Kernel rootkits can provide user level-malware programs with the additional capabilities of hiding their malicious activities by altering the legitimate kernel behavior of an oper...
Dynamic kernel memory has been a popular target of recent kernel malware due to the difficulty of determining the status of volatile dynamic kernel objects. Some existing approach...
Junghwan Rhee, Ryan Riley, Dongyan Xu, Xuxian Jian...
Malware detectors require a specification of malicious behavior. Typically, these specifications are manually constructed by investigating known malware. We present an automatic t...
Mihai Christodorescu, Somesh Jha, Christopher Krue...
Installing various hooks into the victim system is an important attacking strategy employed by malware, including spyware, rootkits, stealth backdoors, and others. In order to def...
An important yet largely uncharted problem in malware defense is how to automate generation of infection signatures for detecting compromised systems, i.e., signatures that charac...
Zhuowei Li, XiaoFeng Wang, Zhenkai Liang, Michael ...