| Title |
State Of Malware: Family Ties |
| Type |
Paper
|
| Tags |
malware
malware analysis
|
| Abstract |
Over the last few years malware has gravitated towards a few major families rather than the single or small-sized families of the past. Families of hundreds or even thousands are not uncommon. These families grouped together demonstrate the evolution of malware over time. This evolution may originate in simple bugfixes and small enhancements or entirely new sets of functionality added over an existing code base. Studying the ties between families, both within and across families, provides us with a context in which to study the development pace and technical improvements as they appear. We will examine how families grow and change amongst the mass malware and targeted attack malware. While examining how families grow and change we will attempt to identify features across all families that are both common and implemented in the same way. This could lead to quick static identification of malware features as well as signaturing these features. We hope to show how multiple families are derived from one code base, we will not just address mass malware, targeted malware but also rootkits and code sharing amongst them.
|
| Authors |
Peter Silberman
Ero Carrera
|
| Submitted |
June 21, 2010 |
| Rating |
Currently 0/5 stars (0 votes).
|
| Correlation |
| Linked to |
|
| Event |
Black Hat EU 2010
|
| Resource |
---
|
| Download |
| Source |
BlackHat-EU-2010-Carrera-Silberman-State-of-Malware-wp.pdf |
| Size |
499.6 KB |
| MD5 |
cbe942ae98052af4ae05c418b2aff027 |
| SHA1 |
83ac6502febdf3a29fb40e447e021849bfefe4ed |
top
