Malware detection is a crucial aspect of software security. Malware typically recur to a variety of disguise and concealing techniquesin order to avoid detection. Metamorphism is the ability of a program to mutate its form yet keeping unchanged its functionality and therefore its danger in case of malware. A major challenge in this field is the development of general automatic/systematic detection techniques that are able to catch the possible variants of a metamorphic malware. We take the position that the key for handling metamorphism relies in a deeper understanding of the semantics of the metamorphic malware. By applying standard formal methods we aim at proving that metamorphic analysis is a special case of program analysis, where the object of computation is code interpreted as a mutational data structure.

The Grand Challenge in Metamorphic Analysis

DALLA PREDA, Mila
2012-01-01

Abstract

Malware detection is a crucial aspect of software security. Malware typically recur to a variety of disguise and concealing techniquesin order to avoid detection. Metamorphism is the ability of a program to mutate its form yet keeping unchanged its functionality and therefore its danger in case of malware. A major challenge in this field is the development of general automatic/systematic detection techniques that are able to catch the possible variants of a metamorphic malware. We take the position that the key for handling metamorphism relies in a deeper understanding of the semantics of the metamorphic malware. By applying standard formal methods we aim at proving that metamorphic analysis is a special case of program analysis, where the object of computation is code interpreted as a mutational data structure.
2012
978-364229165-4
Malware detection; metamorphism; abstract interpretation
File in questo prodotto:
File Dimensione Formato  
mila-ICISTM.pdf

accesso aperto

Tipologia: Documento in Post-print
Licenza: Accesso ristretto
Dimensione 206.28 kB
Formato Adobe PDF
206.28 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11562/502350
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 6
  • ???jsp.display-item.citation.isi??? ND
social impact