Integrating noninterfering versions of programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks
POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
On the (Im)possibility of Obfuscating Programs
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
A General Theory of Composition for Trace Sets Closed under Selective Interleaving Functions
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The Art of Computer Virus Research and Defense
The Art of Computer Virus Research and Defense
Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Control Code Obfuscation by Abstract Interpretation
SEFM '05 Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods
A semantics-based approach to malware detection
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
What You Lose is What You Leak: Information Leakage in Declassification Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
A semantics-based approach to malware detection
ACM Transactions on Programming Languages and Systems (TOPLAS)
BinHunt: Automatically Finding Semantic Differences in Binary Programs
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Semantics-based code obfuscation by abstract interpretation
Journal of Computer Security
Adjoining classified and unclassified information by abstract interpretation
Journal of Computer Security
Modelling metamorphism by abstract interpretation
SAS'10 Proceedings of the 17th international conference on Static analysis
Behavior abstraction in malware analysis
RV'10 Proceedings of the First international conference on Runtime verification
Malware analysis with tree automata inference
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
On the rôle of abstract non-interference in language-based security
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Semantic-based code obfuscation by abstract interpretation
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Modelling declassification policies using abstract domain completeness
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Adjoining declassification and attack models by abstract interpretation
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Detecting malicious code by model checking
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Opaque predicates detection by abstract interpretation
AMAST'06 Proceedings of the 11th international conference on Algebraic Methodology and Software Technology
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Recognizing malicious software behaviors with tree automata inference
Formal Methods in System Design
On the concept of software obfuscation in computer security
ISC'07 Proceedings of the 10th international conference on Information Security
Fast location of similar code fragments using semantic 'juice'
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
A formal framework for property-driven obfuscation strategies
FCT'13 Proceedings of the 19th international conference on Fundamentals of Computation Theory
Hi-index | 0.00 |
Metamorphic malware continuously modify their code, while preserving their functionality, in order to foil misuse detection. The key for defeating metamorphism relies in a semantic characterization of the embedding of the malware into the target program. Indeed, a behavioral model of program infection that does not relay on syntactic program features should be able to defeat metamorphism. Moreover, a general model of infection should be able to express dependences and interactions between the malicious code and the target program. ANI is a general theory for the analysis of dependences of data in a program. We propose an high order theory for ANI, later called HOANI, that allows to study program dependencies. Our idea is then to formalize and study the malware detection problem in terms of HOANI.