The Software Similarity Problem in Malware Analysis

Authors Andrew Walenstein, Arun Lakhotia



PDF
Thumbnail PDF

File

DagSemProc.06301.14.pdf
  • Filesize: 183 kB
  • 10 pages

Document Identifiers

Author Details

Andrew Walenstein
Arun Lakhotia

Cite As Get BibTex

Andrew Walenstein and Arun Lakhotia. The Software Similarity Problem in Malware Analysis. In Duplication, Redundancy, and Similarity in Software. Dagstuhl Seminar Proceedings, Volume 6301, pp. 1-10, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2007) https://doi.org/10.4230/DagSemProc.06301.14

Abstract

In software engineering contexts software may be compared for similarity in
order to detect duplicate code that indicates poor design, and to
reconstruct evolution history.  Malicious software, being nothing other
than a particular type of software, can also be compared for similarity in
order to detect commonalities and evolution history.  This paper provides a
brief introduction to the issue of measuring similarity between malicious
programs, and how evolution is known to occur in the area.  It then uses
this review to try to draw lines that connect research in software
engineering (e.g., on "clone detection") to problems in anti-malware
research.

Subject Classification

Keywords
  • Software
  • software evolution
  • commonality
  • program similarity
  • code clones
  • code smells
  • malicious software
  • malware
  • worms
  • Trojans
  • viruses
  • spyware

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail