Semantics-aware malware detection
A malware detector is a system that attempts to determine whether a program has malicious
intent. In order to evade detection, malware writers (hackers) frequently use obfuscation to …
intent. In order to evade detection, malware writers (hackers) frequently use obfuscation to …
Limits of static analysis for malware detection
Malicious code is an increasingly important problem that threatens the security of computer
systems. The traditional line of defense against malware is composed of malware detectors …
systems. The traditional line of defense against malware is composed of malware detectors …
Synthesizing near-optimal malware specifications from suspicious behaviors
Fueled by an emerging underground economy, malware authors are exploiting
vulnerabilities at an alarming rate. To make matters worse, obfuscation tools are commonly …
vulnerabilities at an alarming rate. To make matters worse, obfuscation tools are commonly …
Detecting metamorphic malwares using code graphs
J Lee, K Jeong, H Lee - Proceedings of the 2010 ACM symposium on …, 2010 - dl.acm.org
Malware writers and detectors have been running an endless battle. Self-defense is the
weapon most malware writers prepare against malware detectors. Malware writers have …
weapon most malware writers prepare against malware detectors. Malware writers have …
Identifying dormant functionality in malware programs
To handle the growing flood of malware, security vendors and analysts rely on tools that
automatically identify and analyze malicious code. Current systems for automated malware …
automatically identify and analyze malicious code. Current systems for automated malware …
Polyunpack: Automating the hidden-code extraction of unpack-executing malware
P Royal, M Halpin, D Dagon… - 2006 22nd Annual …, 2006 - ieeexplore.ieee.org
Modern malware often hide the malicious portion of their program code by making it appear
as data at compile-time and transforming it back into executable code at runtime. This …
as data at compile-time and transforming it back into executable code at runtime. This …
A semantics-based approach to malware detection
Malware detection is a crucial aspect of software security. Current malware detectors work
by checking for signatures, which attempt to capture the syntactic characteristics of the …
by checking for signatures, which attempt to capture the syntactic characteristics of the …
Metaaware: Identifying metamorphic malware
Q Zhang, DS Reeves - Twenty-Third Annual Computer Security …, 2007 - ieeexplore.ieee.org
Detection of malicious software (malware) by the use of static signatures is often criticized for
being overly simplistic. Available methods of obfuscating code (so-called metamorphic …
being overly simplistic. Available methods of obfuscating code (so-called metamorphic …
Towards understanding malware behaviour by the extraction of API calls
M Alazab, S Venkataraman… - 2010 second cybercrime …, 2010 - ieeexplore.ieee.org
One of the recent trends adopted by malware authors is to use packers or software tools that
instigate code obfuscation in order to evade detection by antivirus scanners. With evasion …
instigate code obfuscation in order to evade detection by antivirus scanners. With evasion …
Exploring multiple execution paths for malware analysis
Malicious code (or Malware) is defined as software that fulfills the deliberately harmful intent
of an attacker. Malware analysis is the process of determining the behavior and purpose of a …
of an attacker. Malware analysis is the process of determining the behavior and purpose of a …