Create an Account
username: password:
 
  MemeStreams Logo

Automating AV signature generation « blog.zynamics.com
search
Home Agent Weblogs Social Network Post Help About

Security Reads
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Security Reads's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Automating AV signature generation « blog.zynamics.com
Topic: Miscellaneous 11:13 am EST, Feb 23, 2010

Automating AV signature generation
By Thomas Dullien

Hey all,
I finally get around to writing about our automated byte signature generator. It’s going to be a bird’s eye view, so if you’re interested you’ll have to read Christian’s thesis (in German) or wait for our academic paper (in English) to be accepted somewhere.

First, some background: One of the things we’re always working on at zynamics is VxClass, our automated malware classification system. The underlying core that drives VxClass is the BinDiff 3 engine (about which I have written elsewhere). An important insight about BinDiff’s algorithms is the following:

The Zynamics guys always have a different way of thinking. Great work again!

Automating AV signature generation « blog.zynamics.com

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0