Automatically Identifying Trigger-based Behavior in Malware
作者: David Brumley , Cody Hartwig , Zhenkai Liang , James Newsome , Dawn Song
DOI: 10.1007/978-0-387-68768-1_4
关键词:
摘要: Malware often contains hidden behavior which is only activated when properly triggered. Well known examples include: the MyDoom worm DDoS’s on particular dates, keyloggers log keystrokes for sites, and DDoS zombies are given proper command. We call such trigger-based
springer.com
syr.edu
researchgate.net 参考文章(16)
Cristian Cadar, David L. Dill, Dawson R. Engler, Vijay Ganesh, Peter M. Pawlowski, EXE: A system for automatically generating inputs of death using symbolic execution computer and communications security. ,(2006)
Benjamin C. Pierce, Types and Programming Languages ,(2002)
Cormac Flanagan, James B. Saxe, Avoiding exponential explosion Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '01. ,vol. 36, pp. 193- 205 ,(2001) , 10.1145/360204.360220
Cormac Flanagan, K. Rustan M. Leino, Mark Lillibridge, Greg Nelson, James B. Saxe, Raymie Stata, Extended static checking for Java Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation - PLDI '02. ,vol. 37, pp. 234- 245 ,(2002) , 10.1145/512529.512558
Koushik Sen, Darko Marinov, Gul Agha, CUTE: a concolic unit testing engine for C foundations of software engineering. ,vol. 30, pp. 263- 272 ,(2005) , 10.1145/1081706.1081750
Patrice Godefroid, Nils Klarlund, Koushik Sen, DART: directed automated random testing programming language design and implementation. ,vol. 40, pp. 213- 223 ,(2005) , 10.1145/1064978.1065036
James C. King, Symbolic execution and program testing Communications of The ACM. ,vol. 19, pp. 385- 394 ,(1976) , 10.1145/360248.360252
Junfeng Yang, Can Sar, P. Twohey, C. Cadar, D. Engler, Automatically generating malicious disks using symbolic execution ieee symposium on security and privacy. pp. 243- 257 ,(2006) , 10.1109/SP.2006.7
Andreas Moser, Christopher Kruegel, Engin Kirda, Exploring Multiple Execution Paths for Malware Analysis ieee symposium on security and privacy. pp. 231- 245 ,(2007) , 10.1109/SP.2007.17
Edmund Clarke, Daniel Kroening, Flavio Lerda, A Tool for Checking ANSI-C Programs tools and algorithms for construction and analysis of systems. ,vol. 2988, pp. 168- 176 ,(2004) , 10.1007/978-3-540-24730-2_15