Efficient and Stealthy Instruction Tracing and Its Applications in Automated Malware Analysis: Open Problems and Challenges

Abstract : Malware is substantial security threat today and most likely in the foreseeable future. The analysis of malware is a key activity in the fight against the threat. Since manual analysis is time consuming and given the extent of the malware threat, malware analysis needs to be automated. Malware analysis sandboxes offer such automation and play already an important role in practice. Yet, they only uncover certain aspects of malware behavior, and still require manual analysis in many cases. This is not a viable way to go, and thus the automation and quality of automated analysis needs to be pushed further. A promising technique towards this goal is instruction tracing combined with analyzes algorithms that uncover malware behavior from an instruction trace.In this position paper, we shall argue that instruction tracing is still in its infancy and point out challenges and open problems of instruction tracing in general. In particular, we shall describe Helios, which is our new instruction tracer that offers a better balance of tracing speed and transparency than existing techniques.
Type de document :
Communication dans un congrès
David Hutchison; Takeo Kanade; Madhu Sudan; Demetri Terzopoulos; Doug Tygar; Moshe Y. Vardi; Gerhard Weikum; Jan Camenisch; Dogan Kesdogan; Josef Kittler; Jon M. Kleinberg; Friedemann Mattern; John C. Mitchell; Moni Naor; Oscar Nierstrasz; C. Pandu Rangan; Bernhard Steffen. International Workshop on Open Problems in Network Security (iNetSec), Jun 2011, Lucerne, Switzerland. Springer, Lecture Notes in Computer Science, LNCS-7039, pp.55-64, 2012, Open Problems in Network Security. 〈10.1007/978-3-642-27585-2_5〉
Liste complète des métadonnées

Littérature citée [18 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01481506
Contributeur : Hal Ifip <>
Soumis le : jeudi 2 mars 2017 - 16:38:00
Dernière modification le : vendredi 3 mars 2017 - 11:11:38
Document(s) archivé(s) le : mercredi 31 mai 2017 - 16:27:41

Fichier

978-3-642-27585-2_5_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Endre Bangerter, Stefan Bühlmann, Engin Kirda. Efficient and Stealthy Instruction Tracing and Its Applications in Automated Malware Analysis: Open Problems and Challenges. David Hutchison; Takeo Kanade; Madhu Sudan; Demetri Terzopoulos; Doug Tygar; Moshe Y. Vardi; Gerhard Weikum; Jan Camenisch; Dogan Kesdogan; Josef Kittler; Jon M. Kleinberg; Friedemann Mattern; John C. Mitchell; Moni Naor; Oscar Nierstrasz; C. Pandu Rangan; Bernhard Steffen. International Workshop on Open Problems in Network Security (iNetSec), Jun 2011, Lucerne, Switzerland. Springer, Lecture Notes in Computer Science, LNCS-7039, pp.55-64, 2012, Open Problems in Network Security. 〈10.1007/978-3-642-27585-2_5〉. 〈hal-01481506〉

Partager

Métriques

Consultations de la notice

98

Téléchargements de fichiers

32