Mining Specifications of Malicious Behavior

S. Haber, W.S. Stornetta, "Secure names for bit-strings," In Proceedings of the 4th ACM Conference
on Computer and Communications Security, pages 28-35, April 1997.

M. Christodorescu, C. Kruegel, and S. Jha. Mining Specifications of Malicious Behavior. In ESEC/FSE, pages 5–14, 2007.

X. Jiang, X. Wang, and D. Xu. Stealthy Malware Detection Through VMM-Based ”Out-of-the-Box” Semantic View Reconstruction. In CCS, pages 128–138, 2007.

PETTERSSON, T. Cryptographic key recovery from Linux memory dumps. Presentation, Chaos Communication Camp, Aug. 2007.

ROGAWAY, P. Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In Advances in Cryptology – ASIACRYPT 2004 (2004), pp. 16–31.

VIDAS, T. The acquisition and analysis of random access memory. Journal of Digital Forensic Practice 1 (Dec. 2006), 315–323.

WYNS, P., AND ANDERSON, R. L. Low-temperature operation of silicon dynamic random-access memories. IEEE Transactions on Electron Devices 36 (Aug. 1989), 1423–1428.

P. Bacher, T. Holz, M. Kotter, and G. Wicherski.Know your enemy: Tracking botnets. http://www.honeynet.org/papers/bots, 2005.

X. Jiang, D. Xu, H. J. Wang, and E. H. Spafford. Virtual Playgrounds for Worm Behavior Investigation. In RAID, pages 1–21, 2005.

L. Martignoni, M. Christodorescu, and S. Jha. OmniUnpack: Fast, Generic, and Safe Unpacking of Malware. In ACSAC, pages 431–441, 2007.