Behavior Abstraction in Malware Analysis
نویسندگان
چکیده
trace language Abstract a trace language L by reducing it w.r.t. a behavior pattern Ba trace language L by reducing it w.r.t. a behavior pattern B
منابع مشابه
Abstraction by Term Rewriting for Malware Behavior Analysis – Extended Version –
ion by Term Rewriting for Malware Behavior Analysis – Extended Version – Philippe Beaucamps, Isabelle Gnaedig, Jean-Yves Marion INPL INRIA Nancy Grand Est Nancy-Université LORIA Campus Scientifique BP 239 F54506 Vandoeuvre-lès-Nancy Cedex, France Email: {Philippe.Beaucamps, Isabelle.Gnaedig, Jean-Yves.Marion}@loria.fr Abstract. We propose a formal approach for behavioral analysis of programs ba...
متن کاملDyVSoR: dynamic malware detection based on extracting patterns from value sets of registers
To control the exponential growth of malware files, security analysts pursue dynamic approaches that automatically identify and analyze malicious software samples. Obfuscation and polymorphism employed by malwares make it difficult for signature-based systems to detect sophisticated malware files. The dynamic analysis or run-time behavior provides a better technique to identify the threat. In t...
متن کاملRobust and Effective Malware Detection Through Quantitative Data Flow Graph Metrics
We present a novel malware detection approach based on metrics over quantitative data flow graphs. Quantitative data flow graphs (QDFGs) model process behavior by interpreting issued system calls as aggregations of quantifiable data flows. Due to the high abstraction level we consider QDFG metric based detection more robust against typical behavior obfuscation like bogus call injection or call ...
متن کاملEfficient Malware Detection Using Model-Checking
Over the past decade, malware costs more than $10 billion every year and the cost is still increasing. Classical signature-based and emulation-based methods are becoming insufficient, since malware writers can easily obfuscate existing malware such that new variants cannot be detected by these methods. Thus, it is important to have more robust techniques for malware detection. In our previous w...
متن کاملMalware Behavior Classification Approach Based on Naive Bayes
Because of the interference of obfuscation and polymorphism on malware analysis and detection, the dynamic analysis of malware binaries during run-time is becoming a research hotspot in intrusion detection field. Malware classification is a key problem in the research of dynamic malware behavior analysis. On the basis of the malware behavior monitoring result reports, after discussing of malwar...
متن کامل