MAXS: Scaling Malware Execution with Sequential Multi-Hypothesis Testing

@inproceedings{Vadrevu2016MAXSSM,
  title={MAXS: Scaling Malware Execution with Sequential Multi-Hypothesis Testing},
  author={Phani Vadrevu and Roberto Perdisci},
  booktitle={AsiaCCS},
  year={2016}
}
In an attempt to coerce useful information about the behavior of new malware families, threat analysts commonly force newly collected malicious software samples to run within a sandboxed environment. The main goal is to gather intelligence that can later be leveraged to detect and enumerate new malware infections within a network. Currently, most analysis environments "blindly" execute each newly collected malware sample for a predetermined amount of time (e.g., four to five minutes). However… CONTINUE READING