Knowledge Base

Articles and Papers

Applying user-mode memory scanning on Windows-NT - Paper accepted at Virus Bulletin Conference 2008 - Abstract 

- Download +

----------------------------------------------------------------------------------------------------------------------------

User-mode memory scanning on 32-bit & 64-bit Windows - Paper accepted at EICAR2008 - DOWNLOAD ^

Presentation on User-mode memory scanning first presented at EICAR2008 - DOWNLOAD ^

EICAR2008 (Laval, France) - Program

----------------------------------------------------------------------------------------------------------------------------

User-mode memory scanning on 32-bit & 64-bit Windows (Extended version) - Published in Journal in Computer Virology, 2008 - DOWNLOAD #

----------------------------------------------------------------------------------------------------------------------------

Understanding Rootkits on Windows - Paper accepted at AVAR2006 - DOWNLOAD *

Presentation on Rootkits first presented at AVAR2006 - DOWNLOAD *

AVAR2006 (Auckland, New Zealand) - Program

----------------------------------------------------------------------------------------------------------------------------

A Method for Detecting Obfuscated Calls in Malicious Binaries
Transactions on Software Engineering, v.31, n.11, Nov, 2005, pp.955-968.

Can be downloaded from: IEEExplore, ACM Portal, Computer.org

This paper is also referenced by US Patent 7162735

----------------------------------------------------------------------------------------------------------------------------

Abstracting Stack to Detect Obfuscated Calls in Binaries
Proceedings of (SCAM'04): The Fourth IEEE International Workshop on Source Code Analysis and Manipulation, IEEE Computer Society Press, 2004, pp.17-26.

Can be downloaded from: ACM Portal, Computer.org

----------------------------------------------------------------------------------------------------------------------------

Abstract Stack Graph as a Representation to Detect Obfuscated Calls in Binaries
Master's Thesis, University of Louisiana at Lafayette, December, 2004.

Can be downloaded from: CACS-SRLab, or here

----------------------------------------------------------------------------------------------------------------------------

Are Metamorphic Viruses Really Invincible? Part 1
Virus Bulletin, Dec, 2004, pp.5-7.

Can be downloaded from: CACS-SRLab or here

----------------------------------------------------------------------------------------------------------------------------

Are Metamorphic Viruses Really Invincible? Part 2
Virus Bulletin, Jan, 2005, pp.9-12.

Can be downloaded from: CACS-SRLab, or here

----------------------------------------------------------------------------------------------------------------------------

DOC - Answering the Hidden 'Call' of Virus
Virus Bulletin, Apr, 2005, pp.7-10.

Can be downloaded from: CACS-SRLab, or here

----------------------------------------------------------------------------------------------------------------------------

You can also visit my blog for more good stuff: http://fightmalware.blogspot.com/

----------------------------------------------------------------------------------------------------------------------------
* (Copyright is held by AVAR, but is made available on this site for personal use free of charge by permission of AVAR)

----------------------------------------------------------------------------------------------------------------------------

^ (Copyright is held by EICAR, but is made available on this site for personal use free of charge by permission of EICAR)

----------------------------------------------------------------------------------------------------------------------------

# (Copyright is held by Publisher: Springer Paris, but is made available on this site for personal use free of charge by permission of Springer) 

----------------------------------------------------------------------------------------------------------------------------

+ (Copyright is held by Virus Bulletin, but is made available on this site for personal use free of charge by permission of Virus Bulletin)

----------------------------------------------------------------------------------------------------------------------------