Malware detection is a crucial aspect of software security. Malware typically recur to a variety of disguise and concealing techniquesin order to avoid detection. Metamorphism is the ability of a program to mutate its form yet keeping unchanged its functionality and therefore its danger in case of malware. A major challenge in this field is the development of general automatic/systematic detection techniques that are able to catch the possible variants of a metamorphic malware. We take the position that the key for handling metamorphism relies in a deeper understanding of the semantics of the metamorphic malware. By applying standard formal methods we aim at proving that metamorphic analysis is a special case of program analysis, where the object of computation is code interpreted as a mutational data structure.
The Grand Challenge in Metamorphic Analysis
DALLA PREDA, Mila
2012-01-01
Abstract
Malware detection is a crucial aspect of software security. Malware typically recur to a variety of disguise and concealing techniquesin order to avoid detection. Metamorphism is the ability of a program to mutate its form yet keeping unchanged its functionality and therefore its danger in case of malware. A major challenge in this field is the development of general automatic/systematic detection techniques that are able to catch the possible variants of a metamorphic malware. We take the position that the key for handling metamorphism relies in a deeper understanding of the semantics of the metamorphic malware. By applying standard formal methods we aim at proving that metamorphic analysis is a special case of program analysis, where the object of computation is code interpreted as a mutational data structure.
| File | Dimensione | Formato | |
|---|---|---|---|
|
mila-ICISTM.pdf
accesso aperto
Tipologia:
Documento in Post-print
Licenza:
Accesso ristretto
Dimensione
206.28 kB
Formato
Adobe PDF
|
206.28 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
