Yuexiang Yang

Learn More
Analyzing the usage of Windows Application Program Interface (API) is a common way to understand behaviors of Malicious Software (malware) in either static analysis or dynamic analysis methods. In this work, we focus on the usage of frequent messages in API call sequences, and we hypothesize that frequent itemsets composed of API names and/or API arguments(More)
Based on analyzing the advantages and disadvantages of existing multi-class support vector machines, we construct an improved multi-class support vector machines based on binary tree structure, adopting a new metrics to determine the classification order which determines each sub-classifier and its location, the new metrics synthesizes mixed degree and(More)
Autonomous system (AS) business relationships and their inference have been widely studied by network researchers in the past. An important application of inferred AS relationships can be the prediction of AS paths between a source and destination AS within a model. However, besides knowing the topology and inferred AS relationships, AS path prediction(More)
P2P technology has been widely applied in many areas due to its excellent properties. Some botnets also shift towards the decentralized architectures, since they provide a better resiliency against detection and takedown efforts. Besides, modern P2P bots tend to run on compromised hosts in a stealthy way, which renders most existing approaches ineffective.(More)
The classification of unstructured P2P multicast video streaming is the premise for playing online linkage and real-time evidence in the process of network monitoring management. A new classification method is demonstrated, and some real-time protocol behavior features are figured in this paper, which is found out through distinguishing packet type and(More)
Peer-to-peer (P2P) botnets outperform the traditional Internet relay chat (IRC) botnets in evading detection and they have become a prevailing type of threat to the Internet nowadays. Current methods for detecting P2P botnets, such as similarity analysis of network behavior and machine-learning based classification, cannot handle the challenges brought(More)
As the dominator of the Smartphone operating system market, Android has attracted the attention of malware authors and researchers alike. The number of Android malware is increasing rapidly regardless of the considerable number of proposed malware analysis systems. In this paper, by taking advantages of low false-positive rate of misuse detection and the(More)
In order to effectively solve the dynamic vehicle routing problem with time windows, the mathematical model is established and an improved variable neighborhood search algorithm is proposed. In the algorithm, allocation customers and planning routes for the initial solution are completed by the clustering method. Hybrid operators of insert and exchange are(More)
It’s increasingly difficult to detect botnets since the introduction of P2P communication. The flow characteristics and behaviors can be easily hidden if an attacker exploits the common P2P applications’ protocol to build the network and communicate. In this paper, we analyze two potential command and control mechanisms for Parasite P2P Botnet, we then(More)