[1]
|
Ventures, C. https://xueqiu.com/5525633543/174213926
|
[2]
|
Center, C. I. N. I. http://www.cnnic.net.cn
|
[3]
|
Cesare, S., Xiang, Y. and Zhou, W. (2013) Control Flow-Based Malware Variant Detec-tion. IEEE Transactions on Dependable and Secure Computing, 11, 307-317. https://doi.org/10.1109/TDSC.2013.40
|
[4]
|
Dinaburg, A., Royal, P., Sharif, M. and Lee, W. (2008) Ether: Mal-ware Analysis via Hardware Virtualization Extensions. Proceedings of the 15th ACM Conference on Computer and Communications Security, Alexandria, 27-31 October 2008, 51-62. https://doi.org/10.1145/1455770.1455779
|
[5]
|
Krishnamurthy, P., Karri, R. and Khorrami, F. (2019) Anomaly Detection in Real-Time Multi-Threaded Processes Using Hardware Performance Counters. IEEE Transactions on In-formation Forensics and Security, 15, 666-680.
https://doi.org/10.1109/TIFS.2019.2923577
|
[6]
|
Demme, J., Maycock, M., Schmitz, J., Tang, A., Waksman, A., Sethumadhavan, S. and Stolfo, S. (2013) On the Feasibility of Online Malware Detection with Performance Counters. ACM SIGARCH Computer Architecture News, 41, 559-570. https://doi.org/10.1145/2508148.2485970
|
[7]
|
Stone-Gross, B., Abman, R., Kemmerer, R.A., Kruegel, C., Stei-gerwald, D.G. and Vigna, G. (2013) The Underground Economy of Fake Antivirus Software. In: Economics of Infor-mation Security and Privacy III, Springer, Berlin, 55-78.
https://doi.org/10.1007/978-1-4614-1981-5_4
|
[8]
|
Caballero, J., Grier, C., Kreibich, C. and Paxson, V. (2011) Measuring Pay-per-Install: The Commoditization of Malware Distribution. 20th USENIX Security Symposium (USENIX Security 11), San Francisco, 8-12 August 2011.
|
[9]
|
Goncharov, M. (2012) Russian Underground 101. Trend Micro Incorporated Research Paper, 51.
|
[10]
|
Langner, R. (2011) Stuxnet: Dissecting a Cyberwarfare Weapon. IEEE Security & Privacy, 9, 49-51.
https://doi.org/10.1109/MSP.2011.67
|
[11]
|
Team, S.A., et al. (2012) Skywiper: A Complex Malware for Targeted Attacks. Technical Report.
|
[12]
|
Chien, E., OMurchu, L. and Falliere, N. (2012) W32. Duqu: The Precursor to the Next Stuxnet. 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 12), San Jose, 24 April 2012.
|
[13]
|
Or-Meir, O., Nissim, N., Elovici, Y. and Rokach, L. (2019) Dynamic Malware Analysis in the Modern Era—A State of the Art Survey. ACM Computing Surveys (CSUR), 52, 1-48. https://doi.org/10.1145/3329786
|
[14]
|
Ramzan, Z., Seshadri, V. and Nachenberg, C. (2009) Reputation-Based Se-curity: An Analysis of Real World Effectiveness. Symantec Corporation.
|
[15]
|
Bilge, L. and Dumitras, T. (2012) Before We Knew It: An Empirical Study of Zero-Day Attacks in the Real World. Proceedings of the 2012 ACM Conference on Computer and Communications Security, Raleigh, 16-18 October 2012, 833-844. https://doi.org/10.1145/2382196.2382284
|
[16]
|
Szor, P. and Ferrie, P. (2001) Hunting for Metamorphic. Proceed-ings of the Virus Bulletin Conference 2001, Prague, 27-28 September 2001, 521-541.
