Semantics-aware malware detection
Citations
838 citations
Cites background or methods from "Semantics-aware malware detection"
...However, based on their description, a more powerful static analyzer such as the one introduced by the same authors in [3] can undo these obfuscations....
[...]
...According to [3], such a template consists of “(1) a loop that processes data from a source memory area and writes data to a destination memory area, and (2) a jump that targets the destination area....
[...]
...These detectors [3, 10, 11] operate with abstract models, or templates, that describe the behavior of malicious code....
[...]
...Semantics-Aware Malware Detection: Another system that uses code templates instead of patterns to specify malicious code was presented in [3]....
[...]
796 citations
Cites background from "Semantics-aware malware detection"
...Although semantic-aware signature checking [11] improves its resilience to polymorphic and metamorphic variants, the inherent limitation of the signature based approach is its incapability of detecting previously unseen malware instances....
[...]
756 citations
Cites background from "Semantics-aware malware detection"
...Thefocalpointinthemalware analysis battle is how to detect versus how to hide a malware analyzerfrom malwareduring runtime....
[...]
675 citations
Cites methods from "Semantics-aware malware detection"
...Finally, semantics-aware analysis of malware binaries has been devised by [12] and later on extended by [48,49]....
[...]
648 citations
Cites background or methods from "Semantics-aware malware detection"
...These techniques are especially e ective against byte-level content analysis [18, 20] and static malware analysis methods [8, 10, 12]....
[...]
...Extensive literature exists on static analysis of malicious binaries, e.g. [8, 10, 19, 21]....
[...]
References
1,135 citations
[...]
916 citations
"Semantics-aware malware detection" refers methods in this paper
...Cohen [ 10 ] and Chess-White [6] propose a virus detection model that executes code in a sandbox....
[...]
...Cohen [ 10 ] and Chess-White [6] showed that in general the problem of virus detection is undecidable....
[...]
694 citations
691 citations
"Semantics-aware malware detection" refers methods in this paper
...SAFE can only handle very simple obfuscations (only nops can appear between matching instructions), e.g., the example shown in Figure 1 cannot be handled by SAFE....
[...]
...In this area, we previously described a malware-detection algorithm called SAFE [7]....
[...]
Related Papers (5)
Frequently Asked Questions (2)
Q2. What is the name of the paper?
Winner of best paper award in category “Verification, Simulation, and Test.” Available as http://www.cs.cmu.edu/˜bryant/pubdir/dac95a.pdf.