Function length as a tool for malware classification
Tian, R., Batten, L. M. and Versteeg, S. C. 2008, Function length as a tool for malware classification, in Proceedings of the 3rd International Conference on Malicious and Unwanted Software : MALWARE 2008, IEEE, Los Alamitos, Calif., pp. 69-76, doi: 10.1109/MALWARE.2008.4690860.
The proliferation of malware is a serious threat to computer and information systems throughout the world. Antimalware companies are continually challenged to identify and counter new malware as it is released into the wild. In attempts to speed up this identification and response, many researchers have examined ways to efficiently automate classification of malware as it appears in the environment. In this paper, we present a fast, simple and scalable method of classifying Trojans based only on the lengths of their functions. Our results indicate that function length may play a significant role in classifying malware, and, combined with other features, may result in a fast, inexpensive and scalable method of malware classification.
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.
Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO.
If you believe that your rights have been infringed by this repository, please contact firstname.lastname@example.org.
Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact email@example.com.