DROPS - Document

License:

Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/DagSemProc.06301.14
URN: urn:nbn:de:0030-drops-9640
URL: http://dagstuhl.sunsite.rwth-aachen.de/volltexte/2007/964/

Go to the corresponding Portal

Walenstein, Andrew ; Lakhotia, Arun

The Software Similarity Problem in Malware Analysis

pdf-format:

06301.LakhotiaArun.964.pdf (0.2 MB)

Abstract

In software engineering contexts software may be compared for similarity in
order to detect duplicate code that indicates poor design, and to
reconstruct evolution history. Malicious software, being nothing other
than a particular type of software, can also be compared for similarity in
order to detect commonalities and evolution history. This paper provides a
brief introduction to the issue of measuring similarity between malicious
programs, and how evolution is known to occur in the area. It then uses
this review to try to draw lines that connect research in software
engineering (e.g., on "clone detection") to problems in anti-malware
research.

BibTeX - Entry

@InProceedings{walenstein_et_al:DagSemProc.06301.14,
  author =	{Walenstein, Andrew and Lakhotia, Arun},
  title =	{{The Software Similarity Problem in Malware Analysis}},
  booktitle =	{Duplication, Redundancy, and Similarity in Software},
  pages =	{1--10},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2007},
  volume =	{6301},
  editor =	{Rainer Koschke and Ettore Merlo and Andrew Walenstein},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2007/964},
  URN =		{urn:nbn:de:0030-drops-9640},
  doi =		{10.4230/DagSemProc.06301.14},
  annote =	{Keywords: Software, software evolution, commonality, program similarity, code clones, code smells, malicious software, malware, worms, Trojans, viruses, spyware}
}

Keywords: Software, software evolution, commonality, program similarity, code clones, code smells, malicious software, malware, worms, Trojans, viruses, spyware

Collection: 06301 - Duplication, Redundancy, and Similarity in Software

Issue Date: 2007

Date of publication: 19.04.2007

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI

Keywords:		Software, software evolution, commonality, program similarity, code clones, code smells, malicious software, malware, worms, Trojans, viruses, spyware
Collection:		06301 - Duplication, Redundancy, and Similarity in Software
Issue Date:		2007
Date of publication:		19.04.2007