Pubs / Malware Analysis with Tree Automata Inference

Malware Analysis with Tree Automata Inference

[PDF] [PS] [PS.BZ2] [VIEW]

  author = {Domagoj Babi\'c and Daniel Reynaud and Dawn Song},
  title = {{Recognizing Malicious Software Behaviors with Tree Automata Inference}},
  journal = {Formal Methods in System Design},
  volume = {41},
  number = {1},
  publisher = {Springer},
  pages = {107--128},
  year = {2012},

Abstract: We explore how formal methods and tools of the verification trade could be used for malware detection and analysis. In particular, we propose a new approach to learning and generalizing from observed malware behaviors based on tree automata inference. Our approach infers k-testable tree automata from system call dataflow dependency graphs. We show how inferred automata can be used for malware recognition and classification.

Page last modified on August 20, 2012, at 07:48 PM