Publications

Conferences
Charles LeDoux, Michael Sharkey, Brandon Primeaux, & Craig Miles. (2012). Instruction embedding for improved obfuscation. In Proceedings of the 50th Annual Southeast Regional Conference (pp. 130–135). Retrieved from http://dl.acm.org/citation.cfm?id=2184543 (Download) (Cite)
Charles LeDoux, Andrew Walenstein, & Arun Lakhotia. (2012). Improved Malware Classification through Sensor Fusion Using Disjoint Union. In Information Systems, Technology and Management (pp. 360–371). Grenoble, France: Springer Berlin Heidelberg. doi:10.1007/978-3-642-29166-1_32 (Download) (Cite)
Walenstein, A., & Lakhotia, A. (2012). A transformation-based model of malware derivation. In 2012 7th International Conference on Malicious and Unwanted Software (MALWARE) (pp. 17–25). doi:10.1109/MALWARE.2012.6461003 (Cite)
Charles LeDoux, Arun Lakhotia, Craig Miles, Vivek Notani, & Avi Pfeffer. (2013). FuncTracker: Discovering Shared Code to Aid Malware Forensics Extended Abstract. Presented at the 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET  ’13). Retrieved from https://www.usenix.org/conference/leet13/functracker-discovering-shared-code-to-aid-malware-forensics (Download) (Cite)
Chouchane, M. R., Walenstein, A., & Lakhotia, A. (2008). Using Markov Chains to filter machine-morphed variants of malicious programs. In Malicious and Unwanted Software, 2008. MALWARE 2008. 3rd International Conference on (pp. 77–84). (Cite)
Walenstein, A., Mathur, R., Chouchane, M. R., & Lakhotia, A. (2008). Constructing malware normalizers using term rewriting. Journal in computer virology, 4(4), 307–322. (Cite)
Walenstein, A., Hayes, M., & Lakhotia, A. (2007). Phylogenetic Comparisons of Malware. In Virus Bulletin Conference (Vol. 39, p. 41). (Cite)
Lakhotia, A., Preda, M. D., & Giacobazzi, R. (2013). Fast Location of Similar Code Fragments Using Semantic “Juice.” In Proceedings of the 2Nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop (pp. 5:1–5:6). New York, NY, USA: ACM. doi:10.1145/2430553.2430558 (Cite)
Chouchane, M. R., & Lakhotia, A. (2006). Using Engine Signature to Detect Metamorphic Malware. In Proceedings of the 4th ACM Workshop on Recurring Malcode (pp. 73–78). New York, NY, USA: ACM. doi:10.1145/1179542.1179558 (Cite)
Lakhotia, A. (2006). Analysis of Adversarial Code: Problem, Challenges, Results. Blackhat Federal 2006. (Cite)
Walenstein, A., & Lakhotia, A. (2007). The software similarity problem in malware analysis. Internat. Begegnungs-und Forschungszentrum für Informatik. Retrieved from http://drops.dagstuhl.de/opus/volltexte/2007/964/ (Cite)
Singh, A., Walenstein, A., & Lakhotia, A. (2012). Tracking Concept Drift in Malware Families. In Proceedings of the 5th ACM Workshop on Security and Artificial Intelligence (pp. 81–92). New York, NY, USA: ACM. doi:10.1145/2381896.2381910 (Cite)
Lakhotia, A., & Walenstein, A. (n.d.). A Self-Learning AV Scanner. Retrieved from http://web.cacs.louisiana.edu/~arun/papers/2008-avar-self-learning.pdf (Cite)
Lakhotia, A., & Kumar, E. U. (2004). Abstracting stack to detect obfuscated calls in binaries. In Fourth IEEE International Workshop on Source Code Analysis and Manipulation, 2004 (pp. 17–26). doi:10.1109/SCAM.2004.2 (Cite)
