Morphological Detection of Malware

Guillaume Bonfante 1 Matthieu Kaczmarek 1 Jean-Yves Marion 1
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : In the field of malware detection, method based on syntactical consideration are usually efficient. However, they are strongly vulnerable to obfuscation techniques. This study proposes an efficient construction of a morphological malware detector based on a syntactic and a semantic analysis, technically on control flow graphs of programs (CFG). Our construction employs tree automata techniques to provide an efficient representation of the CFG database. Next, we deal with classic obfuscation of programs by mutation using a generic graph rewriting engine. Finally, we carry out experiments to evaluate the false-positive ratio of the proposed methods.
Type de document :
Communication dans un congrès
International Conference on Malicious and Unwanted Software, Oct 2008, Alexendria VA, United States. IEEE, 2008, MALWARE 2008
Liste complète des métadonnées

Littérature citée [10 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00330021
Contributeur : Matthieu Kaczmarek <>
Soumis le : lundi 13 octobre 2008 - 21:39:39
Dernière modification le : jeudi 11 janvier 2018 - 06:21:25
Document(s) archivé(s) le : mardi 9 octobre 2012 - 12:03:09

Fichier

flowgraph.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00330021, version 1

Collections

Citation

Guillaume Bonfante, Matthieu Kaczmarek, Jean-Yves Marion. Morphological Detection of Malware. International Conference on Malicious and Unwanted Software, Oct 2008, Alexendria VA, United States. IEEE, 2008, MALWARE 2008. 〈inria-00330021〉

Partager

Métriques

Consultations de la notice

285

Téléchargements de fichiers

324