Detection of global, metamorphic malware variants using control and data flow analysis
作者: Hira Agrawal , Lisa Bahler , Josephine Micallef , Shane Snyder , Alexandr Virodov
DOI: 10.1109/MILCOM.2012.6415581
关键词:
摘要: Current malware detection and classification tools fail to adequately address variants that are generated automatically using new polymorphic metamorphic transformation engines can produce bear no resemblance one another. approaches this problem by employing syntactic signatures mimic the underlying control structures such as call- flow-graphs. These techniques, however, easily defeated program diversification techniques. This hampers our ability defend against zero day attacks perpetrated auto “replicating”, rapidly spreading variants. In paper, we present a form of abstract signature generation is based on extracting semantic summaries code immune most transformations. We also results initial, experimental evaluation proposed approach.
lens.org 参考文章(34)
George Cristian Chicioreanu, Anil Francis Thomas, Adrian Mihail Marinescu, Malware Detection Using Code Analysis and Behavior Monitoring ,(2008)
Thomas Dullien, Graph-based comparison of Executable Objects ,(2005)
Vwani Roychowdhury, William Mangione-Smith, Jesse Bridgewater, Malware mutation detector ,(2006)
Man-Pyo Hong, Sung-Wook Lee, Si-Haeng Cho, Method for detecting malicious code patterns in consideration of control and data flows ,(2004)
Ismael Briones, Aitor Gomez, Gran Vía, GRAPHS, ENTROPY AND GRID COMPUTING: AUTOMATIC COMPARISON OF MALWARE ,(2008)
Sy-Yen Kuo, Yen-Nun Huang, Shih-Yao Dai, Yu-chen Chang, Jain-Shing Wu, Chih-Hung Lin, Method and system for cleaning malicious software and computer program product and storage medium ,(2009)
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, Giovanni Vigna, Polymorphic Worm Detection Using Structural Information of Executables Lecture Notes in Computer Science. pp. 207- 226 ,(2006) , 10.1007/11663812_11
Jonny T. Ro, Leta M. Chi, Ming M. Deng, Eva Y. Chen, System, apparatus and method for the detection and removal of viruses in macros ,(1996)
Timur Biyachuev, Alexey Malyshev, Dmitry Ilin, Systems and methods for malware classification ,(2009)