Feb 14
Learning a Portfolio-Based Checker for Provenance-Similarity of Binaries
Binaries , Malware , Provenance , SEI Research No Comments »By Sagar Chaki, Senior Member of the Technical Staff
Research Technology and System Solutions (RTSS)
As software becomes an
ever-increasing part of our daily lives, organizations find themselves relying
on software that originates from unknown and untrusted sources. The vast
majority of such software is available only as executables, known as “binaries.”
Many binaries—such as malware or different versions and builds of a software
package—are simply minor variants of old programs (or in some cases exact
copies) that have been run through a different compiler. This blog post explains how the ability to detect
similarities among binaries is an important tool in malware detection and a
growing area of research.
Recent Comments