Detecting Spectre Malware Binary through Function Level N-gram Comparison |
Kim, Moon-Sun
(Hanam University)
Yang, Hee-Dong (Hanam University) Kim, Kwang-Jun (Hanam University) Lee, Man-Hee (Hanam University) |
1 | S. Jain and Y. K. Meena, "Byte level n-gram analysis for malware detection," nternational Conference on Information Processing, pp. 51-59, Aug. 2011. |
2 | E. Raff, R. Zak, R. Cox, J. Sylvester, P. Yacci, R. Ward, A. Tracy, M. Mclean and C. Nicholas, "n investigation of byte n-gram features for malware classification," Journal of Computer Virology and Hacking Techniques 14.1, pp. 1-20, Sep. 2018. DOI |
3 | A. Pektas, M. Eris and T. Acarman, "Proposal of n-gram based algorithm for malware classification," The Fifth International Conference on Emerging Security Information, Systems and Technologies, pp. 7-13, Aug. 2011. |
4 | B. Kang, S.Y. Yerima, K. Mclaughlin and S. Sezer, "N-opcode analysis for android malware classification and categorization," 2016 International conference on cyber security and protection of digital services (cyber security), pp. 1-7, Jun. 2016. |
5 | A. Fog, "The Microarchitecture of Intel, AMD and VIA CPUs," May. 2017. |
6 | Turner, Paul. "Retpoline: a software construct for preventing branch target injection," https://support.google.com/faqs/answer/7625886, 2018. |
7 | Microsoft Visual C/C++ complier, "Qspectre," https://docs.microsoft.com/ko-kr/cpp/build/reference/qspectre?view=vs-2019 |
8 | P. Kocher, "Spectre Mitigations in Microsoft's C/C++ Compiler," https://www.paulkocher.com/doc/MicrosoftCompilerSpectreMitigation.html |
9 | G. Wang, S. Chattopadhyay, I. Gotovchits, T. Mitra and A. Roychoudhury, "oo7: Low-overhead Defense against Spectre attacks via Program Analysis," IEEE Transactions on Software Engineering, pp. 1-1, Nov. 2019. |
10 | N.A. Simakov, M.D. Innus, M.D. Jones, J.P. White, S.M. Gallo, R.L. Deleon and T.R. Furlani, "Effect of meltdown and spectre patches on the performance of HPC applications," arXiv preprint arXiv:1801.04329, Jan. 2018. |
11 | Radare2, "radare2," https://rada.re/n/ |
12 | S. Ertekin, J. Huang, L. Bottou and C.L. Giles, "Learning on the border: active learning in imbalanced data classification," Proceedings of the sixteenth ACM conference on Conference on information and knowledge management, pp. 127-136, Nov. 2007. |
13 | N.V. Chawla, K.W. Bowyer, L.O. Hall and W.P. Kegelmeyer, "SMOTE: synthetic minority over-sampling technique," Journal of artificial intelligence research 16, pp. 321-357, Jun. 2002. DOI |
14 | M. Mushtaq, J. Bricq, M.K. Bhatti, A. Akram, V. Lapotre, G. Gogniat and P. Benoit, "WHISPER: A Tool for Run-Time Detection of Side-Channel Attacks," IEEE Access 8, pp. 83871-83900, May. 2020. |
15 | P. Kocher, D. Genkin, D. Gruss, W. Hass, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz and Y. Yarom, "Spectre attacks: Exploiting speculative execution," 2019 IEEE Symposium on Security and Privacy (SP), pp. 1-19, May. 2019. |
16 | Intel, "Intel(R) 64 and IA-32 Architectures Software Developer's Manual: Volume 3," https://www.intel.co.kr/ |
17 | J. Corbet, "Meltdown/Spectre mitigation for 4.15 and beyond," LWN.net, https://lwn.net/Articles/744287/ |
18 | G. Marco, B. Kopf, J.F. Morales, J. Reineke and A. Sanchez, "SPECTECTOR: Principled detection of speculative information flows," 2020 IEEE Symposium on Security and Privacy (SP), pp. 1-19, May. 2020. |
19 | P. F. Brown, V.J.D. Pietra, P.V. Desouza, J.C. Lai and R.L. Mercer, "Class-based n-gram models of natural language," Computational linguistics 18(4), pp. 467-480, Dec. 1992. |
20 | I. Santos, Y.K. Penya, J. Devesa and P.G. Bringas, "N-grams-based File Signatures for Malware Detection," Proceedings of the 11th International Conference on Enterprise Information Systems(ICEIS), pp. 317-320, May. 2009. |