|
[17]
|
Lanzi, A., Balzarotti, D., Kruegel, C., Christodorescu, M. and Kirda, E. (2010) Accessminer: Using System-Centric Models for Malware Protec-tion. Proceedings of the 17th ACM Conference on Computer and Communications Security, Chicago, 4-8 October 2010, 399-412. https://doi.org/10.1145/1866307.1866353
|
[18]
|
Christodorescu, M., Jha, S. and Kruegel, C. (2007) Min-ing Specifications of Malicious Behavior. Proceedings of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, Cavtat near Dubrovnik, 3-7 September 2007, 5-14.
https://doi.org/10.1145/1287624.1287628
|
[19]
|
Forrest, S., Hofmeyr, S.A., Somayaji, A. and Longstaff, T.A. (1996) A Sense of Self for Unix Processes. Proceedings 1996 IEEE Symposium on Security and Privacy, Oakland, 6-8 May 1996, 120-128.
https://doi.org/10.1109/SECPRI.1996.502675
|
[20]
|
Lee, W., Stolfo, S.J. and Mok, K.W. (1999) A Data Mining Framework for Building Intrusion Detection Models. Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, 9-12 May 1999, 120-132.
https://doi.org/10.1007/978-3-540-70542-0_6
|
[21]
|
Rieck, K., Holz, T., Willems, C., Dussel, P. and Laskov, P. (2008) Learning and Classification of Malware Behavior. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, Berlin, 108-125.
|
[22]
|
Bailey, M., Oberheide, J. andersen, J., Mao, Z.M., Jahanian, F. and Nazario, J. (2007) Automated Classification and Analysis of Internet Malware. In: International Workshop on Recent Advances in Intrusion Detection, Springer, Berlin, 178-197. https://doi.org/10.1007/978-3-540-74320-0_10
|
[23]
|
Bayer, U., Comparetti, P.M., Hlauschek, C., Kruegel, C. and Kirda, E. (2009) Scalable, Behavior-Based Malware Clustering. NDSS, Vol. 9, 8-11.
|
[24]
|
Jana, S. and Shmatikov, V. (2012) Abusing File Processing in Malware Detectors for Fun and Profit. 2012 IEEE Symposium on Security and Pri-vacy, San Francisco, 24-25 May 2012, 80-94. https://doi.org/10.1109/SP.2012.15
|
[25]
|
Chen, D., Vachharajani, N., Hundt, R., Li, X., Eranian, S., Chen, W. and Zheng, W. (2011) Taming Hardware Event Samples for Precise and Versa-tile Feedback Directed Optimizations. IEEE Transactions on Computers, 62, 376-389.
https://doi.org/10.1109/TC.2011.233
|
[26]
|
Zhou, X., Lu, K., Wang, X. and Li, X. (2012) Exploiting Parallelism in Deterministic Shared Memory Multiprocessing. Journal of Parallel and Distributed Computing, 72, 716-727. https://doi.org/10.1016/j.jpdc.2012.02.008
|
[27]
|
O’Callahan, R., Jones, C., Froyd, N., Huey, K., Noll, A. and Par-tush, N. (2017) Engineering Record and Replay for Deployability. 2017 USENIX Annual Technical Conference (USENIX ATC 17), Santa Clara, 12-14 July 2017, 377-389.
|
[28]
|
Intel. Intel® 64 and ia-32 Architectures Software Developer’s Manual.
https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.pdf
|
[29]
|
AMD (2020) Developer Guides, Manuals & Isa Documents.
https://developer.amd.com/resources/developer-guides-manuals
|
[30]
|
Wang, S., Zhang, W., Wu, H., et al. (2015) Approach of Quantifying Virtual Machine Performance Interference Based on Hardware Performance Counter. Journal of Software, 6, 2074-2090. https://doi.org/10.1109/COMPSAC.2015.14
|
[31]
|
Patel, N., Sasan, A. and Homayoun, H. (2017) Analyzing Hardware Based Malware Detectors. 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC), Austin, 18-22 June 2017, 1-6.
https://doi.org/10.1145/3061639.3062202
|
[32]
|
Ahmad, B.A. (2020) Real Time Detection of Spectre and Meltdown Attacks Using Machine Learning.
