Semantics-aware malware detection

Christodorescu, Mihai; Jha, Somesh; Seshia, Sanjit A.; Song, Dawn; Bryant, Randal E.

doi:10.1109/sp.2005.20

articleJan 1, 2005GREEN OA

Semantics-aware malware detection

MCMihai Christodorescu SJSomesh Jha SASanjit A. Seshia DSDawn Song RERandal E. Bryant

University of Wisconsin–Madison · Carnegie Mellon University

Indexed incrossrefdatacite

Abstract

A malware detector is a system that attempts to determine whether a program has malicious intent. In order to evade detection, malware writers (hackers) frequently use obfuscation to morph malware. Malware detectors that use a pattern-matching approach (such as commercial virus scanners) are susceptible to obfuscations used by hackers. The fundamental deficiency in the pattern-matching approach to malware detection is that it is purely syntactic and ignores the semantics of instructions. In this paper, we present a malware-detection algorithm that addresses this deficiency by incorporating instruction semantics to detect malicious program traits. Experimental evaluation demonstrates that our malware-detection…

Citation impact

723

total citations

FWCI: 36.96
Percentile: 100%
References: 36

Citations per year

Authors

5

Topics & keywords

Topics

Keywords

Malware
Computer science
Cryptovirology
Hacker
Obfuscation
Semantics (computer science)
Overhead (engineering)
Pattern matching

UN Sustainable Development Goals

Peace, Justice and strong institutions

No related works found for this paper.