20/03/2014 11:55 7 van 70 20/03/2014 11:55
More informationE-MAIL VIRUSES DETECTION: DETECT E-MAIL VIRUS BY NETWORK TRAFFIC
E-MAIL VIRUSES DETECTION: DETECT E-MAIL VIRUS BY NETWORK TRAFFIC A Thesis in TCC402 Presented To The Faculty of School of Engineering and Applied Science University of Virginia In Partial Fulfillment of
More informationFireEye Email Threat Prevention Cloud Evaluation
Evaluation Prepared for FireEye June 9, 2015 Tested by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg, PA 17050 www.icsalabs.com Table of Contents Executive Summary... 1 Introduction... 1 About
More informationProtection Against Advanced Persistent Threats
Protection Against Advanced Persistent Threats Peter Mesjar Systems Engineer, CCIE 17428 October 2014 Agenda Modern Threats Advanced Malware Protection Solution Why Cisco? Cisco Public 2 The Problem are
More informationUsing Windows Update for Windows XP
Using Windows Update for Windows XP Introduction This document provides instructions on updating Windows XP with the necessary patches. It is very important to update your operating system software in
More information