Structural entropy and metamorphic malware

Addison, P.: The Illustrated Wavelet Transform Handbook: Introductory Theory and Applications in Science. Engineering, Medicine and Finance. Taylor and Francis Group, New York (2002)

Apostolico, A., Galil, Z.: Pattern Matching Algorithms. Oxford University Press, Oxford (1997)

Attaluri, S., McGhee, S., Stamp, M.: Profile hidden Markov models and metamorphic virus detection. J. Comput. Virol. 5(2), 151–169 (2009)

Aycock, J.: Computer Viruses and Malware. Springer, New York (2006)

Baysa, D.: Structural entropy and metamorphic malware. Master’s report, Department of Computer Science, San Jose State University. http://scholarworks.sjsu.edu/etd_projects/283/ (2012)

Borda, M.: Fundamentals in Information Theory and Coding. Springer, New York (2011)

Borello, J., Me, L.: Code obfuscation techniques for metamorphic viruses. J. Comput. Virol. 4(3), 30–40 (2008)

Bradley, A.P.: The use of the area under the ROC curve in the evaluation of machine learning algorithms. Pattern Recognit. 30, 1145–1159 (1997)

Burford, S.: Reverse engineering Linux ELF binaries on the x86 platform. http://www.linuxsa.org.au/meetings/reveng-0.2.pdf (2002)

Cilibrasi, R., Vitányi, P.M.B.: Clustering by compression. IEEE Trans. Inform. Theory 51(4), 1523–1545 (2005)

Collberg, C., Thomborson, C., Low, C.: A taxonomy of obfuscating transformations. Technical Report #118. The University of Auckland (1997)

Cygwin, Cygwin utility files. http://www.cygwin.com/ . Accessed Dec 2012

Islita, M.: Levenshtein edit distance. http://www.miislita.com/searchito/levenshtein-edit-distance.html (2006)

Karmeshu.: Entropy Measures, Maximum Entropy Principle and Emerging Applications. Springer, New York (2003)

The Mental Driller, Metamorphism in practice or “How I made MetaPHOR and what I’ve learnt”. http://biblio.l0t3k.net/magazine/en/29a/ (2002)

Patel, M.: Similarity tests for metamorphic virus detection, Master’s report. Department of Computer Science, San Jose State University. http://scholarworks.sjsu.edu/etd_projects/175/ (2011)

Pietrek, M.: Peering inside the PE: a tour of the Win32 portable executable file format. MSDN Magazine. http://msdn.microsoft.com/en-us/magazine/ms809762.aspx (1994)

Radhakrishnan, D.: Approximate disassembly, Master’s report. Department of Computer Science, San Jose State University. http://scholarworks.sjsu.edu/etd_projects/155/ (2010)

Robinson, S.: Expert. NET 1.1 Programming. Apress, New York (2004)

Runwal, N., Low, R., Stamp, M.: Opcode graph similarity and metamorphic detection. J. Comput Virol. 8(1–2), 37–52 (2012)

SearchSecurity, Metamorphic and polymorphic malw- are. http://searchsecurity.techtarget.com/definition/metamorphic-and-polymorphic-malware (2010)

Shah, A.: Approximate disassembly using dynamic programming, Master’s report. Department of Computer Science, San Jose State University. http://scholarworks.sjsu.edu/etd_projects/8/ (2010)

Shanmugam, G., Low, R., Stamp, M.: Simple substitution distance and metamorphic detection. J. Comput. Virol. (to appear)

Snakebyte, Next Generation Virus Construction Kit (NGVCK). Open Malware http://www.offensivecomputing.net/ (2000)

Sorokin, I.: Comparing files using structural entropy. J. Comput. Virol. 7(4), 259–265 (2011)

Sridhara, S.M., Stamp, M.: Metamorphic worm that carries its own morphing engine. J. Comput. Virol. (2012) (online $$\text{ first }^{\rm TM}$$ )

Stamp, M.: A revealing introduction to hidden Markov models. http://cs.sjsu.edu/~stamp/RUA/HMM.pdf (2012)

Struzik, Z., Siebes, A.: The Haar wavelet transform in the time series similarity paradigm. In: Proceedings of the Third European Conference on Principles of Data Mining and Knowledge Discovery (PKDD ’99). Springer, London. http://dl.acm.org/citation.cfm?id=669368 (1999)

Symantec, Viruses, worms, and trojans. http://service1.symantec.com/support/nav.nsf/docid/1999041209131106 (2011)

Van Fleet, P.: The discrete haar wavelet transformation. Joint Mathematical Meetings, Center for Applied Mathematics, University of St. Thomas. http://cam.mathlab.stthomas.edu/wavelets/pdffiles/NewOrleans07/HaarTransform.pdf (2007)

Verschuuren, G.: Excel 2007 for Scientists and Engineers. Holy Macro! Books (2008)

Virus files, Department of Computer Science, San Jose State University. http://cs.sjsu.edu/~stamp/viruses/ (2012)

Vuorenmaa, T.: The discrete wavelet transform with financial time series applications. Seminar on Learning Systems, University of Helsinki. http://www.rni.helsinki.fi/teaching/sols/TV_RNI.pdf (2003)

Wagner, R.A., Fischer, M.J.: The string-to-string correction problem. J. ACM (JACM) 21(1), 168–173 (1974)

Wong, W., Stamp, M.: Hunting for metamorphic engines. J. Comput. Virol. 2(3), 211–229 (2006)

You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: International Conference on Broadband, Wireless Computing. Communication and Applications (BWCCA), pp. 297–300 (2010)