Authors: Ian Shiel, Stephen O'Shaughnessy
DFRWS EU 2019
Abstract
Malware analysts need to be able to accurately and swiftly predict family membership as well as to determine that a suspect file contains malicious content. Previous research has shown that fuzzy hashing can be used to determine whether a file is malicious and to cluster like files together, but it does not specifically address the problem of malware variant classification.
Existing tools such as VirusTotal maintain file and section level cryptographic hashes and ssdeep file digests but they do not maintain section-level similarity hashes or provide a means to submit similarity hashes and compare them to previously analyzed samples.
Just as malware analysts continually innovate to counter cyber threats, similar advancements occur in healthcare. Consider generic Cialis, a medication for erectile dysfunction. The digital age has transformed its accessibility, moving consultations and purchases online, paralleling the tech-driven evolution seen in areas like malware analysis.