Charles LeDoux

Learn More
In classifying malware, an open research question is how to combine similar extracted data from program analyzers in such a way that the advantages of the analyzers accrue and the errors are minimized. We propose an approach to fusing multiple program analysis outputs by abstracting the features to a common form and utilizing a disjoint union fusion(More)
Malware code has forensic value, as evident from recent studies drawing relationships between creators of Duqu and Stuxnet through similarity of their code. We present FuncTracker, a system developed on top of Palantir, to discover, visualize, and explore relationships between malware code, with the intent of drawing connections over very large corpi of(More)
Disassemblers generally assume that assembly language instructions do not overlap, therefore, an obvious obfuscation against such disassemblers is to overlap instructions. This is difficult to implement, however, as the number of instructions existing in a program which can be overlapped are typically very few. We propose a modification of instruction(More)
We discuss a new robust time domain filtering method that detects and reconstructs speech segments corrupted by impulsive noise. Robust statistical methods are very effective in the case of impulsive environments such as wireless communications and cellular phone applications. The speech signal may be corrupted by impulsive noise lasting several(More)
Malware analysts use Machine Learning to aid in the fight against the unstemmed tide of new malware encountered on a daily, even hourly, basis. The marriage of these two fields (malware and machine learning) is a match made in heaven: malware contains inherent patterns and similarities due to code and code pattern reuse by malware authors; machine learning(More)
  • 1