Papers
Topics
Authors
Recent
Search
2000 character limit reached

Assessing the Effectiveness of YARA Rules for Signature-Based Malware Detection and Classification

Published 27 Nov 2021 in cs.CR | (2111.13910v1)

Abstract: Malware often uses obfuscation techniques or is modified slightly to evade signature detection from antivirus software and malware analysis tools. Traditionally, to determine if a file is malicious and identify what type of malware a sample is, a cryptographic hash of a file is calculated. A more recent and flexible solution for malware detection is YARA, which enables the creation of rules to identify and classify malware based on a file's binary patterns. In this paper, the author will critically evaluate the effectiveness of YARA rules for signature-based detection and classification of malware in comparison to alternative methods, which include cryptographic and fuzzy hashing.

Citations (3)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Authors (1)

  1. Adam Lockett 

Collections

Sign up for free to add this paper to one or more collections.

Sign Up