sigmal a static signal processing based malware triage
play

SigMal: A Static Signal Processing Based Malware Triage Dhilung - PowerPoint PPT Presentation

Dec 06, 2022 •278 likes •454 views

SigMal: A Static Signal Processing Based Malware Triage Dhilung Kirat Lakshmanan Nataraj Giovanni Vigna B.S Manjunath Ezeanaka Kingsley CISC850 Cyber Analytics CISC850 Cyber Analytics Abstract Sigmal as a malware detection framework -

  1. SigMal: A Static Signal Processing Based Malware Triage Dhilung Kirat Lakshmanan Nataraj Giovanni Vigna B.S Manjunath Ezeanaka Kingsley CISC850 Cyber Analytics

  2. CISC850 Cyber Analytics Abstract Sigmal as a malware detection framework - Results of testing Sigmal on samples -

  3. CISC850 Cyber Analytics Introduction ● Static, dynamic and statistical analyses ● Malwares variants ● N-gram feature extraction

  4. CISC850 Cyber Analytics

  5. CISC850 Cyber Analytics Signal processing based features • Feature extraction, Feature computation Section aware feature extraction

  6. CISC850 Cyber Analytics

  7. CISC850 Cyber Analytics Comparison • N-gram based detection • PE structure based detection • Control flow graph-based detection

  8. CISC850 Cyber Analytics • Benign, Malicious and real world datasets collected

  9. CISC850 Cyber Analytics Evaluation Fig 5: Feature robustness against noise.

  10. CISC850 Cyber Analytics Fig. 6 : Nearest neighbor distribution for a 100 thousand samples

  11. CISC850 Cyber Analytics Fig. 7 : Comparison of malware detection algorithms

  12. CISC850 Cyber Analytics Fig. 8 : Query performance comparison.

  13. CISC850 Cyber Analytics Real world experiments

  14. CISC850 Cyber Analytics Results: Fig. 10: Precision and recall of the Sigmal detection on the real world samples.

  15. CISC850 Cyber Analytics

  16. CISC850 Cyber Analytics Limitations and Related Work: • Signal Processing • Static malware similarity

  17. CISC850 Cyber Analytics Conclusion: • Sigmal detection framework. • Heuristics based features • High precision capability.

Recommend

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al [FSE 14] Presented by Maaz Ahmad The Malware Problem (Feb, 2015) Motive Security Labs estimates 16 million infected mobile devices. [1]

828 views • 30 slides
Fast and Generic Malware Triage Using openioc_scan Volatility Plugin TAKAHIRO HARUYAMA

Fast and Generic Malware Triage Using openioc_scan Volatility Plugin TAKAHIRO HARUYAMA

Fast and Generic Malware Triage Using openioc_scan Volatility Plugin TAKAHIRO HARUYAMA (@CCI_FORENSICS) INTERNET INITIATIVE JAPAN INC. Digital Forensics Research Conference Europe 2015 Who am I? 2 Forensic Investigator & Malware

796 views • 27 slides
Signal Processing - Introduction Signal Processing Analogue/digital filters: extensively used

Signal Processing - Introduction Signal Processing Analogue/digital filters: extensively used

Instrumentation (and Signal Processing Process Control) Fall 1393 Bonab University Signal Processing - Introduction Signal Processing Analogue/digital filters: extensively used in sensor signal processing Pre-processing

894 views • 32 slides
When Malware is Packin Heat; Limits of Machine Learning Classifiers Based on Static Analysis

When Malware is Packin Heat; Limits of Machine Learning Classifiers Based on Static Analysis

When Malware is Packin Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features Hojjat Aghakhani , Fabio Gri*, Francesco Mecca, Mar0na Lindorfer, Stefano Ortolani, Davide Balzaro*, Giovanni Vigna, Christopher Kruegel

1.01k views • 53 slides
Waveform Generation Fundamental part of signal processing is the signal. Within the

Waveform Generation Fundamental part of signal processing is the signal. Within the

Waveform Generation Fundamental part of signal processing is the signal. Within the context of hardware implementations of signal processing this signal may arise from: A local waverform/signal generator. Continuous stream from a

492 views • 26 slides
On Static Malware Detection Tayssir Touili LIPN, CNRS & Univ. Paris 13 Motivation: Malware

On Static Malware Detection Tayssir Touili LIPN, CNRS & Univ. Paris 13 Motivation: Malware

