Service interruption on Monday 11 July from 12:30 to 13:00: all the sites of the CCSD (HAL, EpiSciences, SciencesConf, AureHAL) will be inaccessible (network hardware connection).
Skip to Main content Skip to Navigation
Conference papers

Tutorial: an Overview of Malware Detection and Evasion Techniques

Fabrizio Biondi 1 Thomas Given-Wilson 1 Axel Legay 1 Cassius Puodzius 1 Jean Quilbeuf 2 
1 TAMIS - Threat Analysis and Mitigation for Information Security
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : This tutorial presents and motivates various malware detection tools and illustrates their usage on a clear example. We demonstrate how statically-extracted syntactic signatures can be used for quickly detecting simple variants of malware. Since such signatures can easily be obfuscated, we also present dynamically-extracted behavioral signatures which are obtained by running the malware in an isolated environment known as a sandbox. However, some malware can use sandbox detection to detect that they run in such an environment and so avoid exhibiting their malicious behavior. To counteract sandbox detection, we present concolic execution that can explore several paths of a binary. We conclude by showing how opaque predicates and JIT can be used to hinder concolic execution.
Document type :
Conference papers
Complete list of metadata

Cited literature [34 references]  Display  Hide  Download

https://hal.inria.fr/hal-01964222
Contributor : Cassius Puodzius Connect in order to contact the contributor
Submitted on : Friday, December 21, 2018 - 6:10:43 PM
Last modification on : Monday, April 4, 2022 - 9:28:23 AM
Long-term archiving on: : Friday, March 22, 2019 - 4:30:17 PM

File

main.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01964222, version 1

Citation

Fabrizio Biondi, Thomas Given-Wilson, Axel Legay, Cassius Puodzius, Jean Quilbeuf. Tutorial: an Overview of Malware Detection and Evasion Techniques. ISoLA 2018 - 8th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation, Oct 2018, Limassol, Cyprus. pp.1-23. ⟨hal-01964222⟩

Share

Metrics

Record views

220

Files downloads

2007