Additional material for the Hardware Assisted AV paper
Msc. Marcus Botacin, under supervision of Prof. Dr. Marco Zanata and Prof. Dr. André Grégio -- Department of Informatics - Federal University of Paraná -- and Profª Drª. Daniela Oliveira.
Discuss the use of branch history as signature for malware detection.
-
Branch.Framework: A two-level architecture solution which generates branch history patterns and match them against known signatures, trigerring AV scans. ** Branch.Framework/Hardware: The hardware component; A PIN-based tool responsible for branch pattern generation and signature matching. ** Branch.Framework/Software: The software component; An ordinary AV responsible for False Positive elimination/disambiguation.
-
Signature.Generation: Approaches for signature generation from branch data.
-
Signature.Generation/Whitelist: The usual way of generating signatures.
-
Signature.Generation/Neural.Network: An approach to reduce the signature search space.
To Be Published