The UMBC Cyber Defense Lab presents

Classifying Malware using Data Compression

Charles Nicholas, UMBC

12:00–1:00pm Friday, 20 April 2018, ITE 229

Comparing large binary objects can be tricky and expensive. We describe a method for comparing such strings, using ideas form data compression, that is both fast and effective. We present results from experiments applying this method, which we refer to as LZJD, to the areas of malware classification and digital forensics.

Charles Nicholas () earned his B.S. in Computer Science from the University of Michigan – Flint in 1979, and the M.S. and Ph.D. degrees in Computer Science from Ohio State University in 1982 and 1988, respectively. He joined the Computer Science Department at UMBC in 1988. His research interests include electronic document processing, intelligent information systems, and software engineering. In recent years he has focused on the problems of storing and retrieving information from large collections of documents. Intelligent software agents are an important aspect of this work. Host: Alan T. Sherman,

The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public.