Control Flow to Detect Malware

This study proposes a malware detection strategy based on control flow. It consists in searching in the control flow graph of the analysed program for an induced sub-graph which corresponds to the control flow graphs of a malicious program. The resulting detector is build over a strong theoretical framework.Finally, experiments are carried out in order to evaluates the proposed detection strategy.

[1]  Fred Cohen,et al.  Computational aspects of computer viruses , 1989, Comput. Secur..

[2]  Gerald Tesauro,et al.  Neural networks for computer virus recognition , 1996 .

[3]  Somesh Jha,et al.  A semantics-based approach to malware detection , 2008, TOPL.

[4]  rey O. Kephart,et al.  Automatic Extraction of Computer Virus SignaturesJe , 2006 .

[5]  Peter Szor,et al.  The Art of Computer Virus Research and Defense , 2005 .

[6]  Leonard M. Adleman,et al.  An Abstract Theory of Computer Viruses , 1988, CRYPTO.

[7]  Guillaume Bonfante,et al.  Control Flow Graphs as Malware Signatures , 2007 .

[8]  Mattia Monga,et al.  Detecting Self-mutating Malware Using Control-Flow Graph Matching , 2006, DIMVA.

[9]  Eric Filiol,et al.  On the possibility of practically obfuscating programs towards a unified perspective of code protection , 2007, Journal in Computer Virology.

[10]  Salvatore J. Stolfo,et al.  Data mining methods for detection of new malicious executables , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[11]  Eric Filiol,et al.  Malware Pattern Scanning Schemes Secure Against Black-box Analysis , 2006, Journal in Computer Virology.

[12]  Andrew Walenstein,et al.  Normalizing Metamorphic Malware Using Term Rewriting , 2006, 2006 Sixth IEEE International Workshop on Source Code Analysis and Manipulation.

[13]  Éric Filiol Computer Viruses: from Theory to Applications , 2005 .

[14]  Hubert Comon,et al.  Tree automata techniques and applications , 1997 .