Venable, M., Chouchane, M. R., Karim, M. E., & Lakhotia, A. (2005). Analyzing Memory Accesses in Obfuscated x86 Executables. In K. Julisch & C. Kruegel (Eds.), Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 1–18). Springer Berlin Heidelberg. Retrieved from http://link.springer.com/chapter/10.1007/11506881_1 (Cite)
Lakhotia, A., Kapoor, A., & Kumar, E. U. (2004). Are metamorphic viruses really invincible. Virus Bulletin, 5–7. Retrieved from http://www.iscas2007.org/~arun/papers/invincible-complete.pdf (Cite)
Lakhotia, A., & Mohammed, M. (2004). Imposing order on program statements to assist anti-virus scanners. In 11th Working Conference on Reverse Engineering, 2004. Proceedings (pp. 161–170). doi:10.1109/WCRE.2004.24 (Cite)
Lakhotia, A., Boccardo, D. R., Singh, A., & Manacero,Jr., A. (2010). Context-sensitive Analysis of Obfuscated x86 Executables. In Proceedings of the 2010 ACM SIGPLAN Workshop on Partial Evaluation and Program Manipulation (pp. 131–140). New York, NY, USA: ACM. doi:10.1145/1706356.1706381 (Cite)
Walenstein, A., Mathur, R., Chouchane, M., & Lakhotia, A. (2007). The design space of metamorphic malware. In Proceedings of the 2nd International Conference on i-Warfare & Security (ICIW) (pp. 241–248). (Cite)
Eric, U. K., Kapoor, A., & Lakhotia, A. (2005). DOC–ANSWERING THE HIDDEN “CALL” OF A VIRUS. Virus Bulletin, 4, 8–10. Retrieved from http://www.cacs.louisiana.edu/~arun/papers/detecting-obfuscated-calls-VB2005.pdf (Cite)
Boccardo, D. R., Lakhotia, A., Manacero Jr, A., & Venable, M. (2009). Adapting call-string approach for x86 obfuscated binaries. Simpósio Brasileiro em Seguran\cca da Informa\ccao e de Sistemas Computacionais. Retrieved from http://www.lbd.dcc.ufmg.br/colecoes/sbseg/2009/011.pdf (Cite)
Goel, S. (2008). 3rd Annual Symposium on Information Assurance (ASIA’08). Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.295.9837&rep=rep1&type=pdf (Cite)
Preda, M. D., Feng, W., Giacobazzi, R., Greechie, R., & Lakhotia, A. (2012). Twisting Additivity in Program Obfuscation. In S. Dua, A. Gangopadhyay, P. Thulasiraman, U. Straccia, M. Shepherd, & B. Stein (Eds.), Information Systems, Technology and Management (pp. 336–347). Springer Berlin Heidelberg. Retrieved from http://link.springer.com/chapter/10.1007/978-3-642-29166-1_30 (Cite)
Deprez, J.-C., & Lakhotia, A. (2000). A formalism to automate mapping from program features to code. In 8th International Workshop on Program Comprehension, 2000. Proceedings. IWPC 2000 (pp. 69–78). doi:10.1109/WPC.2000.852481 (Cite)
Karim, M. E., Walenstein, A., Lakhotia, A., & Parida, L. (2005). Malware phylogeny using maximal pi-patterns. In EICAR 2005 Conference: Best Paper Proceedings (pp. 156–174). Retrieved from http://www.researchgate.net/publication/228640414_Malware_Phylogeny_Using_Maximal_Patterns/file/d912f50f9cc467ab89.pdf (Cite)
Lakhotia, A. (1993). Constructing Call Multigraphs Using Dependence Graphs. In Proceedings of the 20th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (pp. 273–284). New York, NY, USA: ACM. doi:10.1145/158511.158647 (Cite)
Lakhotia, A., & Deprez, J.-C. (1999). Restructuring functions with low cohesion. In Sixth Working Conference on Reverse Engineering, 1999. Proceedings (pp. 36–46). doi:10.1109/WCRE.1999.806945 (Cite)
