A static API birthmark for Windows binary executables

[1]  Robert E. Tarjan,et al.  Faster Scaling Algorithms for Network Problems , 1989, SIAM J. Comput..

[2]  Eugene H. Spafford,et al.  Software forensics: Can we track code to its authors? , 1993, Comput. Secur..

[3]  Andrew V. Goldberg,et al.  An efficient cost scaling algorithm for the assignment problem , 1995, Math. Program..

[4]  David Grove,et al.  Optimization of Object-Oriented Programs Using Static Class Hierarchy Analysis , 1995, ECOOP.

[5]  Michael J. Wise,et al.  YAP3: improved detection of similarities in computer program and other texts , 1996, SIGCSE '96.

[6]  David A. Schmidt,et al.  Static analysis : third international symposium, SAS '96, Aachen, Germany, September 24-26, 1996 : proceedings , 1996 .

[7]  Barbara G. Ryder,et al.  Data-Flow-Based Virtual Function Resolution , 1996, SAS.

[8]  Eugene H. Spafford,et al.  Authorship analysis: identifying the author of a program , 1997, Comput. Secur..

[9]  Horst Bunke,et al.  A graph distance metric based on the maximal common subgraph , 1998, Pattern Recognit. Lett..

[10]  Stephanie Forrest,et al.  Intrusion Detection Using Sequences of System Calls , 1998, J. Comput. Secur..

[11]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[12]  Christian S. Collberg,et al.  Software watermarking: models and dynamic embeddings , 1999, POPL '99.

[13]  Galen C. Hunt,et al.  Detours: binary interception of Win32 functions , 1999 .

[14]  J. Larus Whole program paths , 1999, PLDI '99.

[15]  Barak A. Pearlmutter,et al.  Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[16]  Mourad Debbabi,et al.  Static analysis of binary code to isolate malicious behaviors , 1999, Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99).

[17]  Nicholas Tran,et al.  Sim: a utility for detecting similarity in computer programs , 1999, SIGCSE '99.

[18]  Jules Desharnais,et al.  Static Detection of Malicious Code in Executable Programs , 2000 .

[19]  Emden R. Gansner,et al.  Graphviz - Open Source Graph Drawing Tools , 2001, GD.

[20]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[21]  R. Sekar,et al.  A fast automaton-based method for detecting anomalous program behaviors , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[22]  John C. Knight,et al.  A security architecture for survivability mechanisms , 2001 .

[23]  Michael Philippsen,et al.  Finding Plagiarisms among a Set of Programs with JPlag , 2002, J. Univers. Comput. Sci..

[24]  Arun Lakhotia,et al.  CHALLENGES IN GETTING ‘FORMAL’ WITH VIRUSES , 2003 .

[25]  Somesh Jha,et al.  Static Analysis of Executables to Detect Malicious Patterns , 2003, USENIX Security Symposium.

[26]  Daniel Shawcross Wilkerson,et al.  Winnowing: local algorithms for document fingerprinting , 2003, SIGMOD '03.

[27]  Saumya K. Debray,et al.  Obfuscation of executable code to improve resistance to static disassembly , 2003, CCS '03.

[28]  Christian S. Collberg,et al.  Sandmark--A Tool for Software Protection Research , 2003, IEEE Secur. Priv..

[29]  Andrew H. Sung,et al.  Static analyzer of vicious executables (SAVE) , 2004, 20th Annual Computer Security Applications Conference.

[30]  Christian S. Collberg,et al.  Detecting Software Theft via Whole Program Path Birthmarks , 2004, ISC.

[31]  Akito Monden,et al.  Dynamic Software Birthmarks to Detect the Theft of Windows Applications , 2004 .

[32]  Akito Monden,et al.  Design and evaluation of birthmarks for detecting theft of java programs , 2004, IASTED Conf. on Software Engineering.

[33]  Shinichiro Yamamoto,et al.  A CASE tool platform using an XML representation of Java source code , 2004, Source Code Analysis and Manipulation, Fourth IEEE International Workshop on.

[34]  Somesh Jha,et al.  Testing malware detectors , 2004, ISSTA '04.

[35]  Christopher Krügel,et al.  Static Disassembly of Obfuscated Binaries , 2004, USENIX Security Symposium.

[36]  Arun Lakhotia,et al.  Abstract Stack Graph to Detect Obfuscated Calls in Binaries , 2004 .

[37]  Thomas W. Reps,et al.  Analyzing Memory Accesses in x86 Executables , 2004, CC.

[38]  Saumya K. Debray,et al.  Deobfuscation: reverse engineering obfuscated code , 2005, 12th Working Conference on Reverse Engineering (WCRE'05).

[39]  Arun Lakhotia,et al.  A method for detecting obfuscated calls in malicious binaries , 2005, IEEE Transactions on Software Engineering.

[40]  Matti A. Hiltunen,et al.  Authenticated system calls , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[41]  Christian S. Collberg,et al.  K-gram based software birthmarks , 2005, SAC '05.

[42]  Akito Monden,et al.  Java Birthmarks - Detecting the Software Theft - , 2005, IEICE Trans. Inf. Syst..

[43]  A. Volgenant,et al.  A shortest augmenting path algorithm for dense and sparse linear assignment problems , 1987, Computing.

[44]  Thomas W. Reps,et al.  WYSINWYX: What You See Is Not What You eXecute , 2005, VSTTE.

[45]  Koen De Bosschere,et al.  Opaque Predicates Detection by Abstract Interpretation , 2006, AMAST.

[46]  Chan-Hyun Youn,et al.  Surrogate Integrated PQRM and Its Replication Scheme in Wireless Grid , 2006, IEICE Trans. Inf. Syst..

[47]  Akito Monden,et al.  Dynamic Software Birthmarks Based on API Calls , 2006 .

[48]  Christian S. Collberg,et al.  Software theft detection through program identification , 2006 .

[49]  Koen De Bosschere,et al.  LOCO: an interactive code (De)obfuscation tool , 2006, PEPM '06.

[50]  Emden R. Gansner,et al.  Drawing graphs with dot , 2006 .

[51]  Somesh Jha,et al.  A semantics-based approach to malware detection , 2007, POPL '07.

[52]  Hyun-il Lim,et al.  A Static Birthmark of Binary Executables Based on API Call Structure , 2007, ASIAN.

[53]  Guillaume Bonfante,et al.  Control Flow Graphs as Malware Signatures , 2007 .

[54]  David Schuler,et al.  A dynamic birthmark for java , 2007, ASE.

[55]  Andreas Neumann Scalable Vector Graphics (SVG) , 2008, Encyclopedia of GIS.

[56]  Thomas W. Reps,et al.  WYSINWYX: What you see is not what you eXecute , 2005, TOPL.