Morphological Detection of Malware - Archive ouverte HAL Access content directly
Conference Papers Year : 2008

Morphological Detection of Malware

(1) , (1) , (1)
1

Abstract

In the field of malware detection, method based on syntactical consideration are usually efficient. However, they are strongly vulnerable to obfuscation techniques. This study proposes an efficient construction of a morphological malware detector based on a syntactic and a semantic analysis, technically on control flow graphs of programs (CFG). Our construction employs tree automata techniques to provide an efficient representation of the CFG database. Next, we deal with classic obfuscation of programs by mutation using a generic graph rewriting engine. Finally, we carry out experiments to evaluate the false-positive ratio of the proposed methods.
Fichier principal
Vignette du fichier
flowgraph.pdf (313.96 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

inria-00330021 , version 1 (13-10-2008)

Identifiers

  • HAL Id : inria-00330021 , version 1

Cite

Guillaume Bonfante, Matthieu Kaczmarek, Jean-Yves Marion. Morphological Detection of Malware. International Conference on Malicious and Unwanted Software, Fernando C. Colon Osorio, Oct 2008, Alexendria VA, United States. ⟨inria-00330021⟩
159 View
327 Download

Share

Gmail Facebook Twitter LinkedIn More