Lakhotia, A. (1993). Rule-based approach to computing module cohesion. In , 15th International Conference on Software Engineering, 1993. Proceedings (pp. 35–44). doi:10.1109/ICSE.1993.346057 (Cite)
Harman, M., Lakhotia, A., & Binkley, D. W. (2006). A Framework for Static Slicers of Unstructured Programs. Information and Software Technology, 48(7), 549–565. Retrieved from http://calcium.dcs.kcl.ac.uk/329/ (Cite)
Lakhotia, A. (1998). DIME: a direct manipulation environment for evolutionary development of software. In , 6th International Workshop on Program Comprehension, 1998. IWPC  ’98. Proceedings (pp. 72–79). doi:10.1109/WPC.1998.693289 (Cite)
Singh, P. K., Moinuddin, M., & Lakhotia, A. (2003). Using static analysis and verification for analyzing virus and worm programs. In Proceedings of the 2nd European Conference on Information Warfare and Security (pp. 281–292). (Cite)

Journals
Miles, C., Lakhotia, A., & Walenstein, A. (2012). In situ reuse of logically extracted functional components. Journal in Computer Virology, 8(3), 73–84. doi:10.1007/s11416-012-0167-y (Cite)
Lakhotia, A., Walenstein, A., Miles, C., & Singh, A. (2013). VILO: a rapid learning nearest-neighbor classifier for malware triage. Journal of Computer Virology and Hacking Techniques, 9(3), 109–123. doi:10.1007/s11416-013-0178-3 (Cite)
Karim, M. E., Walenstein, A., Lakhotia, A., & Parida, L. (2005). Malware phylogeny generation using permutations of code. Journal in Computer Virology, 1(1-2), 13–23. doi:10.1007/s11416-005-0002-9 (Cite)
Hayes, M., Walenstein, A., & Lakhotia, A. (2009). Evaluation of malware phylogeny modelling systems using automated variant generation. Journal in Computer Virology, 5(4), 335–343. doi:10.1007/s11416-008-0100-6 (Cite)
Chouchane, R., Stakhanova, N., Walenstein, A., & Lakhotia, A. (2013). Detecting machine-morphed malware variants via engine attribution. Journal of Computer Virology and Hacking Techniques, 9(3), 137–157. doi:10.1007/s11416-013-0183-6 (Cite)
Lakhotia, A., Kumar, E. U., & Venable, M. (2005). A method for detecting obfuscated calls in malicious binaries. IEEE Transactions on Software Engineering, 31(11), 955–968. doi:10.1109/TSE.2005.120 (Cite)
Lakhotia, A., Boccardo, D. R., Singh, A., & Jr, A. M. (2010). Context-sensitive analysis without calling-context. Higher-Order and Symbolic Computation, 23(3), 275–313. doi:10.1007/s10990-011-9080-1 (Cite)
Lakhotia, A., & Deprez, J.-C. (1998). Restructuring programs by tucking statements into functions. Information and Software Technology, 40(11–12), 677–689. doi:10.1016/S0950-5849(98)00091-3 (Cite)
Chan, T. W., & Lakhotia, A. (1998). Debugging program failure exhibited by voluminous data. Journal of Software Maintenance: Research and Practice, 10(2), 111–150. doi:10.1002/(SICI)1096-908X(199803/04)10:2<111::AID-SMR167>3.0.CO;2-8 (Cite)
Harman, M., Lakhotia, A., & Binkley, D. (2006). Theory and algorithms for slicing unstructured programs. Information and Software Technology, 48(7), 549–565. doi:10.1016/j.infsof.2005.06.001 (Cite)

Theses and Dissertations
Charles LeDoux. (2011). Feature Fusion Across Domains for Improved Malware Classification (Masters). University of Louisiana at Lafayette. (Download) (Cite)
Boccardo, D. R. (2009). Context-Sensitive Analysis of x86 Obfuscated Executables. Tese / Thesis. Retrieved January 6, 2014, from http://xrepo01s.inmetro.gov.br/handle/10926/1069 (Cite)
