Malware Research

Malware Research

  • Mohammad Reza Ghasemi added an answer:
    Where can I find huge data sets of analyzed malwares for data mining?

    I am working on detecting malwares. I need data sets to stimulate my program on it.
    Where can I find huge data sets of analyzed malwares for data mining?

    Mohammad Reza Ghasemi · Applied Science of Jahad Daneshgahi Shiraz

    Thanks a lot

  • Steve F. Russell added an answer:
    A 2002 NIST study had estimated the cost of software bugs. Do you know any other (more recent) attempt at quantifying the impact of bugs in some way?

    All papers I could find have cited the same document for more than a decade: http://www.nist.gov/director/planning/upload/report02-3.pdf

    No one seems to have found any more recent study on the topic. Have you?

    Steve F. Russell · Iowa State University

    Hi Sylvain,

    I once worked as supervisor of software configuration management and quality control in an aerospace corporation. I am not familiar with the NIST paper but I can say definitely that estimating the life-cycle-cost of a software error is very complex and depends on the policies and culture of the software development organization. Any claim that a "universal" method of cost estimate is possible would be a massive overstatement.

    For example, Microsoft will let a software bug exist through several software updates and that approach has been largely accepted by users.

    On the other hand, in avionics and aircraft applications, a software error can cost lifes and the extent to which software is tested and errors eliminated is very costly.

    The original space shuttle  ran 4 computers. Three identical and a 4th developed independently. Computation results were compared at milestones in the computing cycle and a vote taken as to correctness.

    In the life cycle of software, the bug must be detected and analyzed. A revision must be written and extensively tested and documented. The software revision must be introduced into the product cycle. The revision must be distributed as a "fix" to previous customers. Every software company does it differently with different costs depending on the safety and social impact of the software.

    Hope this helps. Good luck.

    to the extent

  • Mohamed Belaoued added an answer:
    Which is the best tool for behaviour based malware analysis?

    If you need to enhance the security the best way is to study the behavior of Malware, so any suggestion for the latest and best tool for behavior analysis of Malware?

  • Valdis Krebs added an answer:
    What are some of the best models describing the epidemic spread over a network?
    Epidemic in Networks
    Looking for some of the best papers or thesis to go through.
    Valdis Krebs · Orgnet, LLC

    The spread of TB/HIV in human networks...

    http://orgnet.com/contagion.html

    Follow links to original papers with the CDC at bottom of article.

  • Rodrigo Ruiz added an answer:
    What do you consider the biggest malware proliferation technique in social media and why?
    Social media is now the biggest source of malware proliferation (esp. Facebook), but there is an ongoing debate on the most popular method of malware distribution.
    Rodrigo Ruiz · Centro de Tecnologia da Informação Renato Archer

    Ehinome, the knowledge of human behavior and the exploitation of our desires, lusts, vanities, fears and greed. This knowledge serves to all media, digital or conventional.

  • Abdul Razaque added an answer:
    What is the best open source detection tool for malware that has anti-virtualization?
    Malware now has the split personality capability to detect virtualization when being analyzed.
    Abdul Razaque · University of Bridgeport
    You can go with following malware detection tools.

    1. pybot Search & Destroy
    2.SUPERAntiSpyware
    3.HijackThis
    4.Pyew
    5. Interactive Disassembler (IDA)
  • Shahid Alam asked a question:
    Is there any research on static detection of javascript malicious code (with or without obfuscation)?
    JavaScript is a very popular language and is used in all the social networking sites. It can also be used for malicious purposes (mostly as part of cross site scripting), such as: distributing malware, directing to malicious web sites, popup windows etc. Such a code is normally obfuscated to hide it from automatic detection. As part of my research I am conducting a study on the types of javascript obfuscations and malicious code to automate it's detection statically.

Topic Followers (178) See all