An implementation of morphological malware detection

Guillaume Bonfante 1 Matthieu Kaczmarek 1 Jean-Yves Marion 1
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : This study proposes an efficient construction of a morphological malware detector that is a detector which associates syntactic and semantic analysis. The detection strategy is based on control flow graphs of programs (CFG). Our construction employs tree automata techniques; this provides an efficient representation of the CFG database. Next, we deal with classic mutations using a generic graph rewriting engine. Finally, we carry out experiments to evaluate the false-positive ratio of the proposed methods.
Type de document :
Communication dans un congrès
EICAR, May 2008, Laval, France. pp.49--62, 2008
Liste complète des métadonnées

https://hal.inria.fr/inria-00335590
Contributeur : Matthieu Kaczmarek <>
Soumis le : jeudi 30 octobre 2008 - 09:04:27
Dernière modification le : jeudi 11 janvier 2018 - 06:21:25

Identifiants

  • HAL Id : inria-00335590, version 1

Collections

Citation

Guillaume Bonfante, Matthieu Kaczmarek, Jean-Yves Marion. An implementation of morphological malware detection. EICAR, May 2008, Laval, France. pp.49--62, 2008. 〈inria-00335590〉

Partager

Métriques

Consultations de la notice

252