Karim, M. E. (2007). MinMax Interval Trees. ProQuest. (Download) (Cite)
Deprez, J.-C. (1997). A context-sensitive formal transformation for restructuring programs. University of Southwestern Louisiana. Retrieved from http://web.cacs.louisiana.edu/~arun/papers/jcd-thesis.pdf (Cite)
Singh, A. (2012). On Concept Drift, Deployability, and Adversarial Selection in Machine Learning-based Malware Detection. University of Louisiana at Lafayette. (Cite)
Golconda, S. (2005). Steering control for a skid-steered autonomous ground vehicle at varying speed (Maste). University of Louisiana at Lafayette. Retrieved from http://cajunbot.com/papers/2005_02-steering_control_for_a_skid-steered_autonomous_ground_vehicle_at_varying_speed.pdf.pdf (Cite)
Golconda, S. (2010). CajunBot Path Planner Architecture for Autonomous Ground Vehicles in an Urban Environment (PhD Dissertation). University of Louisiana. Retrieved from http://www.iscas2007.org/~arun/papers/2010-Golconda-dissertation.pdf (Cite)
Chouchane, M. R. (2008). Approximate Detection of Machine-morphed Variants of Malicious Programs (PhD Dissertation). University of Louisiana at Lafayette. (Download) (Cite)
Hayes, M. E. (2008). Simulating malware evolution for evaluating program phylogenies (Master’s thesis). University of Louisiana at Lafayette. (Cite)
Puntambekar, A. (2006). Terrain modeling and obstacle detection for unmanned autonomous ground robots (Master’s thesis). University of Louisiana at Lafayette. Retrieved from http://cajunbot.com/papers/2006-amit-thesis_-_terrain_mapping_and_obstacle_detection_for_unmanned_autonomous_ground_robots_without_sensor_stabilization.pdf (Cite)
Mathur, R. (2006). Normalizing metamorphic malware using term rewriting (Master’s thesis). University of Louisiana at Lafayette. Retrieved from http://web.cacs.louisiana.edu/~arun/papers/2006-rachit-thesis.pdf (Cite)
Kumar, E. U. (2004, December). Abstract Stack Graph as a Representation to Detect Obfuscated Calls in Binaries (Master’s thesis). University of Louisiana at Lafayette. Retrieved from http://www.cacs.louisiana.edu/~arun/papers/uday-kumar-thesis-dec2004.pdf (Cite)
Mohammed, M. (n.d.). Zeroing in on Metamorphic Computer Viruses (Master’s thesis). University of Louisiana at Lafayette. Retrieved from http://www.cacs.louisiana.edu/~arun/papers/moin-mohammed-thesis-dec2003.pdf (Cite)
Deprez, J.-C. (1997, December). Detecting Ripple Effects of Program Modifications on a Software System’s Functionality (PhD Dissertation). University of Louisiana at Lafayette. Retrieved from http://www.cacs.louisiana.edu/~arun/papers/2003-jean-christophe-dissertation.pdf (Cite)
Singh, P. K. (2002). A Physiological Decomposition of Virus and Worm Programs (Master’s thesis). University of Louisiana at Lafayette. Retrieved from http://www.megasecurity.org/papers/masterthesis.pdf (Cite)
Nandigam, J. (1995). A measure for module cohesion (PhD Dissertation). University of Louisiana at Lafayette. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.6490&rep=rep1&type=pdf (Cite)
Notani, V. (2009). Behavioral Analysis of Malware (Bachelor’s Thesis). BIRLA INSTITUTE OF TECHNOLOGY. Retrieved from http://www.cacs.louisiana.edu/~arun/papers/2013-vivek-notani-thesis.pdf (Cite)