Richard M. Low

Learn More
In this paper, we consider a method for computing the similarity of executable files, based on opcode graphs. We apply this technique to the challenging problem of metamorphic malware detection and compare the results to previous work based on hidden Markov models. In addition, we analyze the effect of various morphing techniques on the success of our(More)
To evade signature-based detection, metamorphic viruses transform their code before each new infection. Software similarity measures are a potentially useful means of detecting such malware. We can compare a given file to a known sample of metamorphic malware and compute their similarity—if they are sufficiently similar, we classify the file as malware of(More)
Metamorphic malware is capable of changing its internal structure without altering its functionality. A common signature is nonexistent in highly metamorphic malware and, consequently, such malware can remain undetected under standard signature scanning. In this paper, we apply previous work on structural entropy to the metamorphic detection problem. This(More)
HTTP Attack Detection using N-gram Analysis by Adityaram Oza Previous research has shown that byte level analysis of HTTP traffic offers a practical solution to the problem of network intrusion detection and traffic analysis. Such an approach does not require any knowledge of applications running on web servers or any pre-processing of incoming data. In(More)
We examine a class of binary strings arising from considerations about stream cipher encryption: to what degree can one guarantee that the number of pairs of entries distance k apart that disagree is equal to the number that agree, for all small k? In a certain sense, a keystream with such a property achieves a degree of unpredictability. The problem is(More)
Field observations on territorial behavior of the fish P. flavicauda were made for a total of 200 hours at Heron Island, Great Barrier Reef. Specimens 6 cm or more in length restricted their movements to areas of approximately 2 m2 over at least a 5-month period. Distribution of the fish was highly correlated (rs = 0.89) with the amount of interface between(More)
Substitution ciphers are among the earliest methods of encryption. Examples of classic substitution ciphers include the well-known simple substitution and the less well-known homophonic substitution. Simple substitution ciphers are indeed simple, both in terms of their use and their cryptanalysis. Homophonic substitutions—in which a plaintext symbol can map(More)
Raspberries contain flavonoid antioxidants whose relative concentrations may vary between the juice, pulp, and seed fractions. Oxygen radical absorbance capacity (ORAC), total anthocyanin content, and berry color were determined for six cultivars of primocane raspberries grown in a dry climate (Utah, USA). Significant ORAC differences were found between(More)
Let A be an abelian group. We call a graph G = (V,E) A–magic if there exists a labeling f : E(G) → A∗ such that the induced vertex set labeling f : V (G) → A, defined by f(v) = Σf(u, v) where (u, v) ∈ E(G), is a constant map. In this paper, we present some algebraic properties of A– magic graphs. Using them, various results are obtained for group–magic(More)