Automated computation of malware behavior

Author

Linger, Rick ; Pleszkoch, Mark ; Sayre, Kirk ; Daly, Tim

Author_Institution

CERT/Software Eng. Inst., Pittsburgh, PA, USA

fYear

2010

fDate

8-10 Nov. 2010

Firstpage

Lastpage

Abstract

Automated software behavior computation is an emerging technology under development at the Software Engineering Institute that can be applied to analysis of malicious code. Behavior computation is based on the semantics of programming language instructions and the opportunity to compose them to determine net effects of programs. An initial implementation is targeted to malicious code expressed in Intel assembly language.

Keywords

assembly language; invasive software; software engineering; Intel assembly language; Software Engineering Institute; automated software behavior computation; malicious code analysis; malware behavior; programming language instructions; File systems; Malware; Programming; Semantics; Software engineering; functional semantics; malware analysis; program composition; software behavior computation;

fLanguage

English

Publisher

ieee

Conference_Titel

Technologies for Homeland Security (HST), 2010 IEEE International Conference on

Conference_Location

Waltham, MA

Print_ISBN

978-1-4244-6047-2

Type

conf

DOI

10.1109/THS.2010.5655085

Filename

5655085

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3391144