Vx Heavens Virus Collection
- AVG Free Antivirus, http://free.avg.com/.
- Axelsson, S.: The base-rate fallacy and its implications for the difficulty of intrusion detection. In: ACM Conference on Computer and Communications Security (CCS), Singapore, pp. 1–7 (1999)Google Scholar
- Cheng, J., Wong, S.H.Y., Yang, H., Lu, S.: SmartSiren: virus detection and alert for smartphones. In: International Conference on Mobile Systems, Applications and Services (MobiSys), USA, pp. 258–271 (2007)Google Scholar
- DUMPBIN utility, Article ID 177429, Revision 4.0, Micorsoft Help and Support (2005)Google Scholar
- Fawcett, T.: ROC Graphs: Notes and Practical Considerations for Researchers, TR HPL-2003-4, HP Labs, USA (2004)Google Scholar
- F-Secure Corporation, F-Secure Reports Amount of Malware Grew by 100% during 2007, Press release (2007)Google Scholar
- F-Secure Virus Description Database, http://www.f-secure.com/v-descs/
- hash_map, Visual C++ Standard Library, http://msdn.microsoft.com/en-us/library/6x7w9f6z.aspx
- Hnatiw, N., Robinson, T., Sheehan, C., Suan, N.: PIMP MY PE: Parsing Malicious and Malformed Executables. In: Virus Bulletin Conference (VB), Austria (2007)Google Scholar
- Kendall, K., McMillan, C.: Practical Malware Analysis. In: Black Hat Conference, USA (2007)Google Scholar
- Kolter, J.Z., Maloof, M.A.: Learning to detect malicious executables in the wild. In: ACM International Conference on Knowledge Discovery and Data Mining (KDD), USA, pp. 470–478 (2004)Google Scholar
- Microsoft Portable Executable and Common Object File Format Specification, Windows Hardware Developer Central, Updated March 2008 (2008), http://www.microsoft.com/whdc/system/platform/firmware/PECOFF.mspx.
- Munro, J.: Antivirus Research and Detection Techniques, Antivirus Research and Detection Techniques, Extreme Tech. (2002), http://www.extremetech.com/article2/0,2845,367051,00.asp
- Panda Antivirus, http://www.pandasecurity.com/
- PE file format, Webster Technical Documentation, http://webster.cs.ucr.edu/Page_TechDocs/pe.txt
- PEiD, http://www.peid.info/
- Perdisci, R., Lanzi, A., Lee, W.: Classification of Packed Executables for Accurate Computer Virus Detection. Elsevier Pattern Recognition Letters 29(14), 1941–1946 (2008)CrossRefGoogle Scholar
- Perdisci, R., Lanzi, A., Lee, W.: McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables. In: Annual Computer Security Applications Conference (ACSAC), pp. 301–310. IEEE Press, USA (2008)Google Scholar
- Protection ID - the ultimate Protection Scanner, http://pid.gamecopyworld.com/
- Pietrek, M.: An In-Depth Look into the Win32 Portable Executable File Format, Part 2. MSDN Magazine (March 2002)Google Scholar
- Project Malfease, http://malfease.oarci.net/
- Schultz, M.G., Eskin, E., Zadok, E., Stolfo, S.J.: Data mining methods for detection of new malicious executables. In: IEEE Symposium on Security and Privacy (S&P), USA, pp. 38–49 (2001)Google Scholar
- Shafiq, M.Z., Tabish, S.M., Mirza, F., Farooq, M.: A Framework for Efficient Mining of Structural Information to Detect Zero-Day Malicious Portable Executables, Technical Report, TR-nexGINRC-2009-21 (January 2009), http://www.nexginrc.org/papers/tr21-zubair.pdf
- Shafiq, M.Z., Tabish, S.M., Farooq, M.: PE-Probe: Leveraging Packer Detection and Structural Information to Detect Malicious Portable Executables. In: Virus Bulletin Conference (VB), Switzerland (2009)Google Scholar
- Symantec Internet Security Threat Reports I-XI (January 2002-January 2008)Google Scholar
- Veldman, F.: Heuristic Anti-Virus Technology. In: International Virus Bulletin Conference, USA, pp. 67–76 (1993)Google Scholar
- VX Heavens Virus Collection, VX Heavens website, http://vx.netlux.org
- Walter, S.D.: The partial area under the summary ROC curve. Statistics in Medicine 24(13), 2025–2040 (2005)MathSciNetCrossRefGoogle Scholar
- Witten, I.H., Frank, E.: Data mining: Practical machine learning tools and techniques, 2nd edn. Morgan Kaufmann, USA (2005)zbMATHGoogle Scholar
Vx Heavens Virus Collection Update
VX Heavens was dedicated to recording the history of malicious code, a site hailed by some computer security researchers as an invaluable resource but one of little practical use to real. Note: many Internet Archive torrents contain a 'pad file' directory. This directory and the files within it may be erased once retrieval completes. Note: the file vxheaven-windows-virus-collectionmeta.xml contains metadata about this torrent's contents. Created by iamaketorrent. Creation date Mon Jan 16 21: info. Vxheaven virus collection. Posted by 4 years ago. Vxheaven virus collection. Any torrent or download link for vxheaven virus collection that.
Vx Heavens Virus Collection Software
Ok, we have a loader, but where is the promissedspace? I think all of you knew what the Program Header Table is. It filled with entries (32 bytes each) which describe the segments of the program. Some of them are deadly important (like PT_LOAD or PT_DYNAMIC) and it's not possible to tell the same about the rest. Let's return to the widely known method ofinfectioncalled 'Additional Code Segment' [1]. The sum and substance of it is a replacement of the unused PHT entry with type PT_NOTE (pointer to .note.ABI-tag section) by PT_LOAD (new segment with virus code). We can remove PT_NOTE completely without any consequences. The introduction of the new segment is a quite noticable change for the experienced user. The interesting thing about PHT is that it is located in the text segment. So, we have 32 spare bytes inside PHT and another 32 bytes in .note.ABI-tag section and will use it for the code itself. We will split the loader into two parts (this is what
jmp 0f; 0:
in loader for) and put it there.