A Framework for Efficient Mining of Structural Information to Detect Zero-Day Malicious Portable Executables ∗

@inproceedings{Shafiq2009AFF,
  title={A Framework for Efficient Mining of Structural Information to Detect Zero-Day Malicious Portable Executables ∗},
  author={Muhammad Zubair Shafiq and S. Momina Tabish and Fauzan Mirza and Muddassar Farooq},
  year={2009}
}
In this paper, we present an accurate and realtime PE-Miner framework that automatically extracts distinguishing features from portable executables (PE) to detect zero-day malware without any a priori knowledge about them. The distinguishing features are extracted using the structural information standardized by the Microsoft Windows operating system for executables, DLLs and object files. We follow a threefold research methodology: (1) identify a set of structural features for PE files, which… CONTINUE READING
9 Citations
31 References
Similar Papers

References

Publications referenced by this paper.
Showing 1-10 of 31 references

A Framework for Efficient Mining of Structural Information to Detect Zero-Day Malicious Portable Executables

  • M. Z. Shafiq, S. M. Tabish, F. Mirza, M. Farooq
  • Technical Report, TR-nexGINRC-2009-21, January
  • 2009

A

  • W. J. Li, S. J. Stolfo
  • Stavrou, E.Androulaki, A.D. Keromytis, “A Study…
  • 2007

Similar Papers

Loading similar papers…