@article{Santos_Ugarte-Pedrero_Brezo_Bringas_Gómez-Hidalgo_2013, title={NOA: An Information Retrieval Based Malware Detection System}, volume={32}, url={https://www.cai.sk/ojs/index.php/cai/article/view/1470}, abstractNote={Malware refers to any type of code written with the intention of harming a computer or network. The quantity of malware being produced is increasing every year and poses a serious global security threat. Hence, malware detection is a critical topic in computer security. Signature-based detection is the most widespread method used in commercial antivirus solutions. However, signature-based detection can detect malware only once the malicious executable has caused damage and has been conveniently registered and documented. Therefore, the signature-based method fails to detect obfuscated malware variants. In this paper, a new malware detection system is proposed based on information retrieval. For the representation of executables, the frequency of the appearance of opcode sequences is used. Through this architecture a malware detection system prototype is developed and evaluated in terms of performance, malware variant recall (false negative ratio) and false positives.}, number={1}, journal={COMPUTING AND INFORMATICS}, author={Santos, Igor and Ugarte-Pedrero, Xabier and Brezo, Felix and Bringas, Pablo Garcia and Gómez-Hidalgo, José María}, year={2013}, month={Mar.}, pages={145–174} }