Patterns in property specifications for finite-state verification
Proceedings of the 21st international conference on Software engineering
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic
Logic of Programs, Workshop
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
The Art of Computer Virus Research and Defense
The Art of Computer Virus Research and Defense
Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Software Library Usage Pattern Extraction Using a Software Model Checker
ASE '06 Proceedings of the 21st IEEE/ACM International Conference on Automated Software Engineering
A semantics-based approach to malware detection
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Detecting malicious code by model checking
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Modelling metamorphism by abstract interpretation
SAS'10 Proceedings of the 17th international conference on Static analysis
Malware analysis with tree automata inference
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Pushdown model checking for malware detection
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Recognizing malicious software behaviors with tree automata inference
Formal Methods in System Design
PoMMaDe: pushdown model-checking for malware detection
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Detecting machine-morphed malware variants via engine attribution
Journal in Computer Virology
Hi-index | 0.00 |
Computer viruses and worms are major threats for our computer infrastructure, and thus, for economy and society at large. Recent work has demonstrated that a model checking based approach to malware detection can capture the semantics of security exploits more accurately than traditional approaches, and consequently achieve higher detection rates. In this approach, malicious behavior is formalized using the expressive specification language CTPL based on classic CTL. This paper gives an overview of our toolchain for malware detection and presents our new system for computer assisted generation of malicious code specifications.