DocumentCode :
2589684
Title :
Function Extraction Technology: Computing the Behavior of Malware
Author :
Linger, Rick ; Sayre, Kirk ; Daly, Tim ; Pleszkoch, Mark
Author_Institution :
CERT, Carnegie Mellon Univ., Pittsburgh, PA, USA
fYear :
2011
fDate :
4-7 Jan. 2011
Firstpage :
1
Lastpage :
9
Abstract :
Current methods of malware analysis are increasingly challenged by the scope and sophistication of attacks. Recent advances in software behavior computation illuminate an opportunity to compute the behavior of malware at machine speeds, to aid in understanding intruder methods and developing countermeasures. The behavior computation process helps eliminate certain forms of malware obfuscation and computes the net effects of the remaining functional code. This paper describes behavior computation technology and provides an example of its use in malware analysis.
Keywords :
invasive software; attack; function extraction technology; functional code; intruder method; machine speed; malware; software behavior computation; Algorithm design and analysis; Computer architecture; Malware; Periodic structures; Semantics; Software;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
System Sciences (HICSS), 2011 44th Hawaii International Conference on
Conference_Location :
Kauai, HI
ISSN :
1530-1605
Print_ISBN :
978-1-4244-9618-1
Type :
conf
DOI :
10.1109/HICSS.2011.209
Filename :
5718511
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2589684
بازگشت