• DocumentCode
    2589684
  • Title

    Function Extraction Technology: Computing the Behavior of Malware

  • Author

    Linger, Rick ; Sayre, Kirk ; Daly, Tim ; Pleszkoch, Mark

  • Author_Institution
    CERT, Carnegie Mellon Univ., Pittsburgh, PA, USA
  • fYear
    2011
  • fDate
    4-7 Jan. 2011
  • Firstpage
    1
  • Lastpage
    9
  • Abstract
    Current methods of malware analysis are increasingly challenged by the scope and sophistication of attacks. Recent advances in software behavior computation illuminate an opportunity to compute the behavior of malware at machine speeds, to aid in understanding intruder methods and developing countermeasures. The behavior computation process helps eliminate certain forms of malware obfuscation and computes the net effects of the remaining functional code. This paper describes behavior computation technology and provides an example of its use in malware analysis.
  • Keywords
    invasive software; attack; function extraction technology; functional code; intruder method; machine speed; malware; software behavior computation; Algorithm design and analysis; Computer architecture; Malware; Periodic structures; Semantics; Software;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    System Sciences (HICSS), 2011 44th Hawaii International Conference on
  • Conference_Location
    Kauai, HI
  • ISSN
    1530-1605
  • Print_ISBN
    978-1-4244-9618-1
  • Type

    conf

  • DOI
    10.1109/HICSS.2011.209
  • Filename
    5718511
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2589684