Skip to Main Content

IEEE.org| IEEE Xplore Digital Library| IEEE Standards| IEEE Spectrum| More Sites

Cart (Loading....) | Create Account | Sign In

Author Search^beta | Advanced Search | Preferences | | More Search Options

Browse Conference Publications > Network and System Security ( ...

Automated extraction of polymorphic virus signatures using abstract interpretation

Full Text Sign-In or Purchase

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Username

Password

Purchase PDF
Other Formats

Formats	Non-Member	Member
PDF	$31	$13

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

Already Purchased? View Article
Subscription Options Learn More

3 Author(s)

Chaumette, S. ; Lab. Bordelais de Rech. en Inf., Univ. of Bordeaux, Bordeaux, France ; Ly, O. ; Tabary, R.

In this paper, we present a novel approach for the detection and signature extraction for a subclass of polymorphic computer viruses. Our detection scheme offers 0 false negative and a very low false positives detection rate. We use context-free grammars as viral signatures, and design a process able to extract this signature from a single sample of a virus. Signature extraction is achieved through a light manual information gathering process, followed by an automatic static analysis of the binary code of the virus mutation engine.

Published in:
Network and System Security (NSS), 2011 5th International Conference on

Date of Conference: 6-8 Sept. 2011

Page(s):: 41 - 48
Print ISBN:: 978-1-4577-0458-1
INSPEC Accession Number:: 12342890

Conference Location :: Milan
Digital Object Identifier :: 10.1109/ICNSS.2011.6059958
Product Type:: Conference Publications

Author(s)

Chaumette, S.
Lab. Bordelais de Rech. en Inf., Univ. of Bordeaux, Bordeaux, France
Ly, O. ; Tabary, R.

INSPEC: CONTROLLED INDEXING

computer viruses

context-free grammars

INSPEC: NON CONTROLLED INDEXING

abstract interpretation

automatic static analysis

binary code

context-free grammars

light manual information gathering process

polymorphic computer virus signature automated extraction

viral signatures

virus mutation engine

AUTHOR KEYWORDS

abstract interpretation

binary program analysis

virus detection

virus signatures extraction

IEEE TERMS

Engines

Grammar

Malware

Manuals

Registers

Semantics

Viruses (medical)

Referenced Items are not available for this document.

No versions found for this document.

Standards Dictionary Terms are available to subscribers only.

| Create Account

IEEE Account

Purchase Details

Profile Information

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

IEEE Advancing Technology for Humanity

About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.