David Mentis

  • Citations Per Year
Learn More
We present a novel system for automatically discovering and interactively visualizing shared system call sequence relationships within large malware datasets. Our system's pipeline begins with the application of a novel heuristic algorithm for extracting variable length, semantically meaningful system call sequences from malware system call behavior logs.(More)
Recent literature has proposed approaches to detect code-sharing relationships between malware artifacts, which helps to accelerate the malware reverse engineering process. In this paper we propose a novel code-sharing analysis technique that can complement existing methods. Our algorithm partitions malware system call logs into system call subsequences by(More)
The exponential growth of unique malware binary artifacts has led researchers to explore automated techniques for characterizing unknown malware binaries' capabilities. Thus far, automatic malware analysis systems have relied on labeled training data and analyst defined rules to identify malware samples' software features and functional categories. Such(More)
  • 1