ABSTRACT

Traditional signature-based malware detectors identify malware by scanning untrusted binaries for distinguishing byte sequences or features. Features unique to malware are maintained in a signature database, which must be continually updated as new malware is discovered and analyzed.