Regeciova et al., 2021 - Google Patents
Pattern matching in yara: Improved aho-corasick algorithmRegeciova et al., 2021
View PDF- Document ID
- 15251111836744839870
- Author
- Regeciova D
- Kolář D
- Milkovič M
- Publication year
- Publication venue
- IEEE Access
External Links
Snippet
YARA is a tool for pattern matching used by malware analysts all over the world. YARA can scan files, as well as process memory. It allows us to define sequences of symbols as text strings, hexadecimal strings and regular expressions. However, the use of regular …
- 241001377938 Yara 0 title abstract description 96
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30943—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type
- G06F17/30964—Querying
- G06F17/30979—Query processing
- G06F17/30985—Query processing by using string matching techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30943—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type
- G06F17/30946—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type indexing structures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F17/30613—Indexing
- G06F17/30619—Indexing indexing structures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F17/30634—Querying
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/20—Handling natural language data
- G06F17/27—Automatic analysis, e.g. parsing
- G06F17/2765—Recognition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/20—Handling natural language data
- G06F17/21—Text processing
- G06F17/22—Manipulating or registering by use of codes, e.g. in sequence of text characters
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hakak et al. | Exact string matching algorithms: survey, issues, and future research directions | |
| Regeciova et al. | Pattern matching in yara: Improved aho-corasick algorithm | |
| Vinayakumar et al. | Evaluating deep learning approaches to characterize and classify malicious URL’s | |
| US9305116B2 (en) | Dual DFA decomposition for large scale regular expression matching | |
| WO2020259260A1 (en) | Structured query language (sql) injection detecting method and device | |
| US8892580B2 (en) | Transformation of regular expressions | |
| Aljabri et al. | An assessment of lexical, network, and content‐based features for detecting malicious URLs using machine learning and deep learning models | |
| Nowroozi et al. | An adversarial attack analysis on malicious advertisement URL detection framework | |
| Clark et al. | Design of efficient FPGA circuits for matching complex patterns in network intrusion detection systems | |
| Fang et al. | WOVSQLI: Detection of SQL injection behaviors using word vector and LSTM | |
| SaiKrishna et al. | String matching and its applications in diversified fields | |
| Turoňová et al. | Regex matching with counting-set automata | |
| Krishnan et al. | SQL injection detection using machine learning | |
| Ulfath et al. | Detecting smishing attacks using feature extraction and classification techniques | |
| Le Glaunec et al. | Regular expression matching using bit vector automata | |
| CN116232708A (en) | A text-based threat intelligence-based attack chain construction and attack source tracing method and system | |
| Rasool et al. | A novel json based regular expression language for pattern matching in the internet of things | |
| Hamroun et al. | A review on lexical based malicious domain name detection methods | |
| Purba et al. | Extracting Actionable Cyber Threat Intelligence from Twitter Stream | |
| Blanc et al. | Characterizing obfuscated JavaScript using abstract syntax trees: Experimenting with malicious scripts | |
| Turoňová et al. | Counting in Regexes Considered Harmful: Exposing {ReDoS} Vulnerability of Nonbacktracking Matchers | |
| Oudah et al. | SQL injection detection using machine learning with different TF-IDF feature extraction approaches | |
| Gutiérrez et al. | Contextminer: Mining contextual features for conceptualizing knowledge in security texts | |
| Wrench et al. | Detecting derivative malware samples using deobfuscation-assisted similarity analysis | |
| Jia et al. | From innovations to prospects: What is hidden behind cryptocurrencies? |