Skip to Main content Skip to Navigation

An implementation of morphological malware detection

Guillaume Bonfante 1 Matthieu Kaczmarek 1 Jean-Yves Marion 1
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : This study proposes an efficient construction of a morphological malware detector that is a detector which associates syntactic and semantic analysis. The detection strategy is based on control flow graphs of programs (CFG). Our construction employs tree automata techniques; this provides an efficient representation of the CFG database. Next, we deal with classic mutations using a generic graph rewriting engine. Finally, we carry out experiments to evaluate the false-positive ratio of the proposed methods.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/inria-00335590
Contributor : Matthieu Kaczmarek <>
Submitted on : Thursday, October 30, 2008 - 9:04:27 AM
Last modification on : Tuesday, December 18, 2018 - 4:48:02 PM

Identifiers

  • HAL Id : inria-00335590, version 1

Collections

Citation

Guillaume Bonfante, Matthieu Kaczmarek, Jean-Yves Marion. An implementation of morphological malware detection. EICAR, May 2008, Laval, France. pp.49--62. ⟨inria-00335590⟩

Share

Metrics

Record views

271