Malware analysts spend a lot of time deciding which signals from a sandbox run are worth keeping. A sample executed in a controlled environment can generate hundreds of measurable attributes covering file structure, registry edits, process behavior, and network traffic. Most of those attributes add noise. A recent study works through this problem in detail, and the part that earns attention from working defenders is the feature selection, not the deep learning model attached to … More →
The post The behavioral signals that sharpen Trojan malware detection appeared first on Help Net Security.
http://news.poseidon-us.com/TSmcd2
