#### Filter Results:

- Full text PDF available (17)

#### Publication Year

1996

2017

#### Publication Type

#### Co-author

#### Publication Venue

#### Key Phrases

Learn More

- Neha Runwal, Richard M. Low, Mark Stamp
- Journal in Computer Virology
- 2012

In this paper, we consider a method for computing the similarity of executable files, based on opcode graphs. We apply this technique to the challenging problem of metamorphic malware detection and compare the results to previous work based on hidden Markov models. In addition, we analyze the effect of various morphing techniques on the success of our… (More)

- Gayathri Shanmugam, Richard M. Low, Mark Stamp
- Journal of Computer Virology and Hacking…
- 2013

To evade signature-based detection, metamorphic viruses transform their code before each new infection. Software similarity measures are a potentially useful means of detecting such malware. We can compare a given file to a known sample of metamorphic malware and compute their similarity—if they are sufficiently similar, we classify the file as malware of… (More)

We examine a class of binary strings arising from considerations about stream cipher encryption: to what degree can one guarantee that the number of pairs of entries distance k apart that disagree is equal to the number that agree, for all small k? In a certain sense, a keystream with such a property achieves a degree of unpredictability. The problem is… (More)

- Donabelle Baysa, Richard M. Low, Mark Stamp
- Journal of Computer Virology and Hacking…
- 2013

Metamorphic malware is capable of changing its internal structure without altering its functionality. A common signature is nonexistent in highly metamorphic malware and, consequently, such malware can remain undetected under standard signature scanning. In this paper, we apply previous work on structural entropy to the metamorphic detection problem. This… (More)

- Amrapali Dhavare, Richard M. Low, Mark Stamp
- Cryptologia
- 2013

Substitution ciphers are among the earliest methods of encryption. Examples of classic substitution ciphers include the well-known simple substitution and the less well-known homophonic substitution. Simple substitution ciphers are indeed simple, both in terms of their use and their cryptanalysis. Homophonic substitutions—in which a plaintext symbol can map… (More)

- Richard M. Low, Sin–Min Lee, J. Sedlacek
- 2003

Let A be an abelian group. We call a graph G = (V, E) A–magic if there exists a labeling f : E(G) → A * such that the induced vertex set labeling f + : V (G) → A, defined by f + (v) = Σf (u, v) where (u, v) ∈ E(G), is a constant map. In this paper, we present some algebraic properties of A– magic graphs. Using them, various results are obtained for… (More)

- W. C. Shiu, Richard M. Low
- 2005

Let A be a non-trivial Abelian group. We call a graph G = (V, E) A-magic if there exists a labeling f : E → A * such that the induced vertex set labeling f + : V → A, defined by f + (v) = uv∈E f (uv) is a constant map. In this paper, we show that K k 1 ,k 2 ,...,k n (k i ≥ 2) is A-magic, for all A where |A| ≥ 3.

- Wai Chee Shiu, Richard M. Low
- J. Comb. Optim.
- 2007

- Aditya Oza, Kevin Ross, Richard M. Low, Mark Stamp
- Computers & Security
- 2014

HTTP Attack Detection using N-gram Analysis by Adityaram Oza Previous research has shown that byte level analysis of HTTP traffic offers a practical solution to the problem of network intrusion detection and traffic analysis. Such an approach does not require any knowledge of applications running on web servers or any pre-processing of incoming data. In… (More)

Let A be a non-trivial, finitely-generated abelian group and A * = A\{0}. A graph is A-magic if there exists an edge labeling using elements of A * which induces a constant vertex labeling of the graph. In this paper, we analyze the group-magic property for complete n-partite graphs and composition graphs with deleted edges.