Rule-driven malware identification and classification

2008-01-01

Víctor M. Álvarez

PandaLabs, Spain

Editor: Helen Martin

Abstract

Over the last few years anti-virus researchers have faced an increasing volume of malware samples arriving at their research labs on a daily basis. Víctor Álvarez presents a simple, rule-driven approach to malware identification and classification that complements the manual work of the malware researcher by compensating for the weaknesses of the human brain.

The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

Magazine


	January 2008 PDF Please register to download the PDF Comment A richer, but more dangerous web News Guidelines issued for UK hacker tool ban Malware prevalence report November 2007 Features Botnet monitoring Rule-driven malware identification and classification Inside rogue Flash ads Call for papers VB2008 Ottawa Product review Agnitum Outpost Security Suite Pro 2008 Calendar Anti-malware industry events Spam Bulletin FTC notes malicious spam on the rise Prolific spammer indicted 2007: The year of the social engineer? See also Virus Bulletin archives How to become a subscriber Reprints

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

Virus Bulletin


	In this month's magazine: Living the meme If Svar is the answer... Static analysis of mobile malware And the devil is six: the security consequences of the switch to IPv6 Behind enemy lines: reporting from the CCC 28C3 Congress Subscribe now!

Virus Bulletin currently has 224,245 registered users.

Fighting malware and spam

Rule-driven malware identification and classification

Víctor M. Álvarez

PDF

Comment

News

Malware prevalence report

Features

Call for papers

Product review

Calendar

Spam Bulletin

See also