|
[33]
|
Li, C. and Gaudiot, J.-L. (2021) Detecting Spectre Attacks Using Hardware Per-formance Counters. IEEE Transactions on Computers, 71, 1320-1331. https://doi.org/10.1109/TC.2021.3082471
|
[34]
|
Das, S., Werner, J., Antonakakis, M., Polychronakis, M. and Monrose, F. (2019) Sok: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security. 2019 IEEE Symposium on Security and Privacy (SP), San Francisco, 19-23 May 2019, 20-38. https://doi.org/10.1109/SP.2019.00021
|
[35]
|
Weaver, V.M., Terpstra, D. and Moore, S. (2013) Non-Determinism and Overcount on Modern Hardware Performance Counter Implementations. 2013 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS), Austin, 21-23 April 2013, 215-224. https://doi.org/10.1109/ISPASS.2013.6557172
|
[36]
|
Yang, L., Guo, W., Hao, Q., Ciptadi, A., Ahmadzadeh, A., Xing, X. and Wang, G. (2021) CADE: Detecting and Explaining Concept Drift Samples for Security Applications. 30th USENIX Security Symposium (USENIX Security 21), 2021, 2327-2344.
|
[37]
|
Khasawneh, K.N., Abu-Ghazaleh, N., Ponomarev, D. and Yu, L. (2017) Rhmd: Evasion-Resilient Hardware Malware Detectors. Proceedings of the 50th An-nual IEEE/ACM International Symposium on Microarchitecture, Cambridge, 14-18 October 2017, 315-327. https://doi.org/10.1145/3123939.3123972
|
[38]
|
Ozsoy, M., Donovick, C., Gorelik, I., Abu-Ghazaleh, N. and Ponomarev, D. (2015) Malware-Aware Processors: A Framework for Efficient Online Malware Detection. 2015 IEEE 21st International Symposium on High Performance Computer Architecture (HPCA), Burlingame, 7-11 February 2015, 651-661.
https://doi.org/10.1109/HPCA.2015.7056070
|
[39]
|
Ozsoy, M., Khasawneh, K.N., Donovick, C., Gorelik, I., AbuGhazaleh, N. and Ponomarev, D. (2016) Hardware-Based Malware Detection Using Low-Level Architectural Fea-tures. IEEE Transactions on Computers, 65, 3332-3344.
https://doi.org/10.1109/TC.2016.2540634
|
[40]
|
Das, S., Chen, B., Chandramohan, M., Liu, Y. and Zhang, W. (2018) Ropsentry: Runtime Defense against Rop Attacks Using Hardware Performance Counters. Computers & Security, 73, 374-388.
https://doi.org/10.1016/j.cose.2017.11.011
|
[41]
|
Singh, B., Evtyushkin, D., Elwell, J., Riley, R. and Cervesato, I. (2017) On the Detection of Kernel-Level Rootkits Using Hardware Performance Counters. Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, Abu Dhabi, 2-6 April 2017, 483-493. https://doi.org/10.1145/3052973.3052999
|
[42]
|
Khasawneh, K.N., Ozsoy, M., Donovick, C., Abu-Ghazaleh, N. and Ponomarev, D. (2015) Ensemble Learning for Low-Level Hardware-Supported Malware Detection. In: International Symposium on Recent Advances in Intrusion Detection, Springer, Berlin, 3-25. https://doi.org/10.1007/978-3-319-26362-5_1
|
[43]
|
Sayadi, H., Patel, N., Pd, S.M., Sasan, A., Rafatirad, S. and Homayoun, H. (2018) Ensemble Learning for Effective Run-Time Hardware-Based Malware Detection: A Comprehen-sive Analysis and Classification. 2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC), San Francisco, 24-28 June 2018, 1-6.
https://doi.org/10.1145/3195970.3196047
|
[44]
|
Tang, A., Sethumadhavan, S. and Stolfo, S.J. (2014) Unsupervised Anomaly-Based Malware Detection Using Hardware Features. In: International Workshop on Recent Advances in Intru-sion Detection, Springer, Berlin, 109-129.
