Learn More
Malware signature detectors use patterns of bytes, or variations of patterns of bytes, to detect malware attempting to enter a systems. This approach assumes the signatures are both or sufficient length to identify the malware, and to distinguish it from non-malware objects entering the system. We describe a technique that can increase the difficulty of(More)
Network intrusion detection is a key security issue that can be tackled by means of different approaches. This paper describes a novel methodology for network attack detection based on the use of data mining techniques to process traffic information collected by a monitoring station from a set of hosts using the Simple Network Management Protocol (SNMP).(More)
Malware behavior detectors observe the behavior of suspected malware by emulating its execution or executing it in a sandbox or other restrictive, instrumented environment. This assumes that the process, or process family, being monitored will exhibit the targeted behavior if it contains malware. We describe a technique for evading such detection by(More)
Various technical bodies have devised methodologies to guide testers to the selection, design, and implementation of the most appropriate security testing procedures for various contexts. Their general applicability is obviously regarded as a necessary and positive feature, but its consequence is the need for a complex adaptation phase to the specific(More)