Virus signature extraction form malware [closed] - security

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 9 years ago.
I'm writing a simple antivirus in C.
I've got some malware samples and I want to extract signatures form them.
Any idea how to extract them?

Retrieving a "signature" could be as simple as generating a digital signature via hashing for the virus(es) respective binaries. MD5 or SHA.
I.E. implementing the following functionality in your code that I'm sure you've already started...:
md5sum virus -> md5hashofvirus |
md5sum virus2 -> md5hashofvirus2
Complete dossier of md5sum available here.
MD5 implementation in C available here.
However any modification to the file would render this method of detection useless (albeit that's the end goal of encrypting a virus). An actual "virus signature" that modern AV's use is
"any sequence of bits that can be used to accurately identify the presence of a particular virus in a given file or range of memory."
As that level of analysis makes it a bit harder for malware manufacturers to hide the "identity" of the malware.
www.agusblog.com/wordpress/what-is-a-virus-signature-are-they-still-used-3.htm is something that I feel you should read.
www.labri.fr/perso/ly/publications/viro.pdf if you're looking for something a little more indepth.
If you'd like more information, try sharing a bit more yourself.

Related

Non-deterministic CSP programming tool? [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
Hi i need a non deterministic constraint satisfaction problem tool, because i need different solutions with the same input of the problem. Someone knows about a tool with this characteristic?
I only know tools like Gecode (c++), Choco (Java) and Curry (Haskell) that i think work in deterministic way.
If what you want is to get some random solution, most CP tools have some support for using randomised heuristics. For example, the standard Gecode branchers have options for this, for example INT_VAR_RND and INT_VAL_RND for integer variables. To get a different search each time, make sure to set the seed uniquely.
Note that using random heuristics will not give you any guarantee of the distribution. For example, your problem might have only two solutions, but almost all random choices might lead to one of the solutions giving a very skewed distribution.
Are you trying to do Pareto optimization (aka multi-objective optimization) and let the user choose one of the pareto optimal solutions?
People have done this with Drools Planner (java, open source) by simply replacing the BestSolutionRecaller class. See this thread and this thread. Planner 6.0 or 6.1 will provide out-of-the-box pareto support.
Similar to what Zayenz said, you can try Minion with the flag -randomiseorder.

How do I implement audio (pronounciation) functionality in online dictionary? [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
How would you implement word pronounciation functionality in an online dictionary site ? for example lets say, oxforddictionaries.com. they have this functionality where you can listen to how the given words are being pronounced.
Well, do I have to record each word and save it in a folder and then link it up with the database? If that's the case then probably I would have to create a million .wav or any sound files for the million words in the database. or how would I sort this out ? How do u think oxforddictionaries.com implemented this functionality ?
There are two approaches
Record each word (wav/mp3)
Synthesize the sound based on the phonetic spelling.
The latter one feels quite unnatural, but a cheap solution. I know only about the Longman dictionary, they definitely record each word (and even whole sentences), with a couple of speakers, so you don't get bored..
Unless you want to do the synthesis in a plugin/widget, you probably end up with sound files with both approaches. You can simply play them with html/html5/flash players.

Real time stock market data with R [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
I have developed a quite trading strategy on R and I would like to implement it with real time market data.
One solution would be to use RExcel. In that case, I would link Excel with Bloomberg to get real market data and plug Excel to R (The RBloomberg package does not work anymore). Ideally I would like to run all the computations on R and then output the results on an Excel spreadsheet to follow the strategy in live. Unfortunatly, the IT policy does not allow me to install RExcel.
The other solution would be to use IBrockers but the package does not work on my computer.
Here is my question : is there any alternative to RExcel to plug R with real time market data? I would like to have an R object that could refresh automatically as Excel cells do with Bloomberg
Thanks
There's always Google of course, which could have given you the following answers:
The manual on which packages you can try to read excel files into R. There are many alternatives to RExcel mentioned.
You also have the quantmod package that allows you to import stock information from yahoo finance directly into R, as explained in this question. It comes with a nice manual, there's a youtube video that explains some details and you have a RBloggers entry about it as well. I leave googling this as an exercise to the reader.
You can read data with Yahoo Finance API.
All you need to do is use read.csv() with the output of your request:
http://download.finance.yahoo.com/d/quotes.csv?f=snl1&s=AAPL,GOOG
The quotes are 15-minute delayed (the best you can do for free) and updated every 15 seconds.
For further use, please refer to : Yahoo Finance Managed and Yahoo Finance Tag on Stackoverflow.

What can't I just set everything as static? [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
I was just wondering why I can not just set everything as static? I think if I set something as a static then it has a better access time than other variables that haven't set as static..
But I assume there might be a problem and that is the reason why people are not doing this.. What are the problem could be? Thanks in advance..
Consider a class Person and all your friends are instances of that class. Now consider they all have names, their names are their attributes.
Now, if that name attribute was static, all friends would have the same name.
That's why we have instance variables too.
If you make everything static, then there only exists a single copy of it in the entire program. This can be a problem when you want multiple computations of the same thing to go on in parallel or if you want to track multiple copies of the same logical object at the same time.
As for the access time, one should consider correctness first and foremost, then optimize later. Additionally, optimizations should be based on actual measurements, not speculation. If you actually measure how long things are taking, that is pretty much never going to be the optimization you make.

Am I the only one who makes spelling and grammar mistakes when programming? [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 13 years ago.
I don't know if I am a bad programmer because I often make mistakes when outputting information on a site, things like "thanx for subscribing to our service" instead of "Thanks for subscribing to our service".
I think this is because I usually don't concentrate on the spelling, my main focus is to get the functionality running perfectly. Please give me your opinion, do you concentrate on the spellings or the functionality?
If I'm writing a message which will be visible to users, I'll make sure it's clear and correct. If I'm writing a message which will only be visible to other developers, I'm slightly less careful - in particular, typos aren't really a problem, so long as I express myself clearly.
Fortunately my spelling/typing/grammar is reasonably good anyway, so I don't need to think too hard about this, but I think it is important for customer-facing text.
Developers often aren't very good at writing messages for users. It can be hard to put yourself in the position of someone who really has no idea about what's going on in the background: they just want to get their email (or whatever it is) working. If you're lucky, you may be able to get a technical writer to help compose appropriate text.
IMO attention must be paid to both. Cool logic and reliability are no excuse for crappy texts.
You could separate checking the resource from changing the source. When you do changes first change the code, test everything, then proofread the resources.
The CTO at my last job was dyslexic, and a completely brilliant programmer and manager. Every now and then I would go and make a spelling correction to one of his method or variable names (C# handles the refactoring pretty well) and it didn't really matter that much.
When there's user interface work it's much more important to spell things correctly coz it looks very shabby to have a misspelled UI.

Resources