Giovanni Vigna
Santa Barbara, California, United States
2K followers
500+ connections
Activity
-
Successful breaches typically involve sophisticated, multi-step attacks that move laterally between various endpoints and networks and disguise…
Successful breaches typically involve sophisticated, multi-step attacks that move laterally between various endpoints and networks and disguise…
Shared by Giovanni Vigna
-
Facebook Network Breach Affects Up to 50 Million Users! Yup that is the news today. I cannot stress to all of you enough how important it is to…
Facebook Network Breach Affects Up to 50 Million Users! Yup that is the news today. I cannot stress to all of you enough how important it is to…
Liked by Giovanni Vigna
Experience
Education
Publications
-
SigMal: A Static Signal Processing Based Malware Triage
ACM ACSAC 2013
In this work, we propose SigMal, a fast and precise malware detection framework based on signal processing techniques. SigMal is designed to operate with systems that process large amounts of binary samples. It has been observed that many samples received by such systems are variants of previously-seen malware, and they retain some similarity at the binary level. Previous systems used this notion of malware similarity to detect new variants of previously-seen malware. SigMal improves the…
In this work, we propose SigMal, a fast and precise malware detection framework based on signal processing techniques. SigMal is designed to operate with systems that process large amounts of binary samples. It has been observed that many samples received by such systems are variants of previously-seen malware, and they retain some similarity at the binary level. Previous systems used this notion of malware similarity to detect new variants of previously-seen malware. SigMal improves the state-of-the-art by leveraging techniques borrowed from signal processing to extract noise-resistant similarity signatures from the samples. SigMal uses an efficient nearest-neighbor search technique, which is scalable to millions of samples. We evaluate SigMal on 1.2 million recent samples, both packed and unpacked, observed over a duration of three months. In addition, we also used a constant dataset of known benign executables. Our results show that SigMal can detect 50% of the recent incoming samples with above 99% precision. We also show that SigMal could have detected, on average, 70 malware samples per day before any antivirus vendor detected them.
Other authorsSee publication -
Shady Paths: Leveraging Surfing Crowds to Detect Malicious Web Pages
ACM Conference on Computer and Communication Security (CCS)
-
Follow the Green: Growth and Dynamics in Twitter Follower Markets
Internet Measurement Conference (IMC)
People also viewed
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Giovanni Vigna
-
Giovanni Vigna
PM Casa Giola
-
Giovanni Vigna
1
-
Giovanni Sommavilla Vigna
Content & SEO Strategist @Tag Manager Italia
-
Giovanni Vigna
Giornalista - Journalist
19 others named Giovanni Vigna are on LinkedIn
See others named Giovanni Vigna