Recognizing malicious software behaviors with tree automata inference

Recognizing malicious software behaviors with tree automata inference

We explore how formal methods and tools of the verification trade could be used for malware detection and analysis. In particular, we propose a new approach to learning and generalizing from observed malware behaviors based on tree automata inference. Our approach infers k -testable tree automata fr...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Formal methods in system design 2012-08, Vol.41 (1), p.107-128
Hauptverfasser: Babić, Domagoj, Reynaud, Daniel, Song, Dawn
Format: Artikel
Sprache:eng
Schlagworte:
CAE) and Design
Circuits and Systems
Computer-Aided Engineering (CAD
Electrical Engineering
Engineering
Software Engineering/Programming and Operating Systems
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:We explore how formal methods and tools of the verification trade could be used for malware detection and analysis. In particular, we propose a new approach to learning and generalizing from observed malware behaviors based on tree automata inference. Our approach infers k -testable tree automata from system call dataflow dependency graphs. We show how inferred automata can be used for malware recognition and classification.
ISSN:0925-9856
1572-8102
DOI:10.1007/s10703-012-0149-1