Using verification technology to specify and detect malware

Computer viruses and worms are major threats for our computer infrastructure, and thus, for economy and society at large. Recent work has demonstrated that a model checking based approach to malware detection can capture the semantics of security exploits more accurately than traditional approaches, and consequently achieve higher detection rates. In this approach, malicious behavior is formalized using the expressive specification language CTPL based on classic CTL. This paper gives an overview of our toolchain for malware detection and presents our new system for computer assisted generation of malicious code specifications.


Published in:
11th Int. Conf. Computer Aided Systems Theory (Eurocast 2007), Revised Selected Papers, 497-504
Presented at:
Computer Aided Systems Theory (Eurocast 2007), Las Palmas, Spain, February 12-16, 2007
Year:
2007
Publisher:
Berlin Heidelberg, Springer
Keywords:
Laboratories:




 Record created 2011-07-13, last modified 2018-03-17

Postprint:
Download fulltext
PDF

Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)