Evaluating model checking for cyber threats code obfuscation identification
作者: Fabio Martinelli , Francesco Mercaldo , Vittoria Nardone , Antonella Santone , Arun Kumar Sangaiah
DOI: 10.1016/J.JPDC.2018.04.008
关键词:
摘要: Abstract Code obfuscation is a set of transformations that make code programs harder to understand. The goal reverse engineering infeasible, while maintaining the logic on program. Originally, it has been used protect intellectual property. However, recently also by malware writers in order cyber threats easily able evade antimalware scanners. As matter fact, metamorphic and polymorphic viruses exhibit ability obfuscate their as they propagate. In this paper we propose model checking-based approach which identify most widespread obfuscating techniques, without making any assumptions about nature obfuscations used. We evaluate proposed method real-world dataset obtaining an accuracy equal 0.9 identification techniques.
sci-hub.se 参考文章(66)
Fu Song, Tayssir Touili, Model-Checking for Android Malware Detection asian symposium on programming languages and systems. pp. 216- 235 ,(2014) , 10.1007/978-3-319-12736-1_12
Wenke Lee, Monirul I. Sharif, Andrea Lanzi, Jonathon T. Giffin, Impeding Malware Analysis Using Conditional Code Obfuscation network and distributed system security symposium. pp. 1- 13 ,(2008)
Jonathan Crussell, Clint Gibler, Hao Chen, Attack of the Clones: Detecting Cloned Applications on Android Markets Computer Security – ESORICS 2012. pp. 37- 54 ,(2012) , 10.1007/978-3-642-33167-1_3
Gerardo Canfora, Eric Medvet, Francesco Mercaldo, Corrado Aaron Visaggio, Detection of Malicious Web Pages Using System Calls Sequences Advanced Information Systems Engineering. ,vol. 8708, pp. 226- 238 ,(2014) , 10.1007/978-3-319-10975-6_17
Corrado Aaron Visaggio, Francesco Mercaldo, Gerardo Canfora, Malicious JavaScript Detection by Features Extraction e-Informatica Software Engineering Journal. ,vol. 8, pp. 65- 78 ,(2014) , 10.5277/E-INF140105
Glenn Bruns, Distributed systems analysis with CCS Prentice-Hall, Inc.. ,(1997)
Edmund M. Clarke, E. Allen Emerson, DESIGN AND SYNTHESIS OF SYNCHRONIZATION SKELETONS USING BRANCHING TIME TEMPORAL LOGIC 25 Years of Model Checking. ,vol. 131, pp. 196- 215 ,(2008) , 10.1007/978-3-540-69850-0_12
Robin Milner, Communication and Concurrency ,(1989)
Phillip A. Laplante, What Every Engineer Should Know about Software Engineering ,(2007)
Babak Yadegari, Brian Johannesmeyer, Ben Whitely, Saumya Debray, A Generic Approach to Automatic Deobfuscation of Executable Code 2015 IEEE Symposium on Security and Privacy. pp. 674- 691 ,(2015) , 10.1109/SP.2015.47