https://doi.org/10.1007/978-3-319-11379-1_6
|
[45]
|
Garcia-Serrano, A. (2015) Anomaly Detection for Malware Identification Using Hardware Performance Counters.
|
[46]
|
Zhang, T., Zhang, Y. and Lee, R.B. (2016) Cloudradar: A Real-Time Sidechannel Attack Detection System in Clouds. In: International Symposium on Research in Attacks, Intru-sions, and Defenses, Springer, Berlin, 118-140.
https://doi.org/10.1007/978-3-319-45719-2_6
|
[47]
|
Zhou, B., Gupta, A., Jahanshahi, R., Egele, M. and Joshi, A. (2018) Hardware Performance Counters Can Detect Malware: Myth or Fact? Proceedings of the 2018 on Asia Confer-ence on Computer and Communications Security, Incheon, 4-8 June 2018, 457-468. https://doi.org/10.1145/3196494.3196515
|
[48]
|
Wang, X., Chai, S., Isnardi, M., Lim, S. and Karri, R. (2016) Hardware Performance Counter-Based Malware Identification and Detection with Adaptive Compressive Sensing. ACM Transactions on Architecture and Code Optimization (TACO), 13, 1-23. https://doi.org/10.1145/2857055
|
[49]
|
Basu, K., Krishnamurthy, P., Khorrami, F. and Karri, R. (2019) A Theoretical Study of Hardware Performance Counters-Based Malware Detection. IEEE Transactions on Information Forensics and Security, 15, 512-525.
https://doi.org/10.1109/TIFS.2019.2924549
|
[50]
|
Jyothi, V., Wang, X., Addepalli, S.K. and Karri, R. (2016) BRAIN: Behavior Based Adaptive Intrusion Detection in Networks: Using Hardware Performance Counters to Detect DDoS Attacks. 2016 29th International Conference on VLSI Design and 2016 15th International Conference on Em-bedded Systems (VLSID), IEEE, Kolkata, 4-8 January 2016, 587-588. https://doi.org/10.1109/VLSID.2016.115
|
[51]
|
Wang, X., Konstantinou, C., Maniatakos, M., Karri, R., Lee, S., Robison, P., Stergiou, P. and Kim, S. (2016) Malicious Firmware Detection with Hardware Performance Counters. IEEE Transactions on Multi-Scale Computing Systems, 2, 160-173. https://doi.org/10.1109/TMSCS.2016.2569467
|
[52]
|
Alam, M., Sinha, S., Bhattacharya, S., Dutta, S., Mukhopadh-yay, D. and Chattopadhyay, A. (2020) Rapper: Ransomware Prevention via Performance Counters.
|
[53]
|
Li, C. and Gaudiot, J.-L. (2019) Detecting Malicious Attacks Exploiting Hardware Vulnerabilities Using Performance Counters. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Vol. 1, 588-597.
https://doi.org/10.1109/COMPSAC.2019.00090
|
[54]
|
Aweke, Z.B., Yitbarek, S.F., Qiao, R., Das, R., Hicks, M., Oren, Y. and Austin, T. (2016) Anvil: Software-Based Protection against Next-Generation Rowhammer Attacks. ACM SIGPLAN Notices, 51, 743-755.
https://doi.org/10.1145/2954679.2872390
|
[55]
|
Pan, Z., Sheldon, J. and Mishra, P. (2022) Hardware-Assisted Malware Detection and Localization Using Explainable Machine Learning. IEEE Transactions on Computers, 71, 3308-3321. https://doi.org/10.1109/TC.2022.3150573
|
[56]
|
Hu, Y.F., et al. (2022) Care: Enabling Hardware Per-formance Counter Based Malware Detection Resilient under System Resource Competition. The 24th IEEE International Conferences on High Performance Computing and Communications (HPCC), Chengdu, 18-20 December 2022, 377-385.
|
[57]
|
Wang, X. and Karri, R. (2015) Reusing Hardware Performance Counters to Detect and Identify Kernel Control-Flow Modifying Rootkits. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 35, 485-498.
https://doi.org/10.1109/TCAD.2015.2474374
|