By Topic

Detection of global, metamorphic malware variants using control and data flow analysis

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Agrawal, H. ; Appl. Commun. Sci., Piscataway, NJ, USA ; Bahler, L. ; Micallef, J. ; Snyder, S.
more authors

Current malware detection and classification tools fail to adequately address variants that are generated automatically using new polymorphic and metamorphic transformation engines that can produce variants that bear no resemblance to one another. Current approaches address this problem by employing syntactic signatures that mimic the underlying control structures such as call- and flow-graphs. These techniques, however, are easily defeated using new program diversification techniques. This hampers our ability to defend against zero day attacks perpetrated by such auto “replicating”, rapidly spreading malware variants. In this paper, we present a new form of abstract malware signature generation that is based on extracting semantic summaries of malware code that is immune to most polymorphic and metamorphic transformations. We also present results of our initial, experimental evaluation of the proposed approach.

Published in:

MILITARY COMMUNICATIONS CONFERENCE, 2012 - MILCOM 2012

Date of Conference:

Oct. 29 2012-Nov. 1 2012