On Static Malware Detection Tayssir Touili LIPN, CNRS & Univ. Paris 13 Motivation: Malware Detection The number of new malware exceeds 75 million by the end of 2011, and is still increasing. The number of malware that produced

1.34k views • 91 slides
Triage Training Describe role of triage and use of the triage tag Demonstrate how to fill

Triage Training Describe role of triage and use of the triage tag Demonstrate how to fill

Triage Training Describe role of triage and use of the triage tag Demonstrate how to fill out the tag Hand out three blank triage tags & 3 paint stick patients Assist and review student triage tags Question and answer time

622 views • 11 slides
CS7038 - Malware Analysis - Wk05.1 Static Analyzers Coleman Kane kaneca@mail.uc.edu February 7,

CS7038 - Malware Analysis - Wk05.1 Static Analyzers Coleman Kane kaneca@mail.uc.edu February 7,

CS7038 - Malware Analysis - Wk05.1 Static Analyzers Coleman Kane kaneca@mail.uc.edu February 7, 2017 Signature-based Anti-Virus Systems By far, the most popular weapon against cyber attacks is signature-based antivirus software. When

709 views • 12 slides
Triage in Trouble Hospital emergency rooms are busy Patients are impatient Triage

Triage in Trouble Hospital emergency rooms are busy Patients are impatient Triage

A Triage Information Agent (TIA) based on the IDA Technology Stan Franklin and Dan Jones, M.D. Computer Science Division & Institute for Intelligent Systems The University of Memphis 1 Triage in Trouble Hospital emergency rooms are

389 views • 6 slides
Speech Processing 11-492/18-492 Speech Synthesis Signal Processing Signal Manipulation

Speech Processing 11-492/18-492 Speech Synthesis Signal Processing Signal Manipulation

Speech Processing 11-492/18-492 Speech Synthesis Signal Processing Signal Manipulation Signal Parameterization Joining LPC PSOLA: pitch and duration modification Statistical Parameterization MELCEP/MLSA LSF, STRAIGHT,

729 views • 25 slides
MazeWalker Enriching static malware analysis and more Yevgeny Kulakov @p_h_0_e_n_i_x About Me

MazeWalker Enriching static malware analysis and more Yevgeny Kulakov @p_h_0_e_n_i_x About Me

MazeWalker Enriching static malware analysis and more Yevgeny Kulakov @p_h_0_e_n_i_x About Me Malware RE @ Trusteer, IBM, Seculert binary analysis automation sandbox development Now in vEYE Security on software container

591 views • 48 slides
Baseband Signal Processing Framework Baseband Signal Processing Framework for the OsmocomBB GSM

Baseband Signal Processing Framework Baseband Signal Processing Framework for the OsmocomBB GSM

Baseband Signal Processing Framework Baseband Signal Processing Framework for the OsmocomBB GSM Protocol Stack Harald Krll, Christian Benkeser, Stefan Zwicky, Benjamin Weber, Qiuting Huang Integrated Systems Laboratory, ETH Zurich d S b i h

306 views • 26 slides
Fast L0-based Sparse Signal Recovery Nick Kingsbury and Yingsong Zhang Signal Processing Group

Fast L0-based Sparse Signal Recovery Nick Kingsbury and Yingsong Zhang Signal Processing Group

Fast L0-based Sparse Signal Recovery Nick Kingsbury and Yingsong Zhang Signal Processing Group Department of Engineering ACVT seminar, Adelaide May 2011 Outline Introduction 1 L0 reweighted-L2 Minimization 2 IRLS Basic Model Basic

642 views • 34 slides
Signal Processing General Introduction Based Intrusion Detection Using Several drawbacks to

Signal Processing General Introduction Based Intrusion Detection Using Several drawbacks to

Signal Processing General Introduction Based Intrusion Detection Using Several drawbacks to signature-based PCA detection Human intervention By Jeff Terrell Not adaptive; can't learn For COMP 290 - IDS - Spring 2005 Can be

360 views • 7 slides
CS7038 - Malware Analysis - Wk04.1 Static Analysis Introduction Coleman Kane kaneca@mail.uc.edu

CS7038 - Malware Analysis - Wk04.1 Static Analysis Introduction Coleman Kane kaneca@mail.uc.edu

CS7038 - Malware Analysis - Wk04.1 Static Analysis Introduction Coleman Kane kaneca@mail.uc.edu February 1, 2017 Static Analysis Static Analysis is the process of documenting your observations about what identifying characteristics a

