Skip to Main content Skip to Navigation
Conference papers

Tutorial: an Overview of Malware Detection and Evasion Techniques

Abstract : This tutorial presents and motivates various malware detection tools and illustrates their usage on a clear example. We demonstrate how statically-extracted syntactic signatures can be used for quickly detecting simple variants of malware. Since such signatures can easily be obfuscated, we also present dynamically-extracted behavioral signatures which are obtained by running the malware in an isolated environment known as a sandbox. However, some malware can use sandbox detection to detect that they run in such an environment and so avoid exhibiting their malicious behavior. To counteract sandbox detection, we present concolic execution that can explore several paths of a binary. We conclude by showing how opaque predicates and JIT can be used to hinder concolic execution.
Document type :
Conference papers
Complete list of metadata

Cited literature [34 references]  Display  Hide  Download
Contributor : Cassius Puodzius <>
Submitted on : Friday, December 21, 2018 - 6:10:43 PM
Last modification on : Wednesday, May 12, 2021 - 3:39:36 AM
Long-term archiving on: : Friday, March 22, 2019 - 4:30:17 PM


Files produced by the author(s)


  • HAL Id : hal-01964222, version 1


Fabrizio Biondi, Thomas Given-Wilson, Axel Legay, Cassius Puodzius, Jean Quilbeuf. Tutorial: an Overview of Malware Detection and Evasion Techniques. ISoLA 2018 - 8th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation, Oct 2018, Limassol, Cyprus. pp.1-23. ⟨hal-01964222⟩



Record views


Files downloads