HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Function classification for the retro-engineering of malwares

Guillaume Bonfante 1 Julien Oury--Nogues 1
1 CARBONE - Carbone
LORIA - FM - Department of Formal Methods
Abstract : In the past ten years, our team has developed a method called morphological analysis that deals with malware detection. Morphological analysis focuses on algorithms. Here, we want to identify programs through their functions, and more precisely with the intention of those functions. The intention is described as a vector in a high dimensional vector space in the spirit of compositional semantics. We show how to use the intention of functions for their clustering. In a last step, we describe some experiments showing the relevance of the clustering and some of some possible applications for malware identification.
Complete list of metadata

https://hal.inria.fr/hal-03178819
Contributor : Guillaume Bonfante Connect in order to contact the contributor
Submitted on : Wednesday, March 24, 2021 - 9:09:37 AM
Last modification on : Wednesday, November 3, 2021 - 7:56:55 AM
Long-term archiving on: : Friday, June 25, 2021 - 6:16:05 PM

File

paper.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-03178819, version 1

Collections

Citation

Guillaume Bonfante, Julien Oury--Nogues. Function classification for the retro-engineering of malwares. 9th International Symposium Foundations and Practice of Security, Oct 2016, Quebec, Canada. ⟨hal-03178819⟩

Share

Metrics

Record views

35

Files downloads

131