Semantics-Aware Malware Detection

Oakland, California May 08-May 11

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/SP.2005.20

2005 IEEE Symposium on Security and P ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Mihai Christodorescu Articles by Somesh Jha Articles by Sanjit A. Seshia Articles by Dawn Song Articles by Randal E. Bryant

	ASCII Text	x
	Mihai Christodorescu, Somesh Jha, Sanjit A. Seshia, Dawn Song, Randal E. Bryant, "Semantics-Aware Malware Detection," Security and Privacy, IEEE Symposium on, pp. 32-46, 2005 IEEE Symposium on Security and Privacy (S&P'05), 2005.

	BibTex	x
	@article{ 10.1109/SP.2005.20, author = {Mihai Christodorescu and Somesh Jha and Sanjit A. Seshia and Dawn Song and Randal E. Bryant}, title = {Semantics-Aware Malware Detection}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2005}, issn = {1081-6011}, pages = {32-46}, doi = {http://doi.ieeecomputersociety.org/10.1109/SP.2005.20}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Semantics-Aware Malware Detection SN - 1081-6011 SP32 EP46 A1 - Mihai Christodorescu, A1 - Somesh Jha, A1 - Sanjit A. Seshia, A1 - Dawn Song, A1 - Randal E. Bryant, PY - 2005 KW - null VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Mihai Christodorescu, University of Wisconsin, Madison

Somesh Jha, University of Wisconsin, Madison

Sanjit A. Seshia, Carnegie Mellon University

Dawn Song, Carnegie Mellon University

Randal E. Bryant, Carnegie Mellon University

A malware detector is a system that attempts to determine whether a program has malicious intent. In order to evade detection, malware writers (hackers) frequently use obfuscation to morph malware. Malware detectors that use a pattern-matching approach (such as commercial virus scanners) are susceptible to obfuscations used by hackers. The fundamental deficiency in the pattern-matching approach to malware detection is that it is purely syntactic and ignores the semantics of instructions. In this paper, we present a malware-detection algorithm that addresses this deficiency by incorporating instruction semantics to detect malicious program traits. Experimental evaluation demonstrates that our malware-detection algorithm can detect variants of malware with a relatively low run-time overhead. Moreover, our semantics-aware malware detection algorithm is resilient to common obfuscations used by hackers.

Citation:

Mihai Christodorescu, Somesh Jha, Sanjit A. Seshia, Dawn Song, Randal E. Bryant, "Semantics-Aware Malware Detection," sp, pp.32-46, 2005 IEEE Symposium on Security and Privacy (S&P'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.