Automated Malware Classification/Analysis Through Network Theory And Statistics presented at Blackhat USA 2005

by Daniel Bilar,

Tags: Security Malware Statistics

Summary : Automated identification of malicious
code and subsequent classification into known malware families can help
cut down laborious manual malware analysis time. Call sequence, assembly
instruction statistics and graph topology all say something about the
code. This talk will present three identification and classification
approaches that use methods and results from complex network theory.
Some familiarity with assembly, Win32 architecture, statistics and basic
graph theory is helpful.