WP4-Data enrichment and characterization: February 2010 Archives

Wombat Deliverable D15/D4.5 Intermediate Report on Contextual Features

By
Nicolas Deschamps
on February 16, 2010 5:09 PM |
The objective of this Workpackage 4 is to develop techniques to characterize the malicious code that is collected in the previous workpackage. The main idea is to enrich the collected code thanks to metadata that might reveal insights into the origin of the code and the intentions of those that created, released or used it. This deliverable provides a preliminary discussion of possible contextual features of malware, and for each feature, an estimate on its effectiveness and the difficulty to obtain it. Some of these features can be used to analyze potential threats and discriminate collected samples that are mere variations of already known threats.

FP7-ICT-216026-Wombat_WP4-D15_V01_Intermediate-Contextual-features.pdf

Wombat Deliverable D11/D4.3 Intermediate Analysis Report of Structural Features

By
Nicolas Deschamps
on February 16, 2010 4:33 PM |
This deliverable provides a preliminary discussion of structural features that can be used to characterize executable code. Furthermore, it discusses a number of techniques, based on these features, that are being developed in the context of the wombat project, and aim to provide a deeper understanding of malicious code and of the relations between malicious code samples.

FP7-ICT-216026-Wombat_WP4_D11_V01-Intermediate-analysis-report-of-structural-features.pdf

WOMBAT Deliverable D08/D4.1 Specification language for code behavior

By
Nicolas Deschamps
on February 16, 2010 3:25 PM |
This document provides a specification language to describe the behavior of code. Consistently with the requirements for an extensible, layered architecture for the behavioral analysis of malware, four different languages are defined, ranging from a complete, low-level description of the code's behavior to a high-level analysis report that is suitable for a human analyst. Furthermore, current approaches to behavioral malware analysis and detection within the wombat project are discussed, most of which already take advantage (or can be extended to take advantage) of the provided specification language.

FP7-ICT-216026-Wombat_WP4_D08_V01_Specification_language_for_code_behaviour.pdf
« WP4-Data enrichment and characterization: November 2008 | Main Index | Archives | WP4-Data enrichment and characterization: July 2010 »

Search

About this Archive

This page is a archive of entries in the WP4-Data enrichment and characterization category from February 2010.

WP4-Data enrichment and characterization: November 2008 is the previous archive.

WP4-Data enrichment and characterization: July 2010 is the next archive.

Find recent content on the main index or look in the archives to find all content.

May 2011: Monthly Archives

Categories

Monthly Archives

Pages

  • WP6