575 views • 8 slides
Mining malware specifications through static reachability analysis Hugo Daniel Macedo 1 Tayssir

Mining malware specifications through static reachability analysis Hugo Daniel Macedo 1 Tayssir

Introduction Mining specifications Detecting malware Results References Mining malware specifications through static reachability analysis Hugo Daniel Macedo 1 Tayssir Touili 2 1 INRIA Rocqencourt 2 LIAFA Univ. Paris 7 November 4, 2013

870 views • 45 slides
Digital Signal Processing Solutions Digital Signal Processing Solutions SIGNAL PROCESSING

Digital Signal Processing Solutions Digital Signal Processing Solutions SIGNAL PROCESSING

Digital Signal Processing Solutions Digital Signal Processing Solutions SIGNAL PROCESSING DOMAIN HARDWARE SOFTWARE PARADIGM PARADIGM ASIC DSP PLD/FPGA GPP (Custom & COTS) 1 Hardware Paradigm Hardware Paradigm

397 views • 14 slides
Signal Processing in the Pure Programming Signal Processing in Pure Language Albert Grf Dept.

Signal Processing in the Pure Programming Signal Processing in Pure Language Albert Grf Dept.

Signal Processing in the Pure Programming Signal Processing in Pure Language Albert Grf Dept. of Music Informatics Full paper, slides, examples at: http://pure-lang.googlecode.com/svn/docs/ Pure, the programming language Signal

155 views • 14 slides
Advanced Digital Signal Processing Part 5: Multi-Rate Digital Signal Processing Gerhard Schmidt

Advanced Digital Signal Processing Part 5: Multi-Rate Digital Signal Processing Gerhard Schmidt

Advanced Digital Signal Processing Part 5: Multi-Rate Digital Signal Processing Gerhard Schmidt Christian-Albrechts-Universitt zu Kiel Faculty of Engineering Institute of Electrical and Information Engineering Digital Signal Processing and

964 views • 55 slides
22/12/2016 A Gentle Introduction to Signal Processing M. Iqbal Saripan Faculty of Engineering,

22/12/2016 A Gentle Introduction to Signal Processing M. Iqbal Saripan Faculty of Engineering,

22/12/2016 A Gentle Introduction to Signal Processing M. Iqbal Saripan Faculty of Engineering, Universiti Putra Malaysia Signal Processing Analogue Signal Processing Science of analyzing time-varying physical process There are two categories

213 views • 6 slides
Status of TPC Signal Simulation & Processing Jyoti Joshi Brookhaven National Laboratory

Status of TPC Signal Simulation & Processing Jyoti Joshi Brookhaven National Laboratory

Status of TPC Signal Simulation & Processing Jyoti Joshi Brookhaven National Laboratory LBL/Sim/Reco Meeting, 11/07/2016 Outline * Signal Processing Method * LArTPC Noise Experience * Signal Processing Challenges 2 Introduc>on:

496 views • 25 slides
What role for static analysis in malware detection? Laurence Tratt http://tratt.net/laurie/

What role for static analysis in malware detection? Laurence Tratt http://tratt.net/laurie/

What role for static analysis in malware detection? Laurence Tratt http://tratt.net/laurie/ Middlesex University With thanks to David Clark 2011/4/6 L. Tratt http://tratt.net/laurie/ Static analysis and malware 2011/4/6 1 / 21 Overview

1.3k views • 53 slides
Acoustics II: time reversal signal restoration clicks audio signal processing tape speed

Acoustics II: time reversal signal restoration clicks audio signal processing tape speed

Audio signal processing effects equalizer compressor, limiter noise gates flanger chorus phaser leslie pitch-shift - time scaling Acoustics II: time reversal signal restoration clicks audio signal processing tape speed variations

1.23k views • 59 slides
Signal Processing in MATLAB Signal Processing in MATLAB February 2, 1998 Tom Krauss PhD Student

Signal Processing in MATLAB Signal Processing in MATLAB February 2, 1998 Tom Krauss PhD Student

Signal Processing in MATLAB Course February 1998 Signal Processing in MATLAB Signal Processing in MATLAB February 2, 1998 Tom Krauss PhD Student in Elec. Engineering On-campus Representative of The MathWorks, Inc. krauss@ecn.purdue.edu

480 views • 28 slides

More recommend