Browse > Article
http://dx.doi.org/10.7840/kics.2016.41.12.1858

A New S/W Architecture for YARA Speed Enhancement  

Kim, Chang Hoon (School of Computer and Information Technology, Daegu University)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.41, no.12, 2016 , pp. 1858-1860 More about this Journal
Abstract
In this paper, a modified YARA software architecture that can perform pattern matching for multi-rule files is proposed. Based on a improved scanning thread algorithm, the new design reduces memory loading time of rule files for pattern matching. Therefore, the proposed architecture can reduce operation time for pattern matching while it requires an increased memory in proportion to the number of rule files.
Keywords
YARA; Pattern Matching; Malware Detection; Signature;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 S. K. Pandey and B. M. Mehtre, "Performance of malware detection tools: A comparison" ICACCC 2014, pp. 1811-1817, May 2014.
2 I. S. Kim, J. H. Jung, H. C. Lee, and J. H. Yi, "Analysis method and response guide of mobile malwares," J. KICS, vol. 35, no. 4, pp. 599-609, Apr. 2010.
3 Victor M. Alvarez, Revision (2015), Retrieved Aug., 3, 2016, from http://virustotal.github.io/yara/