Question: (b) Malware shared code analysis. You are given a dataset of malicious binaries coming from different advanced persistent threat (APT) groups. The task you

(b) Malware shared code analysis. You are given a dataset of malicious 

(b) Malware shared code analysis. You are given a dataset of malicious binaries coming from different advanced persistent threat (APT) groups. The task you are given is to cluster the binaries into homogeneous groups, where each cluster should include all (and only) the binaries created from the same APT group. i. Describe a possible approach to analyse all these binaries for similarity. In your answer describe the features and metrics you would use to measure the similarity across samples, how the binaries would be represented, and pros and cons of this approach. (6 marks] i. Describe a strategy to cluster these binaries using the similarity metrics. [3 marks] Note: in your answers to 3(b)i and 3(b)ii. you are not supposed to use any machine learning technique or algorithm.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Programming Questions!

Q:

of 2 Nicole's employer, Poe Corporation, provides her with an automobile allowance of $20,000 every other year. Her marginal tax rate is 32 percent. Answer the following questions relating to this...

Q:

Q1. You have identified a market opportunity for home media players that would cater for older members of the population. Many older people have difficulty in understanding the operating principles...

Q:

The new line character is utilized solely as the last person in each message. On association with the server, a client can possibly (I) question the situation with a client by sending the client's...

Q:

Analyze the risk associated with the given case study based on FAIR approach . You are expected to provide the following: First, analyze the case study and decide the two scenarios based on the...

Q:

Describe the types of cybercrimes facing organizations and critical infrastructures, explain the motives of cybercriminals, and evaluate the financial Explain both low-tech and high-tech methods...

Q:

ITM 309: Business Information Technology and Systems Spring 2016 Watson and the new era of cognitive systems Jerry Haan IBM Cloud Ecosystem Development January 27, 2016 2013 International Business...

Q:

we are required to refer to the research paper and discuss the following: B. Provide a critical analysis on obstacles arise in the adoption and deployment of virtualization in cloud computing...

Q:

Need help finishing this assignment in term of comparing companies. Document will be provided ASSIGNMENT 2 - ACC/ACF5903 SEMESTER 1, 2017 This task is to be completed as a GROUP and accounts for 25%...

Q:

As organizations embrace cloud computing, cybersecurity practices continue to evolve. A robust cloud security posture protects assets from bad actors and helps organizations realize the benefits of...

Q:

Discuss the main points from this article. Gay men and lesbians, sexual nonconformists, 2 are tolerable and tolerated in American society and under American law only if they keep their identities...

Q:

An operon in the bacterium Salmonella typhimurium has the following arrangement: The promoter for this operon is contained within a TE. The H2 gene encodes a protein that is part of the bacterial...

Q:

The spacetime interval in the interior of a uniform spherical mass distribution of mass M and radius R is, in the linear approximation, ds = (1 +20)dt (1 20)dr rd0 r sin 0do - where = +GMr/2R -...

Q:

1 0 0 ablect: rio com / secured Flockdown ed: Mid - term Exam ( B ) Help What is the first step an investor takes when making an investment decision according to the separation principle? Multiple...

Q:

A scientist is rolling a die which has six possible outcomes. He is comparing the expected values of each number to see if the die is equally weighted. The Chi-squared value of his experiment is...

Q:

Using the number on the table below determine the tax treatment to the partner who receives the distribution indicated, and then assuming the partnership has made a Section 754 election, determine...

Q:

During 2019 four individuals are employed by Ellipses Corp. These employees are as follows: Social Federal W/H State W/H Marital Name Address Security # Allowances Allowances Status Hunter Cranston...

Q:

1. Assume that Michelle is self-employed. What are her retirement plan options? 2. By using the annuity approach, calculate the capital needed at retirement (age 67) for the Williamses. Assume a 9%...

Q:

(b) On 1 January 2019 Expand Plc acquired 90% of the equity share capital of Constant in a share exchange in which Expand issued two new shares for every three shares it acquired in Constant Plc. At...

Q:

Section 3 : Promotional Strategy ( 1 0 Marks ) 3 . 1 . Identify and describe promotional tools or channels you would use to raise awareness and drive sales for your product. ( 4 marks ) 3 . 2 ....

Q:

Figure 9.1 shows a clustering of a two-dimensional point data set with two clusters: The leftmost cluster, whose points are marked by asterisks, is somewhat diffuse, while the rightmost cluster,...

Q:

Discuss how you might map correlation values from the interval [1,1] to the interval [0,1]. Note that the type of transformation that you use might depend on the application that you have in mind....

Q:

C4.5rules is an implementation of an indirect method for generating rules from a decision tree. RIPPER is an implementation of a direct method for generating rules directly from data. (a) Discuss the...

Q:

A manufacturing firm produces a product that has a ceramic coating. The coating is baked on to the product, and the baking process is known to produce 15% defective items (for example, cracked or...

Q:

The Center for the Study of the American Electorate indicated that 64% of the voting-age voters cast ballots in the 2008 presidential election. It also indicated in the west, 34.6% of voting-age...

Q:

Given a binomial distribution with n = 8 and p = 0.40, obtain the following: a. The mean b. The standard deviation c. The probability that the number of successes is larger than the mean d. The...