Skip to Main content Skip to Navigation

Morphological Detection of Malware

Guillaume Bonfante 1 Matthieu Kaczmarek 1 Jean-Yves Marion 1
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : In the field of malware detection, method based on syntactical consideration are usually efficient. However, they are strongly vulnerable to obfuscation techniques. This study proposes an efficient construction of a morphological malware detector based on a syntactic and a semantic analysis, technically on control flow graphs of programs (CFG). Our construction employs tree automata techniques to provide an efficient representation of the CFG database. Next, we deal with classic obfuscation of programs by mutation using a generic graph rewriting engine. Finally, we carry out experiments to evaluate the false-positive ratio of the proposed methods.
Document type :
Conference papers
Complete list of metadatas

Cited literature [10 references]  Display  Hide  Download

https://hal.inria.fr/inria-00330021
Contributor : Matthieu Kaczmarek <>
Submitted on : Monday, October 13, 2008 - 9:39:39 PM
Last modification on : Tuesday, December 18, 2018 - 4:48:02 PM
Document(s) archivé(s) le : Tuesday, October 9, 2012 - 12:03:09 PM

File

flowgraph.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : inria-00330021, version 1

Collections

Citation

Guillaume Bonfante, Matthieu Kaczmarek, Jean-Yves Marion. Morphological Detection of Malware. International Conference on Malicious and Unwanted Software, Fernando C. Colon Osorio, Oct 2008, Alexendria VA, United States. ⟨inria-00330021⟩

Share

Metrics

Record views

339

Files downloads

440